www.bankinfosecurity.com Open in urlscan Pro
50.56.167.254  Public Scan

69 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 124

• https://chatserver.comm100.com/livechat.ashx?siteId=92035 HTTP 301
• https://vue.comm100.com/livechat.ashx?siteId=92035

Request Chain 138

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=749&url=https%3A%2F%2Fwww.bankinfosecurity.com%2Fhijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022&time=1585666828639 HTTP 302
• https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D749%26url%3Dhttps%253A%252F%252Fwww.bankinfosecurity.com%252Fhijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022%26time%3D1585666828639%26liSync%3Dtrue HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=749&url=https%3A%2F%2Fwww.bankinfosecurity.com%2Fhijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022&time=1585666828639&liSync=true

Request Chain 197

• https://tags.bluekai.com/site/20486?limit=0&id=3609249039358885954&redir=https://ml314.com/csync.ashx%3Ffp=$_BK_UUID%26person_id=3609249039358885954%26eid=50056 HTTP 302
• https://ml314.com/csync.ashx?fp=H7T01999999DYTBK&person_id=3609249039358885954&eid=50056

Request Chain 198

• https://idsync.rlcdn.com/395886.gif?partner_uid=3609249039358885954 HTTP 307
• https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYwOTI0OTAzOTM1ODg4NTk1NBAAGg0Ij7aN9AUSBQjoBxAAQgBKAA HTTP 307
• https://ml314.com/csync.ashx?fp=6ad855929243f8ec9883d35728ec5678e168fbf5049f541ef9955d0c3092fcf7f4cb09cee1a4f8eb&person_id=3609249039358885954&eid=50082

Request Chain 199

• https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
• https://ml314.com/utsync.ashx?eid=53819&et=0&fp=cea81d2b-c8d7-41ea-a3d1-d6883b9618fc HTTP 302
• https://ml314.com/csync.ashx?fp=cea81d2b-c8d7-41ea-a3d1-d6883b9618fc&person_id=3609249039358885954&eid=53819

Request Chain 200

• https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3609249039358885954 HTTP 302
• https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3609249039358885954 HTTP 302
• https://ml314.com/csync.ashx?fp=54e07b7f4caff634ba9d0d64c08164c0&eid=50146&person_id=3609249039358885954

Request Chain 201

• https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif HTTP 302
• https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif HTTP 302
• https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2786_sSKDI5CtcrgS0F7zgxRchPe-dkyeYsz9bCOx8ho&gdpr=1&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil HTTP 302
• https://ml314.com/csync.ashx?fp=2786_sSKDI5CtcrgS0F7zgxRchPe-dkyeYsz9bCOx8ho&person_id=3609249039358885954&eid=50052&return=https%3a%2f%2fps.eyeota.net%2fmatch%3fbid%3dr8hrb20%26uid%3dnil HTTP 302
• https://ps.eyeota.net/match?bid=r8hrb20&uid=nil

Request Chain 215

• https://pixel-a.basis.net/iap/64ead273d1f41aa7 HTTP 301
• https://pixel.sitescout.com/iap/64ead273d1f41aa7

218 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
6 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Show response www.bankinfosecurity.com/	372 KB 54 KB	600ms 328ms	Document text/html	50.56.167.254 RMH-14
General Check archive.org Show headers Download Go to Full URL https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US), Reverse DNS Software Apache / Resource Hash 7e18d7dddfc3a6ea7bc1eb27555a682acc17a23a54642ca1577c5dff2bac5d18 Request headers Host www.bankinfosecurity.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest document Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest document Response headers Date Tue, 31 Mar 2020 15:00:26 GMT Server Apache Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate Pragma no-cache Content-Encoding gzip Vary Accept-Encoding Set-Cookie PHPSESSID=tbp92nltv8ru5uq8h4g335k59b; expires=Tue, 31-Mar-2020 19:00:26 GMT; Max-Age=14400; path=/ _advert=false; expires=Wed, 01-Apr-2020 15:00:26 GMT; Max-Age=86400; path=/ Keep-Alive timeout=5, max=100 Connection Keep-Alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	jquery-ui.min.css www.bankinfosecurity.com/css-responsive/vendor/	25 KB 5 KB	261ms 137ms	Stylesheet text/css	50.56.167.254 RMH-14
General Check archive.org Show headers Download Go to Full URL https://www.bankinfosecurity.com/css-responsive/vendor/jquery-ui.min.css Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US), Reverse DNS Software Apache / Resource Hash fc54c09a7a71615ec35a22ed20afa4034588986ed88c3fc184b2c0bc637c33fb Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers Date Tue, 31 Mar 2020 15:00:26 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding Content-Type text/css Cache-Control max-age=86400, private, must-revalidate Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 4896
GET H/1.1	200 OK	mediaelementplayer-updated.css www.bankinfosecurity.com/css-responsive/vendor/	11 KB 3 KB	397ms 136ms	Stylesheet text/css	50.56.167.254 RMH-14
General Check archive.org Show headers Download Go to Full URL https://www.bankinfosecurity.com/css-responsive/vendor/mediaelementplayer-updated.css Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US), Reverse DNS Software Apache / Resource Hash 1a0bbdba57f90a60fef89419fc940d8eae55c5b0d12ecbadde2beaef32ab2d90 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers Date Tue, 31 Mar 2020 15:00:26 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding Content-Type text/css Cache-Control max-age=86400, private, must-revalidate Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 2622
GET H2	200	css fonts.googleapis.com/	25 KB 1 KB	20ms 15ms	Stylesheet text/css	2a00:1450:4001:808::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800 Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d3fb385aad2757e720c0e49ca0b807172ff255ad2dc2bf4b1998e632297800a9 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 31 Mar 2020 15:00:26 GMT server ESF date Tue, 31 Mar 2020 15:00:26 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 31 Mar 2020 15:00:26 GMT
GET H/1.1	200 OK	main.css www.bankinfosecurity.com/css-responsive/	231 KB 42 KB	404ms 139ms	Stylesheet text/css	50.56.167.254 RMH-14
General Check archive.org Show headers Download Go to Full URL https://www.bankinfosecurity.com/css-responsive/main.css Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US), Reverse DNS Software Apache / Resource Hash 3d6601f455d1861307f2e2266ac347f8dffe2e109e153f228024becd258b2784 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers Date Tue, 31 Mar 2020 15:00:26 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding Content-Type text/css Cache-Control max-age=86400, private, must-revalidate Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 42778
GET H/1.1	200 OK	prettyPhoto.css www.bankinfosecurity.com/css-responsive/	21 KB 3 KB	399ms 134ms	Stylesheet text/css	50.56.167.254 RMH-14
General Check archive.org Show headers Download Go to Full URL https://www.bankinfosecurity.com/css-responsive/prettyPhoto.css Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US), Reverse DNS Software Apache / Resource Hash 7d0bada0d9b66aa1ca8eb906bb9736ca96e3859e9c05287a8f0cf5ffa9ff8760 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers Date Tue, 31 Mar 2020 15:00:26 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding Content-Type text/css Cache-Control max-age=86400, private, must-revalidate Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 2840
GET H/1.1	200 OK	bis-hdr.desktop.r2.css www.bankinfosecurity.com/css-responsive/vendor/	8 KB 2 KB	401ms 134ms	Stylesheet text/css	50.56.167.254 RMH-14
General Check archive.org Show headers Download Go to Full URL https://www.bankinfosecurity.com/css-responsive/vendor/bis-hdr.desktop.r2.css Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US), Reverse DNS Software Apache / Resource Hash eefc2533a82b69fab9b19b9e316bb606e70d17d61b57f9ea841b26c59624bc20 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers Date Tue, 31 Mar 2020 15:00:26 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding Content-Type text/css Cache-Control max-age=86400, private, must-revalidate Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 1956
GET H/1.1	200 OK	bis-hdr.mobile.r2.css www.bankinfosecurity.com/css-responsive/vendor/	9 KB 2 KB	402ms 134ms	Stylesheet text/css	50.56.167.254 RMH-14
General Check archive.org Show headers Download Go to Full URL https://www.bankinfosecurity.com/css-responsive/vendor/bis-hdr.mobile.r2.css Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US), Reverse DNS Software Apache / Resource Hash 77c36fad51d04a56e55d1d454094c4312c3b11443f42b456c3f5082d66696be1 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers Date Tue, 31 Mar 2020 15:00:26 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding Content-Type text/css Cache-Control max-age=86400, private, must-revalidate Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 2133
GET H/1.1	200 OK	font-awesome.min.css www.bankinfosecurity.com/css-responsive/vendor/	22 KB 5 KB	411ms 137ms	Stylesheet text/css	50.56.167.254 RMH-14
General Check archive.org Show headers Download Go to Full URL https://www.bankinfosecurity.com/css-responsive/vendor/font-awesome.min.css Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US), Reverse DNS Software Apache / Resource Hash 93f466f6b1a81c848140e51c839a5372034ab22182601e86dd86947ad3a7fe94 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers Date Tue, 31 Mar 2020 15:00:26 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding Content-Type text/css Cache-Control max-age=86400, private, must-revalidate Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 5049
GET H/1.1	200 OK	jquery.min.js Show response www.bankinfosecurity.com/javascripts-responsive/vendor/	91 KB 33 KB	536ms 140ms	Script application/javascript	50.56.167.254 RMH-14
General Check archive.org Show headers Download Go to Full URL https://www.bankinfosecurity.com/javascripts-responsive/vendor/jquery.min.js Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US), Reverse DNS Software Apache / Resource Hash eccabf5cc7613433c3ddc71ff34391ae850d304d3aceb5666868c4947134f3b5 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Tue, 31 Mar 2020 15:00:26 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=86400, private, must-revalidate Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 33094
GET H/1.1	200 OK	modernizr.j Show response www.bankinfosecurity.com/javascripts-responsive/vendor/	11 KB 11 KB	533ms 134ms	Script text/plain	50.56.167.254 RMH-14
General Check archive.org Show headers Download Go to Full URL https://www.bankinfosecurity.com/javascripts-responsive/vendor/modernizr.j Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US), Reverse DNS Software Apache / Resource Hash 7e1e8c883fd8fb0cafdc1636bb195f28a7d8cfb3bf865ab40af470634d2f62ba Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Tue, 31 Mar 2020 15:00:26 GMT Last-Modified Wed, 25 Mar 2020 18:45:31 GMT Server Apache ETag "2b4c-5a1b245da4b35" Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 11084
GET H/1.1	200 OK	bootstrap.min.js Show response www.bankinfosecurity.com/javascripts-responsive/vendor/	35 KB 9 KB	537ms 136ms	Script application/javascript	50.56.167.254 RMH-14
General Check archive.org Show headers Download Go to Full URL https://www.bankinfosecurity.com/javascripts-responsive/vendor/bootstrap.min.js Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US), Reverse DNS Software Apache / Resource Hash 3fede2d0c0a8c93b0c5d0ab0c38289a5743bb88720255b8298c520d2e3d90939 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Tue, 31 Mar 2020 15:00:26 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=86400, private, must-revalidate Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 9328
GET H/1.1	200 OK	jquery.validate.min.js Show response www.bankinfosecurity.com/javascripts-responsive/vendor/	21 KB 7 KB	539ms 137ms	Script application/javascript	50.56.167.254 RMH-14
General Check archive.org Show headers Download Go to Full URL https://www.bankinfosecurity.com/javascripts-responsive/vendor/jquery.validate.min.js Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US), Reverse DNS Software Apache / Resource Hash e51831d751ef667b1f703a47bb05802b681e6a30816f5cce0d56c3552a4eaa31 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Tue, 31 Mar 2020 15:00:26 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=86400, private, must-revalidate Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 6689
GET H/1.1	200 OK	mediaelement-and-player-updated.min.js Show response www.bankinfosecurity.com/javascripts-responsive/vendor/	154 KB 38 KB	554ms 143ms	Script application/javascript	50.56.167.254 RMH-14
General Check archive.org Show headers Download Go to Full URL https://www.bankinfosecurity.com/javascripts-responsive/vendor/mediaelement-and-player-updated.min.js Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US), Reverse DNS Software Apache / Resource Hash 4e7304371ef9bcaea396e8928a9647f8306c296b9195c8763848d70c7f6f1390 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Tue, 31 Mar 2020 15:00:26 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=86400, private, must-revalidate Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 38476
GET H/1.1	200 OK	tinymce.min.js Show response www.bankinfosecurity.com/javascripts-responsive/vendor/	295 KB 101 KB	664ms 139ms	Script application/javascript	50.56.167.254 RMH-14
General Check archive.org Show headers Download Go to Full URL https://www.bankinfosecurity.com/javascripts-responsive/vendor/tinymce.min.js Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US), Reverse DNS Software Apache / Resource Hash 247d04c4d14c60a79c16245a74a792a662f9e7adf784d68edd4520a35ec90251 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Tue, 31 Mar 2020 15:00:26 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=86400, private, must-revalidate Transfer-Encoding chunked Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99
GET H/1.1	200 OK	jquery.validate.bootstrap.popover.js Show response www.bankinfosecurity.com/javascripts-responsive/vendor/	2 KB 1 KB	668ms 134ms	Script application/javascript	50.56.167.254 RMH-14
General Check archive.org Show headers Download Go to Full URL https://www.bankinfosecurity.com/javascripts-responsive/vendor/jquery.validate.bootstrap.popover.js Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US), Reverse DNS Software Apache / Resource Hash 04d304d7ee49ac157f146382a46f02a666279bd7f29074f50e863b88f2affae9 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Tue, 31 Mar 2020 15:00:26 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=86400, private, must-revalidate Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 926
GET H/1.1	200 OK	jquery.placeholder.js Show response www.bankinfosecurity.com/javascripts-responsive/vendor/	2 KB 1 KB	673ms 134ms	Script application/javascript	50.56.167.254 RMH-14
General Check archive.org Show headers Download Go to Full URL https://www.bankinfosecurity.com/javascripts-responsive/vendor/jquery.placeholder.js Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US), Reverse DNS Software Apache / Resource Hash 256a489beea4a14eca458f6e5436758f1fcb8dd34034d3c36dd21b22a5841f3b Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Tue, 31 Mar 2020 15:00:26 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=86400, private, must-revalidate Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 922
GET H/1.1	200 OK	jquery-ui.min.js Show response www.bankinfosecurity.com/javascripts-responsive/vendor/	222 KB 60 KB	684ms 144ms	Script application/javascript	50.56.167.254 RMH-14
General Check archive.org Show headers Download Go to Full URL https://www.bankinfosecurity.com/javascripts-responsive/vendor/jquery-ui.min.js Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US), Reverse DNS Software Apache / Resource Hash 78cf63898c91ce3b95e37bc53e07adba5c2ee705ff28c2dd1dd784173c264ad1 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Tue, 31 Mar 2020 15:00:26 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=86400, private, must-revalidate Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 61345
GET H/1.1	200 OK	crypt_des.js Show response www.bankinfosecurity.com/javascripts-responsive/vendor/	9 KB 3 KB	676ms 135ms	Script application/javascript	50.56.167.254 RMH-14
General Check archive.org Show headers Download Go to Full URL https://www.bankinfosecurity.com/javascripts-responsive/vendor/crypt_des.js Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US), Reverse DNS Software Apache / Resource Hash aed1d71b7280c09f06dc1f8e87795f9d89f7a1a8ab1af32ff8c92037ddeed6ee Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Tue, 31 Mar 2020 15:00:26 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=86400, private, must-revalidate Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 2857
GET H2	200	addthis_widget.js Show response s7.addthis.com/js/250/	349 KB 113 KB	78ms 26ms	Script application/javascript	23.210.248.44 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://s7.addthis.com/js/250/addthis_widget.js Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-210-248-44.deploy.static.akamaitechnologies.com Software nginx/1.15.8 / Resource Hash ab8ceea757a634f5ce5a9ed6f6b4bcdd555869b385d315854e16914a2f5a3bc7 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers strict-transport-security max-age=15724800; includeSubDomains content-encoding gzip last-modified Tue, 21 Jan 2020 20:57:37 GMT server nginx/1.15.8 etag "5e2765c1-57446" vary Accept-Encoding x-distribution 99 content-type application/javascript status 200 cache-control public, max-age=600 date Tue, 31 Mar 2020 15:00:26 GMT x-host s7.addthis.com content-length 114924
GET H/1.1	200 OK	headerlogo-bis.png www.bankinfosecurity.com/images-responsive/logos/	2 KB 2 KB	134ms 134ms	Image image/png	50.56.167.254 RMH-14
General Check archive.org Show headers Download Go to Show image Full URL https://www.bankinfosecurity.com/images-responsive/logos/headerlogo-bis.png Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US), Reverse DNS Software Apache / Resource Hash ea3325c2094d82033ce9583d4180194fb82729dfae65b62925831a88a6838d7c Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:27 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding Content-Type image/png Cache-Control max-age=86400, private, must-revalidate Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 1682
GET H/1.1	200 OK	fbi-fin7-attackers-mail-teddy-bears-badusbs-to-targets-showcase_image-5-a-14029.jpg 130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/	92 KB 92 KB	79ms 35ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/fbi-fin7-attackers-mail-teddy-bears-badusbs-to-targets-showcase_image-5-a-14029.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash b677a9ae626b96b1d4e8def6d704aa7739478cc9b3da061d3be44c62982aba5b Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:26 GMT Last-Modified Mon, 30 Mar 2020 15:45:53 GMT ETag ccf82c7540276d8e9ca3ee3d01c9a001 Content-Type image/jpeg X-Timestamp 1585583152.91903 Cache-Control public, max-age=9985 Content-Length 94078 Connection keep-alive Accept-Ranges bytes X-Trans-Id txe528ebac4d184d37b8a3d-005e82308bdfw1 Expires Tue, 31 Mar 2020 17:46:51 GMT
GET H/1.1	200 OK	covid-19-human-side-cybersecurity-leadership-showcase_image-1-a-14028.jpg 130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/	97 KB 98 KB	23ms 22ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/covid-19-human-side-cybersecurity-leadership-showcase_image-1-a-14028.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash c3e789eb6f2382df2b03ab212dda8ace8f9f8cfd3171ebb8ffdee924e07ba343 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:26 GMT Last-Modified Mon, 30 Mar 2020 15:43:52 GMT ETag 645748ca0f4b0ae6f9762ea6cbe78c7e Content-Type image/jpeg X-Timestamp 1585583031.14682 Cache-Control public, max-age=83066 Content-Length 99811 Connection keep-alive Accept-Ranges bytes X-Trans-Id txfb6b4442cb33419aa2d17-005e821b89dfw1 Expires Wed, 01 Apr 2020 14:04:52 GMT
GET H/1.1	200 OK	covid-19-crisis-how-to-manage-vpns-showcase_image-10-a-14027.jpg 130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/	386 KB 386 KB	25ms 25ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/covid-19-crisis-how-to-manage-vpns-showcase_image-10-a-14027.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash bd192efa7b4b741ca800cf501c2d2b9b09785a97f77fdb347abbb657d2971588 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:26 GMT Last-Modified Mon, 30 Mar 2020 12:14:39 GMT ETag 6b7bb825caffb0b4b2ac9cdb884f7f59 Content-Type image/jpeg X-Timestamp 1585570478.84226 Cache-Control public, max-age=72691 Content-Length 394812 Connection keep-alive Accept-Ranges bytes X-Trans-Id tx36d41d6f81f8447d95067-005e81f41fdfw1 Expires Wed, 01 Apr 2020 11:11:57 GMT
GET H/1.1	200 OK	zoom-apologizes-after-facebook-login-privacy-snafu-showcase_image-1-a-14026.jpg 130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/	58 KB 58 KB	23ms 23ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/zoom-apologizes-after-facebook-login-privacy-snafu-showcase_image-1-a-14026.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash ba5cd7ce2c4174ee0a74ac117815f99c8be4a685214288c7a7bd5687557b99e6 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:26 GMT Last-Modified Mon, 30 Mar 2020 05:35:34 GMT ETag 013c37c8b27c4198c87fbdf0074e4b58 Content-Type image/jpeg X-Timestamp 1585546533.72653 Cache-Control public, max-age=54343 Content-Length 59348 Connection keep-alive Accept-Ranges bytes X-Trans-Id tx398ee1c18cad46588af9b-005e81cc69dfw1 Expires Wed, 01 Apr 2020 06:06:09 GMT
GET H/1.1	200 OK	analysis-russias-covid-19-disinformation-campaign-showcase_image-2-i-4633.jpg 0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/	104 KB 104 KB	79ms 35ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/analysis-russias-covid-19-disinformation-campaign-showcase_image-2-i-4633.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash 04bb97f1789a6d93e6c625094b1b5ed0c1d212dd709123a15a54bd55e86d7f22 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:26 GMT Last-Modified Thu, 26 Mar 2020 20:35:14 GMT ETag a197e4f94a8aa71037d14838210161f5 Content-Type image/jpeg X-Timestamp 1585254913.48955 Cache-Control public, max-age=76312 Content-Length 106571 Connection keep-alive Accept-Ranges bytes X-Trans-Id txffb126b081864ae09df19-005e7dc35cdfw1 Expires Wed, 01 Apr 2020 12:12:18 GMT
GET H/1.1	200 OK	ecommerce-surge-guarding-against-fraud-showcase_image-1-i-4632.jpg 0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/	64 KB 64 KB	23ms 22ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/ecommerce-surge-guarding-against-fraud-showcase_image-1-i-4632.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash 0459050142965828741b35287d88cb578c748307d7ccede0d285d117b025d0d6 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:26 GMT Last-Modified Thu, 26 Mar 2020 18:44:26 GMT ETag 204135554a157b7a85dbf52fb53f5308 Content-Type image/jpeg X-Timestamp 1585248265.78254 Cache-Control public, max-age=54157 Content-Length 65402 Connection keep-alive Accept-Ranges bytes X-Trans-Id txf667b5e3ade94b1bb568c-005e7cfac2dfw1 Expires Wed, 01 Apr 2020 06:03:03 GMT
GET H/1.1	200 OK	election-integrity-in-covid-19-era-showcase_image-9-i-4628.jpg 0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/	86 KB 87 KB	23ms 22ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/election-integrity-in-covid-19-era-showcase_image-9-i-4628.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash 3edc6a037500d767bc93f9a809c1a414f86dac69c3112d0bfdd6053f03a02f6b Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:26 GMT Last-Modified Tue, 24 Mar 2020 15:43:20 GMT ETag 8738185311fae4f57b8a5b1fe91c5a24 Content-Type image/jpeg X-Timestamp 1585064599.66749 Cache-Control public, max-age=55283 Content-Length 88406 Connection keep-alive Accept-Ranges bytes X-Trans-Id txc62dcd49c6254add9e290-005e7a2dd8dfw1 Expires Wed, 01 Apr 2020 06:21:49 GMT
GET H/1.1	200 OK	covid-19-security-risks-as-manufacturers-shift-gears-showcase_image-3-i-4626.jpg 0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/	62 KB 62 KB	26ms 25ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/covid-19-security-risks-as-manufacturers-shift-gears-showcase_image-3-i-4626.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash aad1fe936a4e01fcb9aa3ff2516185ce0df2a753d41b4ef24192ab8e3fa06b6f Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:26 GMT Last-Modified Mon, 23 Mar 2020 19:01:31 GMT ETag f8ae6dc85191f0360a22b7413bd9f007 Content-Type image/jpeg X-Timestamp 1584990090.27217 Cache-Control public, max-age=35600 Content-Length 63337 Connection keep-alive Accept-Ranges bytes X-Trans-Id tx5a2e41df077e4e2d9770f-005e790ab1dfw1 Expires Wed, 01 Apr 2020 00:53:46 GMT
GET H/1.1	200 OK	russias-cybercrime-rule-reminder-never-hack-russians-showcase_image-9-p-2888.jpg 4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com/	74 KB 75 KB	168ms 34ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com/russias-cybercrime-rule-reminder-never-hack-russians-showcase_image-9-p-2888.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash 6ef4b7c2eb4cbb823a73244076b42de99edda11bec4f15e079ac929c0a2de9e6 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:27 GMT Last-Modified Fri, 27 Mar 2020 12:11:46 GMT ETag f5db72745b240967c11f385d0910daf7 Content-Type image/jpeg X-Timestamp 1585311105.83301 Cache-Control public, max-age=81843 Content-Length 76183 Connection keep-alive Accept-Ranges bytes X-Trans-Id txd7af808991ec494688215-005e7dedf2dfw1 Expires Wed, 01 Apr 2020 13:44:30 GMT
GET H/1.1	200 OK	social-engineerings-role-in-cyber-fraud-what-we-are-doing-about-it-imageLarge-8-p-2887.JPG 4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com/	114 KB 114 KB	24ms 23ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com/social-engineerings-role-in-cyber-fraud-what-we-are-doing-about-it-imageLarge-8-p-2887.JPG Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash c0870cef43984cea535d7ce2ed0628fa2d636935a99f2a5c2bca8ae50da8ddfb Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:27 GMT Last-Modified Thu, 26 Mar 2020 21:07:18 GMT ETag adb873d9c92e5c59f4731d44921253ae Content-Type image/jpeg X-Timestamp 1585256837.11628 Cache-Control public, max-age=56633 Content-Length 116554 Connection keep-alive Accept-Ranges bytes X-Trans-Id txabcaa4e34d0b4f3b9e3e9-005e7d1ae6dfw1 Expires Wed, 01 Apr 2020 06:44:20 GMT
GET H/1.1	200 OK	whats-return-on-investment-vendor-management-platform-showcase_image-10-p-2858.jpg 4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com/	115 KB 115 KB	22ms 22ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com/whats-return-on-investment-vendor-management-platform-showcase_image-10-p-2858.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash be6be76ca745414b27ef45501225245c2565227dcbe5570732bbffb1ac1937b2 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:27 GMT Last-Modified Tue, 24 Mar 2020 18:56:05 GMT ETag 3489b7ebc885b1c3c02b3125f2b22f8a Content-Type image/jpeg X-Timestamp 1585076164.83697 Cache-Control public, max-age=81884 Content-Length 117308 Connection keep-alive Accept-Ranges bytes X-Trans-Id tx53a9781bbb564e0293e02-005e7a58fadfw1 Expires Wed, 01 Apr 2020 13:45:11 GMT
GET H/1.1	200 OK	mfa-trials-be-burden-or-breeze-showcase_image-1-p-2875.jpg 4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com/	37 KB 37 KB	22ms 22ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com/mfa-trials-be-burden-or-breeze-showcase_image-1-p-2875.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash 9022b0d0fd341da6614f08d23feb5d7766c2f87e66c55fa2f6d0b2dc19c12390 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:27 GMT Last-Modified Tue, 17 Mar 2020 13:51:10 GMT ETag 0297f594a64a0ae31394bb4956b3f6ef Content-Type image/jpeg X-Timestamp 1584453069.26638 Cache-Control public, max-age=21097 Content-Length 37404 Connection keep-alive Accept-Ranges bytes X-Trans-Id tx706cc35d81a1435d85b8c-005e7a2115dfw1 Expires Tue, 31 Mar 2020 20:52:04 GMT
GET H/1.1	200 OK	covid19-remote-workforce-security-strategies-showcase_image-9-a-14012.jpg 130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/	285 KB 286 KB	22ms 22ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/covid19-remote-workforce-security-strategies-showcase_image-9-a-14012.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash b03039dc6675c43e6bacf7033b96216c85ae02d7faf419d78d982d48bd296c6b Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:27 GMT Last-Modified Thu, 26 Mar 2020 10:45:06 GMT ETag 74bad7e2fa3ce9fa1165588fe9d03e5d Content-Type image/jpeg X-Timestamp 1585219505.94135 Cache-Control public, max-age=69949 Content-Length 292309 Connection keep-alive Accept-Ranges bytes X-Trans-Id tx46ad329c0857404f832cc-005e7e4cb0dfw1 Expires Wed, 01 Apr 2020 10:26:16 GMT
GET H/1.1	200 OK	covid-19-digital-exposure-crisis-showcase_image-3-a-14021.jpg 130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/	107 KB 107 KB	40ms 25ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/covid-19-digital-exposure-crisis-showcase_image-3-a-14021.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash 49b769c2629bd2bd63eb61cb152bb8ccb934266d9aae47567e43e3fac20c7414 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:27 GMT Last-Modified Fri, 27 Mar 2020 14:45:23 GMT ETag 2a429d3a2c2ebb7c233a5806c150c868 Content-Type image/jpeg X-Timestamp 1585320322.13207 Cache-Control public, max-age=79136 Content-Length 109073 Connection keep-alive Accept-Ranges bytes X-Trans-Id tx1deecf393b3140c981237-005e7e16f6dfw1 Expires Wed, 01 Apr 2020 12:59:23 GMT
GET H/1.1	200 OK	tackling-challenges-around-dwell-times-visibility-showcase_image-8-a-13884.jpg 130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/	59 KB 59 KB	51ms 23ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/tackling-challenges-around-dwell-times-visibility-showcase_image-8-a-13884.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash 3e7547a62e6d182a13a336293cc60a80152ad60e7cc2ae1d2aa6c1539eeeb2d3 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:27 GMT Last-Modified Thu, 05 Mar 2020 16:04:36 GMT ETag f159c9867556eec8a5360d3493db29ad Content-Type image/jpeg X-Timestamp 1583424275.63523 Cache-Control public, max-age=51454 Content-Length 60191 Connection keep-alive Accept-Ranges bytes X-Trans-Id tx118ba11e0c8a47f29b8db-005e7d09bbdfw1 Expires Wed, 01 Apr 2020 05:18:01 GMT
GET H/1.1	200 OK	disruption-new-norm-how-will-you-secure-dynamic-workforce-showcase_image-5-w-2356.jpg 75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/	461 KB 462 KB	79ms 36ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/disruption-new-norm-how-will-you-secure-dynamic-workforce-showcase_image-5-w-2356.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash ed086ad504dd6e5f0a141e7fb5136f49553cde2bc69a2dcda2d187c76d526f1f Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:27 GMT Last-Modified Thu, 26 Mar 2020 17:26:47 GMT ETag b1238d204f7adbb04cd6644109e749a5 Content-Type image/jpeg X-Timestamp 1585243606.16801 Cache-Control public, max-age=15230 Content-Length 472242 Connection keep-alive Accept-Ranges bytes X-Trans-Id tx604ddd921ee04377bfa25-005e824536dfw1 Expires Tue, 31 Mar 2020 19:14:17 GMT
GET H/1.1	200 OK	live-webinar-transforming-customer-experience-modern-customer-identity-access-management-ciam-solution-showcase_image-1-w-2353.jpg 75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/	44 KB 44 KB	77ms 35ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/live-webinar-transforming-customer-experience-modern-customer-identity-access-management-ciam-solution-showcase_image-1-w-2353.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash 020831f4e1cbf7af287cc50f0de66c7eb334637347dac8bfabe658602575e544 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:27 GMT Last-Modified Wed, 25 Mar 2020 15:13:16 GMT ETag 049ac6fb7cf78a407578b81b340fea92 Content-Type image/jpeg X-Timestamp 1585149195.99294 Cache-Control public, max-age=58263 Content-Length 44732 Connection keep-alive Accept-Ranges bytes X-Trans-Id txe142a7f51ab54d149ce8b-005e7bab37dfw1 Expires Wed, 01 Apr 2020 07:11:30 GMT
GET H/1.1	200 OK	live-webinar-gdpr-vs-ccpa-vs-ccpa-20-10-critical-differences-showcase_image-5-w-2352.jpg 75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/	106 KB 106 KB	63ms 23ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/live-webinar-gdpr-vs-ccpa-vs-ccpa-20-10-critical-differences-showcase_image-5-w-2352.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash 0a633a5c7c942f0671a58ca42aa81bd87bdfe8d02cb8f0c1905e9f6f4e2538cc Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:27 GMT Last-Modified Wed, 18 Mar 2020 19:52:02 GMT ETag 4061f952e90a9ea713ba921f06c8b811 Content-Type image/jpeg X-Timestamp 1584561121.85242 Cache-Control public, max-age=55302 Content-Length 108466 Connection keep-alive Accept-Ranges bytes X-Trans-Id tx47eb9338bc4b4889abbd1-005e7950dbdfw1 Expires Wed, 01 Apr 2020 06:22:09 GMT
GET H/1.1	200 OK	four-identity-management-best-practices-for-improving-patient-care-as-learned-from-top-us-childrens-hospitals-showcase_image-9-w-2338.jpg 75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/	88 KB 88 KB	83ms 23ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/four-identity-management-best-practices-for-improving-patient-care-as-learned-from-top-us-childrens-hospitals-showcase_image-9-w-2338.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash 5b47ceb06fbb6af5dcc0995333e9e7b862134a126355fb1a6b262841bdf62c3f Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:27 GMT Last-Modified Fri, 06 Mar 2020 22:50:27 GMT ETag bf20dbdd3868ada6e367bef7cb6c1ca1 Content-Type image/jpeg X-Timestamp 1583535026.49687 Cache-Control public, max-age=54151 Content-Length 89871 Connection keep-alive Accept-Ranges bytes X-Trans-Id tx723e10338a0f4cafb8768-005e71a45cdfw1 Expires Wed, 01 Apr 2020 06:02:58 GMT
GET H/1.1	200 OK	live-webinar-more-data-more-problems-applying-right-automation-to-propel-security-operations-showcase_image-9-w-2325.jpg 75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/	45 KB 45 KB	103ms 22ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/live-webinar-more-data-more-problems-applying-right-automation-to-propel-security-operations-showcase_image-9-w-2325.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash 84118d7e088d238a09059e0cac2395b274544749dd86d1064c06de8943d507cc Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:27 GMT Last-Modified Wed, 26 Feb 2020 21:38:02 GMT ETag 75a2c56c9fce96cb1147566195a27397 Content-Type image/jpeg X-Timestamp 1582753081.92317 Cache-Control public, max-age=14786 Content-Length 45797 Connection keep-alive Accept-Ranges bytes X-Trans-Id tx952199b9ec444698b5125-005e71a45cdfw1 Expires Tue, 31 Mar 2020 19:06:53 GMT
GET H/1.1	200 OK	live-webinar-medium-sized-companies-automate-access-to-critical-multi-cloud-environments-showcase_image-4-w-2328.jpg 75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/	23 KB 23 KB	107ms 22ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/live-webinar-medium-sized-companies-automate-access-to-critical-multi-cloud-environments-showcase_image-4-w-2328.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash 231adabcd9983427d9c8719c6559c018fa4faf43405bddb5f0ab304d1c3d1aaa Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:27 GMT Last-Modified Fri, 28 Feb 2020 15:50:52 GMT ETag fe9097ba5e04ca3d9da6fa1232005c60 Content-Type image/jpeg X-Timestamp 1582905051.94848 Cache-Control public, max-age=32067 Content-Length 23127 Connection keep-alive Accept-Ranges bytes X-Trans-Id tx4a10ba867b93479aafe72-005e731920dfw1 Expires Tue, 31 Mar 2020 23:54:54 GMT
GET H/1.1	200 OK	jim-pflaging-largeImage-9-a-1583.jpg 6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/	19 KB 20 KB	1277ms 36ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/jim-pflaging-largeImage-9-a-1583.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash c638d9ee432e6d3afdfeaa446b9db091aecf70b340e396c16b278472d945e18b Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:28 GMT Last-Modified Thu, 31 Mar 2016 15:04:34 GMT ETag 03a57e4b0b0abcf3ae1492068901d4ac Content-Type image/jpeg X-Timestamp 1459436673.44304 Cache-Control public, max-age=70655 Content-Length 19613 Connection keep-alive Accept-Ranges bytes X-Trans-Id txb6f7b04cfd764d48a5ffd-005e7360a0dfw1 Expires Wed, 01 Apr 2020 10:38:03 GMT
GET H/1.1	200 OK	john-buzzard-largeImage-3-a-1137.jpg 6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/	41 KB 41 KB	1309ms 31ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/john-buzzard-largeImage-3-a-1137.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash 2ec5f18adb6e13532120e5aedec134c15dbd9593b5940b874829e369a50aa5d3 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:28 GMT Last-Modified Thu, 01 Sep 2016 20:30:04 GMT ETag ef668d3812c34f50e97a4c7b41036bf3 Content-Type image/jpeg X-Timestamp 1472761803.18310 Cache-Control public, max-age=58294 Content-Length 42039 Connection keep-alive Accept-Ranges bytes X-Trans-Id tx103c69835cdc45c7ae1c3-005e729e47dfw1 Expires Wed, 01 Apr 2020 07:12:02 GMT
GET H/1.1	200 OK	margaret-reid-largeImage-4-a-1899.jpg 6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/	42 KB 42 KB	1343ms 23ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/margaret-reid-largeImage-4-a-1899.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash b0d844705249eaf4ee5ddea31555d6f324acee5cbe5c7dc53a2cd22e33c0cbd6 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:28 GMT Last-Modified Wed, 08 Mar 2017 20:28:30 GMT ETag 3b4461b302b19ce5893105dddfe0752f Content-Type image/jpeg X-Timestamp 1489004909.91494 Cache-Control public, max-age=63043 Content-Length 43074 Connection keep-alive Accept-Ranges bytes X-Trans-Id txf79f8b88779f41acbeee3-005e724949dfw1 Expires Wed, 01 Apr 2020 08:31:11 GMT
GET H/1.1	200 OK	sam-kassoumeh-largeImage-10-a-1289.jpg 6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/	45 KB 45 KB	1369ms 23ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/sam-kassoumeh-largeImage-10-a-1289.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash 7e812e148b0c883092d3af1159b71eeaa094051ba3dc4c792430bd44127433ba Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:28 GMT Last-Modified Thu, 10 Nov 2016 14:32:59 GMT ETag 7f6cdfb5ad475a15b78806a10279dfd5 Content-Type image/jpeg X-Timestamp 1478788378.62391 Cache-Control public, max-age=24528 Content-Length 45645 Connection keep-alive Accept-Ranges bytes X-Trans-Id txfa0a461d1f58422db7dba-005e71c771dfw1 Expires Tue, 31 Mar 2020 21:49:16 GMT
GET H/1.1	200 OK	2020-report-breach-exposure-fortune-1000-employees-by-sector-logo-8-w-6029.JPG dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/	70 KB 71 KB	339ms 22ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/2020-report-breach-exposure-fortune-1000-employees-by-sector-logo-8-w-6029.JPG Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash 7c1b51178141f1d08ba7668589ea425b71f71a5c1be3c0801f30d41a893e7d9f Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:27 GMT Last-Modified Sun, 29 Mar 2020 22:15:53 GMT ETag ef11f4c239fb49049756f07dd1322f5a Content-Type image/jpeg X-Timestamp 1585520152.85708 Cache-Control public, max-age=39219 Content-Length 71934 Connection keep-alive Accept-Ranges bytes X-Trans-Id txb0457f11ea634d8e9cd04-005e82a2efdfw1 Expires Wed, 01 Apr 2020 01:54:06 GMT
GET H/1.1	200 OK	global-data-protection-index-are-you-protected-logo-6-w-6026.PNG dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/	47 KB 47 KB	295ms 22ms	Image image/png	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/global-data-protection-index-are-you-protected-logo-6-w-6026.PNG Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash 36d8e9812489abe39bceb5826eb5a13fa3f27d03cb4acf2542d943d4aaba7d63 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:27 GMT Last-Modified Fri, 27 Mar 2020 10:26:37 GMT ETag aa370eab8384b30d307bd70ef4b8538b Content-Type image/png X-Timestamp 1585304796.88554 Cache-Control public, max-age=55383 Content-Length 48095 Connection keep-alive Accept-Ranges bytes X-Trans-Id tx1a95b22f9d98405aada6d-005e81b361dfw1 Expires Wed, 01 Apr 2020 06:23:30 GMT
GET H/1.1	200 OK	purpose-built-backup-appliance-logo-3-w-6027.PNG dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/	32 KB 32 KB	231ms 24ms	Image image/png	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/purpose-built-backup-appliance-logo-3-w-6027.PNG Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash 3dc0974b145ea8bb6147a4fd471442b14775e00783e1fcf9e83b8ef3b8768f9d Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:27 GMT Last-Modified Fri, 27 Mar 2020 10:33:41 GMT ETag f8c60f08234f9a03de68693fb2ca2ac1 Content-Type image/png X-Timestamp 1585305220.84400 Cache-Control public, max-age=55251 Content-Length 32639 Connection keep-alive Accept-Ranges bytes X-Trans-Id tx419c47f6b13a4e3fb274c-005e81b361dfw1 Expires Wed, 01 Apr 2020 06:21:18 GMT
GET H/1.1	200 OK	3-steps-to-automating-security-operations-logo-3-w-6028.JPG dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/	51 KB 52 KB	250ms 35ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/3-steps-to-automating-security-operations-logo-3-w-6028.JPG Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash 732665ae9efafec59e10c067914dfe2e4f3ad1820e4bc9ebb69d79ddeb8efea1 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:27 GMT Last-Modified Fri, 27 Mar 2020 15:25:25 GMT ETag 3db450eeba090791a4e605f094ffbf2c Content-Type image/jpeg X-Timestamp 1585322724.08829 Cache-Control public, max-age=55297 Content-Length 52721 Connection keep-alive Accept-Ranges bytes X-Trans-Id txb48337f190114e2997d29-005e81f50cdfw1 Expires Wed, 01 Apr 2020 06:22:04 GMT
GET H/1.1	200 OK	combatting-cybercrime-pdf-9-h-103.jpg fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com/	358 KB 358 KB	269ms 45ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com/combatting-cybercrime-pdf-9-h-103.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash 7ff5b98c09ec9d2af43d4108160ea0455f91f415f83031cc79fbe24a3a765bb8 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:27 GMT Last-Modified Tue, 26 Nov 2019 19:37:47 GMT ETag 11a3adb400c0ff282a505428b1d7be73 Content-Type image/jpeg X-Timestamp 1574797066.57975 Cache-Control public, max-age=32498 Content-Length 366322 Connection keep-alive Accept-Ranges bytes X-Trans-Id tx734be8c11524421797f74-005e6f285cdfw1 Expires Wed, 01 Apr 2020 00:02:05 GMT
GET H/1.1	200 OK	top-canadian-cyber-threats-expected-in-2020-logo-9-h-102.jpg fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com/	76 KB 77 KB	184ms 22ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com/top-canadian-cyber-threats-expected-in-2020-logo-9-h-102.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash eb9ec684a7198fded61e248eaff2d28d0c9f8a15dfee8d9afff66aa6ff200461 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:27 GMT Last-Modified Mon, 28 Oct 2019 13:57:45 GMT ETag 69913c61181f1fc9d730d6c8298e55c4 Content-Type image/jpeg X-Timestamp 1572271064.63410 Cache-Control public, max-age=19861 Content-Length 78320 Connection keep-alive Accept-Ranges bytes X-Trans-Id txf87be476a661497d96b8a-005e71ee18dfw1 Expires Tue, 31 Mar 2020 20:31:28 GMT
GET H/1.1	200 OK	leveraging-new-technologies-in-fraud-investigations-logo-7-h-101.jpg fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com/	197 KB 198 KB	186ms 23ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com/leveraging-new-technologies-in-fraud-investigations-logo-7-h-101.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash c70242480ad0a0ecc7c305d659f1fdb3a9cb1eb480927b46f8bd62d33ed0f8b2 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:27 GMT Last-Modified Tue, 15 Oct 2019 14:06:53 GMT ETag e3e068e355cdbfaa15e88b627d7ebc55 Content-Type image/jpeg X-Timestamp 1571148412.42493 Cache-Control public, max-age=80544 Content-Length 202154 Connection keep-alive Accept-Ranges bytes X-Trans-Id tx423235a6738a4082be08e-005e710c8bdfw1 Expires Wed, 01 Apr 2020 13:22:51 GMT
GET H/1.1	200 OK	collaboration-avoiding-operational-conflicts-taking-on-new-roles-logo-10-h-100.jpg fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com/	87 KB 88 KB	187ms 22ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com/collaboration-avoiding-operational-conflicts-taking-on-new-roles-logo-10-h-100.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash 4c57a77761f2639985b760e69c5bbaffceb6100559dcf3296d3cc96ea6a0d305 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:27 GMT Last-Modified Wed, 02 Oct 2019 13:41:41 GMT ETag 36c70127fa172aa8ce8cd235fddf4c97 Content-Type image/jpeg X-Timestamp 1570023700.81183 Cache-Control public, max-age=70226 Content-Length 89481 Connection keep-alive Accept-Ranges bytes X-Trans-Id tx06061d44cbfd47969a7f3-005e7173ecdfw1 Expires Wed, 01 Apr 2020 10:30:53 GMT
GET H/1.1	200 OK	taking-pulse-government-cybersecurity-2020-showcase_image-4-s-77.jpg 21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com/	95 KB 95 KB	83ms 37ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com/taking-pulse-government-cybersecurity-2020-showcase_image-4-s-77.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash f12bfcfe32a118f715dbfbd7c13833f73ed857e42dae19f8ef24fc8b473840af Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:27 GMT Last-Modified Mon, 23 Mar 2020 21:52:35 GMT ETag 4af1e925902f765709fbac19d76f9149 Content-Type image/jpeg X-Timestamp 1585000354.21724 Cache-Control public, max-age=51460 Content-Length 97383 Connection keep-alive Accept-Ranges bytes X-Trans-Id tx671fafc37744422383a33-005e7a746edfw1 Expires Wed, 01 Apr 2020 05:18:07 GMT
GET H/1.1	200 OK	2020-faces-fraud-survey-showcase_image-4-s-75.jpg 21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com/	82 KB 83 KB	54ms 23ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com/2020-faces-fraud-survey-showcase_image-4-s-75.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash 3d7510063e1b2e52048eb4de8e364e2d5516dcb3dfa3b30feab3e4c10d785726 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:27 GMT Last-Modified Thu, 21 Nov 2019 17:08:18 GMT ETag 6435f83ec3a957ed676e16f2c26353cf Content-Type image/jpeg X-Timestamp 1574356097.60397 Cache-Control public, max-age=75575 Content-Length 84215 Connection keep-alive Accept-Ranges bytes X-Trans-Id tx9a6e3bc68ea94f7bb7fbc-005e720f2adfw1 Expires Wed, 01 Apr 2020 12:00:02 GMT
GET H/1.1	200 OK	digital-account-opening-security-study-showcase_image-5-s-74.jpg 21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com/	55 KB 55 KB	55ms 37ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com/digital-account-opening-security-study-showcase_image-5-s-74.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash 015655f766994aff6aece9b79181a951d0364e27ef1d34275633e9c8aa906273 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:27 GMT Last-Modified Tue, 08 Oct 2019 15:53:23 GMT ETag 00187fd51a6d1c6812a4691cd6507155 Content-Type image/jpeg X-Timestamp 1570550002.14407 Cache-Control public, max-age=11869 Content-Length 56240 Connection keep-alive Accept-Ranges bytes X-Trans-Id tx7cc316bc6a054e4296416-005e71c704dfw1 Expires Tue, 31 Mar 2020 18:18:16 GMT
GET H/1.1	200 OK	state-todays-app-security-showcase_image-6-s-76.jpg 21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com/	94 KB 94 KB	53ms 24ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com/state-todays-app-security-showcase_image-6-s-76.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash 07f1864f676b80cef760836490eed2ed047b77a99fcc64e81f9d02986e6457bc Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:27 GMT Last-Modified Wed, 30 Oct 2019 21:07:05 GMT ETag 1b69aac5850bf9a34703d01221b13651 Content-Type image/jpeg X-Timestamp 1572469624.30720 Cache-Control public, max-age=34061 Content-Length 96031 Connection keep-alive Accept-Ranges bytes X-Trans-Id txf6874dc857c94619bd88f-005e722260dfw1 Expires Wed, 01 Apr 2020 00:28:08 GMT
GET H/1.1	200 OK	top-10-data-breach-influencers-showcase_image-2-a-8798.jpg 130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/	52 KB 53 KB	23ms 23ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/top-10-data-breach-influencers-showcase_image-2-a-8798.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash cdedc2c99e5c35e35baa5bba15349f699ad8a849a71d0fe48bbfa4982f68ece5 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:27 GMT Last-Modified Fri, 15 Jan 2016 20:00:06 GMT ETag 4a0fedb93b2aaad07c4fac27182588c0 Content-Type image/jpeg X-Timestamp 1452888005.28308 Cache-Control public, max-age=70233 Content-Length 53534 Connection keep-alive Accept-Ranges bytes X-Trans-Id txf27118a916484f2996368-005e72027adfw1 Expires Wed, 01 Apr 2020 10:31:00 GMT
GET H/1.1	200 OK	top-10-influencers-in-banking-infosec-showcase_image-1-a-8792.jpg 130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/	47 KB 48 KB	23ms 23ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/top-10-influencers-in-banking-infosec-showcase_image-1-a-8792.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash 9e8e013460345e9816f5dc19487056172227d429df2b2ffcb6729e4318f4aadc Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:27 GMT Last-Modified Mon, 11 Jan 2016 20:58:50 GMT ETag 017e96a64c3cda0a91f7389d325626c9 Content-Type image/jpeg X-Timestamp 1452545929.12488 Cache-Control public, max-age=73832 Content-Length 48242 Connection keep-alive Accept-Ranges bytes X-Trans-Id txf6826e56086843818ed7e-005e71be5cdfw1 Expires Wed, 01 Apr 2020 11:30:59 GMT
GET H/1.1	200 OK	top-10-influencers-in-government-infosec-showcase_image-7-a-8771.jpg 130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/	51 KB 52 KB	36ms 35ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/top-10-influencers-in-government-infosec-showcase_image-7-a-8771.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash 50e2744b11e9d912e71f7a7ecb6ed7bf0eb7c3e29b4de5e0639e79cf5d6835be Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:27 GMT Last-Modified Thu, 07 Jan 2016 15:36:22 GMT ETag b4bbe16cfaf8e2abe68aef9a20d34e29 Content-Type image/jpeg X-Timestamp 1452180981.46535 Cache-Control public, max-age=36649 Content-Length 52483 Connection keep-alive Accept-Ranges bytes X-Trans-Id tx780751ce9eaf4350b1d0b-005e71c1f1dfw1 Expires Wed, 01 Apr 2020 01:11:16 GMT
GET H/1.1	200 OK	update-top-5-health-data-breaches-imageFile-8-a-7877.jpg 130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/	10 KB 10 KB	26ms 25ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/update-top-5-health-data-breaches-imageFile-8-a-7877.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash 441b44d1c8b0181d6502d5a94c3c27e8fa28c79dcaeefd1264bd3a8fe0616c60 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:27 GMT Last-Modified Thu, 05 Feb 2015 20:00:34 GMT ETag 4fae4989cc5bb5ce45458e826b5134bb Content-Type image/jpeg X-Timestamp 1423166433.76800 Cache-Control public, max-age=24898 Content-Length 10211 Connection keep-alive Accept-Ranges bytes X-Trans-Id tx5cde2105cbb34f1d9bf39-005e71a45ddfw1 Expires Tue, 31 Mar 2020 21:55:25 GMT
GET H/1.1	200 OK	virtual-cybersecurity-summit-zero-trust-showcase_image-2-e-311.jpg 752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com/	97 KB 97 KB	81ms 35ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com/virtual-cybersecurity-summit-zero-trust-showcase_image-2-e-311.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash 8459e4013d8f2e711b6b0ddbe742984cfb06ba6ad15a1cf665aaa3a364d7ea2a Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:27 GMT Last-Modified Mon, 23 Mar 2020 02:00:38 GMT ETag bba1c8450fe3a4b32951ca68f3c314c9 Content-Type image/jpeg X-Timestamp 1584928837.46448 Cache-Control public, max-age=69031 Content-Length 98956 Connection keep-alive Accept-Ranges bytes X-Trans-Id tx24db7835fc844c18b183a-005e781d50dfw1 Expires Wed, 01 Apr 2020 10:10:58 GMT
GET H/1.1	200 OK	virtual-cybersecurity-summit-financial-services-showcase_image-3-e-312.jpg 752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com/	105 KB 105 KB	114ms 35ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com/virtual-cybersecurity-summit-financial-services-showcase_image-3-e-312.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash 034199150c8b33342706bcd5c1e9c2a5835f7b3995624bcba9ec808625fe8090 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:28 GMT Last-Modified Mon, 23 Mar 2020 02:01:13 GMT ETag 14e2acfa73f3a1d007fffc52e4d1363b Content-Type image/jpeg X-Timestamp 1584928872.11143 Cache-Control public, max-age=15695 Content-Length 107071 Connection keep-alive Accept-Ranges bytes X-Trans-Id txa4dbca4eb82d4553bf922-005e7cb5f3dfw1 Expires Tue, 31 Mar 2020 19:22:03 GMT
GET H/1.1	200 OK	cybersecurity-fraud-summit-chicago-showcase_image-5-e-298.jpg 752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com/	71 KB 71 KB	123ms 23ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com/cybersecurity-fraud-summit-chicago-showcase_image-5-e-298.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash f2e985539ac8a7c0fd8aec7d15494e8e56e5d16bbb58f4170eb773c5a5f32d58 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:28 GMT Last-Modified Fri, 27 Sep 2019 20:30:17 GMT ETag b4fd29a2fb7c17308d1ffaca8157f320 Content-Type image/jpeg X-Timestamp 1569616216.50427 Cache-Control public, max-age=51612 Content-Length 72247 Connection keep-alive Accept-Ranges bytes X-Trans-Id tx89d98f7d6535401cbe7ef-005e714d85dfw1 Expires Wed, 01 Apr 2020 05:20:40 GMT
GET H/1.1	200 OK	2020-healthcare-security-summit-new-york-showcase_image-7-e-301.jpg 752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com/	81 KB 81 KB	136ms 23ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com/2020-healthcare-security-summit-new-york-showcase_image-7-e-301.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash 471d1b98d4dcda9bc6bafb244adf0e6a3f85c62dd219e0bc3d47256dd3c852d7 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:28 GMT Last-Modified Fri, 27 Sep 2019 20:39:21 GMT ETag e867c4b9925ec56a280f44919afe0d19 Content-Type image/jpeg X-Timestamp 1569616760.64682 Cache-Control public, max-age=26545 Content-Length 82476 Connection keep-alive Accept-Ranges bytes X-Trans-Id tx96265ef26cbc42d190123-005e71a45edfw1 Expires Tue, 31 Mar 2020 22:22:53 GMT
GET H/1.1	200 OK	2020-fraud-summit-new-york-showcase_image-2-e-297.jpg 752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com/	81 KB 81 KB	129ms 22ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com/2020-fraud-summit-new-york-showcase_image-2-e-297.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash 471d1b98d4dcda9bc6bafb244adf0e6a3f85c62dd219e0bc3d47256dd3c852d7 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:28 GMT Last-Modified Fri, 27 Sep 2019 20:18:25 GMT ETag e867c4b9925ec56a280f44919afe0d19 Content-Type image/jpeg X-Timestamp 1569615504.17856 Cache-Control public, max-age=74171 Content-Length 82476 Connection keep-alive Accept-Ranges bytes X-Trans-Id tx93f65af6f4e34e3694b8f-005e71d085dfw1 Expires Wed, 01 Apr 2020 11:36:39 GMT
GET H/1.1	200 OK	2020-cybersecurity-summit-bengaluru-showcase_image-10-e-299.jpg 752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com/	56 KB 56 KB	78ms 36ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com/2020-cybersecurity-summit-bengaluru-showcase_image-10-e-299.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash b5e9d7b83ee59fd4831ec4b6b4bb387abeaa6be304bb4071a7c09869c30569ff Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:28 GMT Last-Modified Fri, 27 Sep 2019 20:33:43 GMT ETag d7f1bf15d961ffe53e9c3a17b193b9d1 Content-Type image/jpeg X-Timestamp 1569616422.26815 Cache-Control public, max-age=9722 Content-Length 57204 Connection keep-alive Accept-Ranges bytes X-Trans-Id tx635bb885120f471c9e6bc-005e6dc877dfw1 Expires Tue, 31 Mar 2020 17:42:30 GMT
GET H/1.1	200 OK	2020-cybersecurity-summit-brazil-showcase_image-4-e-302.jpg 752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com/	199 KB 199 KB	51ms 22ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com/2020-cybersecurity-summit-brazil-showcase_image-4-e-302.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash 14c0bce6b610b8fecb34796e62cfc89155ca31be490a7e165da3dc4e5399e3c1 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:28 GMT Last-Modified Fri, 27 Sep 2019 20:42:24 GMT ETag 13a48cb6101867dd61ea2fa76b917057 Content-Type image/jpeg X-Timestamp 1569616943.32166 Cache-Control public, max-age=16638 Content-Length 203592 Connection keep-alive Accept-Ranges bytes X-Trans-Id tx573e09c1655a479b847b2-005e72105fdfw1 Expires Tue, 31 Mar 2020 19:37:46 GMT
GET H/1.1	200 OK	virtual-cybersecurity-summit-healthcare-showcase_image-4-e-313.jpg 752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com/	82 KB 82 KB	52ms 23ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com/virtual-cybersecurity-summit-healthcare-showcase_image-4-e-313.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash 7b7fa521ca3abb70d8f8ae83d85364a7058b2b8cd0aeaf192784328958d5c633 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:28 GMT Last-Modified Mon, 23 Mar 2020 02:01:44 GMT ETag 5e103284fa191bf5f23c429091cb9b9f Content-Type image/jpeg X-Timestamp 1584928903.38122 Cache-Control public, max-age=15757 Content-Length 83708 Connection keep-alive Accept-Ranges bytes X-Trans-Id tx19749c4fd5e247eaa7856-005e7e597cdfw1 Expires Tue, 31 Mar 2020 19:23:05 GMT
GET H/1.1	200 OK	best-practices-for-implementing-comprehensive-identity-governance-solution-showcase_image-7-w-2126.jpg 75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/	158 KB 158 KB	22ms 22ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/best-practices-for-implementing-comprehensive-identity-governance-solution-showcase_image-7-w-2126.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash 9cfda57bf5032c33579ba5213ea3f6f04ae76eddf8169ccc03b65dad46387700 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:28 GMT Last-Modified Wed, 21 Aug 2019 16:07:31 GMT ETag ac5ec7485b98a4e425694526cac66c60 Content-Type image/jpeg X-Timestamp 1566403650.23177 Cache-Control public, max-age=61049 Content-Length 161648 Connection keep-alive Accept-Ranges bytes X-Trans-Id tx8cba2d15ca2345388d650-005e717e52dfw1 Expires Wed, 01 Apr 2020 07:57:57 GMT
GET H/1.1	200 OK	zero-trust-approach-for-healthcare-showcase_image-4-w-2071.jpg 75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/	135 KB 136 KB	25ms 24ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/zero-trust-approach-for-healthcare-showcase_image-4-w-2071.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash 3c766722210633878a01a1266168f93abd804eb1d5b90539146ed55870822f1d Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:28 GMT Last-Modified Fri, 28 Jun 2019 20:21:33 GMT ETag dd5032aff4d05ed19b21dbe830b01316 Content-Type image/jpeg X-Timestamp 1561753292.90767 Cache-Control public, max-age=62732 Content-Length 138422 Connection keep-alive Accept-Ranges bytes X-Trans-Id txff660b7d9c814e8586587-005e71b27cdfw1 Expires Wed, 01 Apr 2020 08:26:00 GMT
GET H/1.1	200 OK	best-rsa-conference-2020-showcase_image-1-a-14011.jpg 130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/	100 KB 101 KB	24ms 24ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/best-rsa-conference-2020-showcase_image-1-a-14011.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash 8d24db7742c1a5864fcef9b95b39da9f4bdce218cd525cbd2a6c1233a9cb020e Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:28 GMT Last-Modified Wed, 25 Mar 2020 19:33:42 GMT ETag 5509cbbd99ddd348f3533b4b8f6a0da9 Content-Type image/jpeg X-Timestamp 1585164821.83821 Cache-Control public, max-age=43983 Content-Length 102596 Connection keep-alive Accept-Ranges bytes X-Trans-Id tx6ee4387b58fd43debc057-005e7bb989dfw1 Expires Wed, 01 Apr 2020 03:13:31 GMT
GET H/1.1	200 OK	symantec-story-post-broadcom-acquisition-showcase_image-3-a-13931.jpg 130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/	50 KB 51 KB	23ms 23ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/symantec-story-post-broadcom-acquisition-showcase_image-3-a-13931.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash 7b68484a9c4b5383bb83b28cc95e40cd538b2ab665b73df704cfdb01405eb805 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:28 GMT Last-Modified Thu, 12 Mar 2020 13:10:48 GMT ETag b2a437081c8ade687abb47a44d113cd8 Content-Type image/jpeg X-Timestamp 1584018647.70830 Cache-Control public, max-age=83643 Content-Length 51657 Connection keep-alive Accept-Ranges bytes X-Trans-Id txe6098d694cba4b99a85d5-005e7b9a29dfw1 Expires Wed, 01 Apr 2020 14:14:31 GMT
GET H/1.1	200 OK	phishings-impact-on-federal-government-showcase_image-4-a-13821.jpg 130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/	87 KB 87 KB	30ms 29ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/phishings-impact-on-federal-government-showcase_image-4-a-13821.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash 51fede8dc45449db0d1d07e35dd4a02762ceca2392981395b04d5a05c797b588 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:28 GMT Last-Modified Mon, 02 Mar 2020 16:02:57 GMT ETag 4611ea77c79b4012db4aed03e4e4248f Content-Type image/jpeg X-Timestamp 1583164976.21506 Cache-Control public, max-age=16103 Content-Length 88921 Connection keep-alive Accept-Ranges bytes X-Trans-Id tx5c716c7c870c435ea9f83-005e73ed7bdfw1 Expires Tue, 31 Mar 2020 19:28:51 GMT
GET H/1.1	200 OK	infosec-europe-2019-compendium-imageFile-2-a-12739.jpg 130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/	89 KB 89 KB	64ms 28ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/infosec-europe-2019-compendium-imageFile-2-a-12739.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash 4546d13ea9bae9935dcd23f61d215a528120a53479bf51e372de3420029ed535 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:28 GMT Last-Modified Fri, 05 Jul 2019 20:13:34 GMT ETag f9dab7917669551bb50361c2dcd43aa7 Content-Type image/jpeg X-Timestamp 1562357613.59432 Cache-Control public, max-age=46327 Content-Length 91187 Connection keep-alive Accept-Ranges bytes X-Trans-Id txc89857c2f5b7497aabf1b-005e706348dfw1 Expires Wed, 01 Apr 2020 03:52:35 GMT
GET H/1.1	200 OK	improving-iot-risk-management-showcase_image-10-a-12689.jpg 130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/	60 KB 61 KB	50ms 23ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/improving-iot-risk-management-showcase_image-10-a-12689.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash 6ec9288103b5919c36e28909faf04364cdf19cf7687e234663d0d9daab65a3c0 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:28 GMT Last-Modified Fri, 28 Jun 2019 14:04:32 GMT ETag 7f5fdd9cf37f980ea13c12c231815e13 Content-Type image/jpeg X-Timestamp 1561730671.53151 Cache-Control public, max-age=42940 Content-Length 61807 Connection keep-alive Accept-Ranges bytes X-Trans-Id tx4aa08acf01884e56be54d-005e70f699dfw1 Expires Wed, 01 Apr 2020 02:56:08 GMT
GET H/1.1	200 OK	gdpr-where-do-we-go-from-here-showcase_image-1-a-12681.jpg 130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/	62 KB 62 KB	44ms 38ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/gdpr-where-do-we-go-from-here-showcase_image-1-a-12681.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash 8bc7f122cae9e9efd75cd58076d06fb057d8f50abf07ffc1716e17d87682b9cf Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:28 GMT Last-Modified Tue, 25 Jun 2019 19:30:48 GMT ETag bba47bed092092a1c82b09a86a3a0e40 Content-Type image/jpeg X-Timestamp 1561491047.60933 Cache-Control public, max-age=30728 Content-Length 63007 Connection keep-alive Accept-Ranges bytes X-Trans-Id tx3179afefed564631ac70f-005e71ab74dfw1 Expires Tue, 31 Mar 2020 23:32:36 GMT
GET H/1.1	200 OK	reinventing-application-security-showcase_image-10-a-12671.jpg 130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/	53 KB 53 KB	25ms 23ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/reinventing-application-security-showcase_image-10-a-12671.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash 4179815331b1b050e45da1ccf1d1a8cb50904e1cbb92228b32d55d545d4aaf7c Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:28 GMT Last-Modified Tue, 25 Jun 2019 19:54:35 GMT ETag 89521d60b07d7e85acabbf0301821f45 Content-Type image/jpeg X-Timestamp 1561492474.52472 Cache-Control public, max-age=70237 Content-Length 54026 Connection keep-alive Accept-Ranges bytes X-Trans-Id txc971698fab404caebea84-005e71ab74dfw1 Expires Wed, 01 Apr 2020 10:31:05 GMT
GET H/1.1	200 OK	hijacked-routers-steering-users-to-malicious-covid-19-sites-showcase_image-10-a-14022.jpg 130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/	114 KB 115 KB	25ms 24ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-showcase_image-10-a-14022.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash 2b6299ef4753f0297409e40112ff8bd54c7e2654c756248f7d202c7979ff618b Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:27 GMT Last-Modified Fri, 27 Mar 2020 14:56:01 GMT ETag 6c8a18e60ac7c294c8b1899c502f2e57 Content-Type image/jpeg X-Timestamp 1585320960.14387 Cache-Control public, max-age=55319 Content-Length 116954 Connection keep-alive Accept-Ranges bytes X-Trans-Id tx1a634b8fceaf418fa218c-005e7e1a84dfw1 Expires Wed, 01 Apr 2020 06:22:26 GMT
GET H/1.1	200 OK	apurva-venkat-largeImage-7-a-2970.jpg 6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/	34 KB 35 KB	519ms 26ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/apurva-venkat-largeImage-7-a-2970.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash 2e72ca1f8eed0d31058733c1bc1a645afe5aa54f0d69f53bada32f5dbbe17fa2 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:28 GMT Last-Modified Tue, 01 Oct 2019 16:02:17 GMT ETag 737a6aceaed14ae54d28b9420bac0b87 Content-Type image/jpeg X-Timestamp 1569945736.38652 Cache-Control public, max-age=55303 Content-Length 35151 Connection keep-alive Accept-Ranges bytes X-Trans-Id tx5ae39f140f9e48f3bb6da-005e73174fdfw1 Expires Wed, 01 Apr 2020 06:22:11 GMT
GET H/1.1	200 OK	reducing-risks-from-iot-devices-in-increasingly-connected-world-pdf-7-w-5857.jpg dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/	259 KB 260 KB	23ms 22ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/reducing-risks-from-iot-devices-in-increasingly-connected-world-pdf-7-w-5857.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash 9a9a284d4b9bb7cda02d791a17ac1d106d3e426e5974676268cfde883490e2ad Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:28 GMT Last-Modified Thu, 20 Feb 2020 17:19:42 GMT ETag 1c1cdd946101123a74858ab2e18e01f2 Content-Type image/jpeg X-Timestamp 1582219181.31390 Cache-Control public, max-age=55245 Content-Length 265573 Connection keep-alive Accept-Ranges bytes X-Trans-Id txaf8fc091476a41519ac4f-005e71e663dfw1 Expires Wed, 01 Apr 2020 06:21:13 GMT
GET H/1.1	200 OK	2019-fraud-risk-at-glance-logo-8-w-5831.JPG dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/	44 KB 45 KB	58ms 23ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/2019-fraud-risk-at-glance-logo-8-w-5831.JPG Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash 934493ab72394bf033f5ea06d307c6ded5c2a81d0051e9665ad1dbf0b89fc970 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:28 GMT Last-Modified Fri, 07 Feb 2020 22:20:21 GMT ETag dbf4b917043d71949403c9ca5cd026aa Content-Type image/jpeg X-Timestamp 1581114020.03324 Cache-Control public, max-age=19207 Content-Length 45228 Connection keep-alive Accept-Ranges bytes X-Trans-Id tx47cbde8c0830443c91ccd-005e71a45edfw1 Expires Tue, 31 Mar 2020 20:20:35 GMT
GET H/1.1	200 OK	tools-tactics-for-modern-crimeware-logo-4-w-5832.JPG dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/	44 KB 45 KB	80ms 24ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/tools-tactics-for-modern-crimeware-logo-4-w-5832.JPG Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash 64197be5da4525893accd53a2d6571ce2e6915650b0820808d9a4cac3277f728 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:28 GMT Last-Modified Fri, 07 Feb 2020 22:22:25 GMT ETag 6c7b1f27a7e119e672e622a636f1fb8c Content-Type image/jpeg X-Timestamp 1581114144.12255 Cache-Control public, max-age=55270 Content-Length 45311 Connection keep-alive Accept-Ranges bytes X-Trans-Id tx84483b7e99a744e894d0f-005e71a45edfw1 Expires Wed, 01 Apr 2020 06:21:38 GMT
GET H/1.1	200 OK	gartner-five-board-questions-that-security-risk-leaders-must-be-prepared-to-answer-logo-2-w-5896.JPG dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/	48 KB 48 KB	76ms 24ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/gartner-five-board-questions-that-security-risk-leaders-must-be-prepared-to-answer-logo-2-w-5896.JPG Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash 9545a5f22ac0df7058c26f97398d4c1b0c56509464b803413cb2e12c0178f422 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:28 GMT Last-Modified Mon, 02 Mar 2020 14:42:10 GMT ETag ffbe37c008027d9507727aab3dc2f94c Content-Type image/jpeg X-Timestamp 1583160129.18521 Cache-Control public, max-age=54201 Content-Length 49090 Connection keep-alive Accept-Ranges bytes X-Trans-Id tx026b9a5d939346c7849a0-005e71be5bdfw1 Expires Wed, 01 Apr 2020 06:03:49 GMT
GET H/1.1	200 OK	global-fraud-index-logo-7-w-5962.JPG dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/	33 KB 33 KB	95ms 22ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/global-fraud-index-logo-7-w-5962.JPG Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash 00ecc8d38cbafd78500212e921f46e3389ae5b88588a0ebfa5607461dc8288b5 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:28 GMT Last-Modified Thu, 19 Mar 2020 13:51:21 GMT ETag 87d6192b40f66cbd3b474c9d57fa7999 Content-Type image/jpeg X-Timestamp 1584625880.19147 Cache-Control public, max-age=54201 Content-Length 33328 Connection keep-alive Accept-Ranges bytes X-Trans-Id tx1a6fc1818afa469c8c260-005e82dd45dfw1 Expires Wed, 01 Apr 2020 06:03:49 GMT
GET H/1.1	200 OK	preparing-for-3-d-secure-next-generation-showcase_image-2-i-4052.jpg 0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/	45 KB 46 KB	23ms 23ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/preparing-for-3-d-secure-next-generation-showcase_image-2-i-4052.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash 3dba5ccc14501c1f18b91c5a4b8667486df51bcd607f264411ffb10a09e913f3 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:28 GMT Last-Modified Thu, 19 Jul 2018 20:36:23 GMT ETag 06a767e4c9eed1b5f06fd62489b7bc2e Content-Type image/jpeg X-Timestamp 1532032582.03129 Cache-Control public, max-age=2696 Content-Length 46585 Connection keep-alive Accept-Ranges bytes X-Trans-Id txc0b252fe6fe84485bafc9-005e71d647dfw1 Expires Tue, 31 Mar 2020 15:45:24 GMT
GET H/1.1	200 OK	dark-side-russia-how-new-internet-laws-nationalism-fuel-russian-cybercrime-logo-6-w-5861.JPG dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/	32 KB 32 KB	76ms 28ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/dark-side-russia-how-new-internet-laws-nationalism-fuel-russian-cybercrime-logo-6-w-5861.JPG Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash c0768e65a573504a853df4474bc8b8c327c485d8e198a8761cb52a94692811ad Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:28 GMT Last-Modified Fri, 21 Feb 2020 14:00:41 GMT ETag f896b8330707e2e10160c2edabf36618 Content-Type image/jpeg X-Timestamp 1582293640.58094 Cache-Control public, max-age=32825 Content-Length 32356 Connection keep-alive Accept-Ranges bytes X-Trans-Id tx17f37eee8ca54d18992a2-005e71a45fdfw1 Expires Wed, 01 Apr 2020 00:07:33 GMT
GET H/1.1	200 OK	case-study-view-deception-technology-in-security-testing-logo-4-w-5785.JPG dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/	101 KB 102 KB	121ms 53ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/case-study-view-deception-technology-in-security-testing-logo-4-w-5785.JPG Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash ed9cb4ada4736365be873828d6f0746414ab378b5893503029a559ddd149f79e Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:28 GMT Last-Modified Tue, 14 Jan 2020 22:44:32 GMT ETag 291ee67c9c8d5e6eb54d1816e340f139 Content-Type image/jpeg X-Timestamp 1579041871.29239 Cache-Control public, max-age=77858 Content-Length 103619 Connection keep-alive Accept-Ranges bytes X-Trans-Id txbe4bb29278b34bdd91cff-005e71ecb1dfw1 Expires Wed, 01 Apr 2020 12:38:06 GMT
GET H/1.1	200 OK	are-your-internet-assets-behaving-logo-9-w-5948.JPG dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/	65 KB 65 KB	146ms 39ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/are-your-internet-assets-behaving-logo-9-w-5948.JPG Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash 03b4b305a3bf08390791f8285a549d6c9cc5bd330a8ecd8424d9541a1f5b3f89 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:28 GMT Last-Modified Fri, 13 Mar 2020 20:12:15 GMT ETag b26c1d8b6a574989d2a297f73c825b6a Content-Type image/jpeg X-Timestamp 1584130334.22593 Cache-Control public, max-age=820 Content-Length 66653 Connection keep-alive Accept-Ranges bytes X-Trans-Id tx681942c95ce6487ba2f53-005e71f0f9dfw1 Expires Tue, 31 Mar 2020 15:14:08 GMT
GET H/1.1	200 OK	-logo-8-w-5862.JPG dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/	63 KB 64 KB	173ms 35ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/-logo-8-w-5862.JPG Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash 5f1239bd3894abc09e6f7ffa3c5f1e6722a61c15cb9d280e8b6a4aaf2970410a Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:27 GMT Last-Modified Fri, 21 Feb 2020 15:51:34 GMT ETag b2619975c217c78c4664b9c257ba7160 Content-Type image/jpeg X-Timestamp 1582300293.85875 Cache-Control public, max-age=78897 Content-Length 64908 Connection keep-alive Accept-Ranges bytes X-Trans-Id tx6e305a2b45fd4feb8c56c-005e71f612dfw1 Expires Wed, 01 Apr 2020 12:55:24 GMT
GET H/1.1	200 OK	financial-services-security-disconnect-showcase_image-8-a-13764.jpg 130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/	67 KB 67 KB	38ms 37ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/financial-services-security-disconnect-showcase_image-8-a-13764.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash 216d7ef8dd851b4d2eaf0482edb91fa22b300caf7346de4443a1e9396353902e Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:27 GMT Last-Modified Wed, 04 Mar 2020 16:12:43 GMT ETag 48f4ba63da12797876e158bbfba5e1fe Content-Type image/jpeg X-Timestamp 1583338362.48123 Cache-Control public, max-age=16120 Content-Length 68115 Connection keep-alive Accept-Ranges bytes X-Trans-Id tx07b87a1f0b9346bc80486-005e72146ddfw1 Expires Tue, 31 Mar 2020 19:29:07 GMT
GET H/1.1	200 OK	sans-review-device-visibility-control-streamlining-ot-security-pdf-10-w-5854.jpg dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/	273 KB 274 KB	218ms 24ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/sans-review-device-visibility-control-streamlining-ot-security-pdf-10-w-5854.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash be2f1dedfb664f8a88495ba6c1a4272c8286522555518b21d72dad5b92881be0 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:27 GMT Last-Modified Thu, 20 Feb 2020 16:41:42 GMT ETag 268eeb949129c822bd6a500a94a16b55 Content-Type image/jpeg X-Timestamp 1582216901.34635 Cache-Control public, max-age=21013 Content-Length 279723 Connection keep-alive Accept-Ranges bytes X-Trans-Id tx7b2342f0d45948a49243a-005e70d2c6dfw1 Expires Tue, 31 Mar 2020 20:50:40 GMT
GET H/1.1	200 OK	phishing-campaigns-leverage-new-covid-19-themes-showcase_image-1-a-14034.jpg 130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/	51 KB 52 KB	221ms 220ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/phishing-campaigns-leverage-new-covid-19-themes-showcase_image-1-a-14034.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash 9c0f7a27285a4c46ceccccda4a281d60cccfa01a7e6a17fe53569defcca5dddb Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:28 GMT Last-Modified Tue, 31 Mar 2020 13:01:49 GMT ETag 1b7d74f61d60430ca8277324383afa42 Content-Type image/jpeg X-Timestamp 1585659708.72377 Cache-Control public, max-age=86400 Content-Length 52457 Connection keep-alive Accept-Ranges bytes X-Trans-Id tx5386a7d7f3cf4b048c438-005e835b0cdfw1 Expires Wed, 01 Apr 2020 15:00:28 GMT
GET H/1.1	200 OK	how-banks-in-bangladesh-are-mitigating-cyberthreats-showcase_image-6-i-4627.jpg 0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/	244 KB 245 KB	23ms 23ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/how-banks-in-bangladesh-are-mitigating-cyberthreats-showcase_image-6-i-4627.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash 01810a34164613bd7d9f1a89e5f12627533153114ff63348f6ad299fc3cb48d9 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:28 GMT Last-Modified Tue, 24 Mar 2020 10:27:59 GMT ETag d7a37851c429bc6b71862b66c2be1be2 Content-Type image/jpeg X-Timestamp 1585045678.78951 Cache-Control public, max-age=75477 Content-Length 250196 Connection keep-alive Accept-Ranges bytes X-Trans-Id tx2c25dbe8d1a84f419e600-005e7a02f9dfw1 Expires Wed, 01 Apr 2020 11:58:25 GMT
GET H/1.1	200 OK	dan-bowden-showcase_image-7-i-4630.jpg 0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/	140 KB 140 KB	58ms 23ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/dan-bowden-showcase_image-7-i-4630.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash af63d82367183c8739c194e61bae6e0144528c31c3ac0f6e8656537a000fd05a Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:28 GMT Last-Modified Wed, 25 Mar 2020 17:55:42 GMT ETag d9a365c12270ac94442f5f52e7f8d51c Content-Type image/jpeg X-Timestamp 1585158941.06750 Cache-Control public, max-age=81846 Content-Length 143171 Connection keep-alive Accept-Ranges bytes X-Trans-Id tx6f9fdb4d65934c5a929d9-005e7ba1d8dfw1 Expires Wed, 01 Apr 2020 13:44:34 GMT
GET H/1.1	200 OK	analysis-covid-19-as-cybercrime-opportunity-showcase_image-9-i-4623.jpg 0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/	75 KB 75 KB	44ms 36ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/analysis-covid-19-as-cybercrime-opportunity-showcase_image-9-i-4623.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash 6ea2c045c09ac9b7e25693b639329d20a666d4975b9f9ad471b29972cbd6b4a2 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:28 GMT Last-Modified Thu, 19 Mar 2020 20:41:15 GMT ETag 1d5cdfe337e31eea711a669bd3d6d0c1 Content-Type image/jpeg X-Timestamp 1584650474.62200 Cache-Control public, max-age=75147 Content-Length 76681 Connection keep-alive Accept-Ranges bytes X-Trans-Id txd32763f2f5b54bbcbcd70-005e74867edfw1 Expires Wed, 01 Apr 2020 11:52:55 GMT
GET H/1.1	200 OK	covid-19-financial-market-we-are-living-in-unprecedented-times-showcase_image-6-i-4624.jpg 0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/	66 KB 67 KB	28ms 22ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/covid-19-financial-market-we-are-living-in-unprecedented-times-showcase_image-6-i-4624.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash 0d0a3be5a8a2fd29e2ea3eba56a44d3d7aec833fe68b568638a90d3c88756d20 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:28 GMT Last-Modified Fri, 20 Mar 2020 09:35:41 GMT ETag 345e0478980fa0093311e7c16b30bed9 Content-Type image/jpeg X-Timestamp 1584696940.35040 Cache-Control public, max-age=75225 Content-Length 68007 Connection keep-alive Accept-Ranges bytes X-Trans-Id tx558ac00439c641d4b59fc-005e749bebdfw1 Expires Wed, 01 Apr 2020 11:54:13 GMT
GET H/1.1	200 OK	continuous-monitoring-critical-data-so-essential-showcase_image-7-i-4637.jpg 0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/	304 KB 305 KB	45ms 22ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/continuous-monitoring-critical-data-so-essential-showcase_image-7-i-4637.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash 5ab3134f8a7e28624bd9956447ed2e2326acb8b696bfc6bdf920b76eac10b57b Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:28 GMT Last-Modified Tue, 31 Mar 2020 09:22:23 GMT ETag 116862cd85d7f4ede21aca11e4ca7ea0 Content-Type image/jpeg X-Timestamp 1585646542.19510 Cache-Control public, max-age=67673 Content-Length 311539 Connection keep-alive Accept-Ranges bytes X-Trans-Id tx99285f6a3bbf4379b167b-005e831216dfw1 Expires Wed, 01 Apr 2020 09:48:21 GMT
GET H/1.1	200 OK	analysis-impact-hhs-hipaa-moves-for-covid-19-crisis-showcase_image-5-i-4631.jpg 0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/	50 KB 50 KB	44ms 28ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/analysis-impact-hhs-hipaa-moves-for-covid-19-crisis-showcase_image-5-i-4631.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash c78d434a0e90b6578ba0f4a69754ee0ef2a6d5ccfe3438b52a36c86334823d6d Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:28 GMT Last-Modified Thu, 26 Mar 2020 18:17:58 GMT ETag 5a5f9df86529b77c0fc56eae5fc6ba11 Content-Type image/jpeg X-Timestamp 1585246677.85673 Cache-Control public, max-age=53655 Content-Length 51001 Connection keep-alive Accept-Ranges bytes X-Trans-Id tx08341e3dc17544549274c-005e7cf7eddfw1 Expires Wed, 01 Apr 2020 05:54:43 GMT
GET H/1.1	200 OK	logo-ismg-with-text.png www.bankinfosecurity.com/images-responsive/	4 KB 4 KB	135ms 135ms	Image image/png	50.56.167.254 RMH-14
General Check archive.org Show headers Download Go to Show image Full URL https://www.bankinfosecurity.com/images-responsive/logo-ismg-with-text.png Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US), Reverse DNS Software Apache / Resource Hash 4e2db1bef009e01901b4083a153f1607301428277a76f508e659dc2849cefa04 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:28 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding Content-Type image/png Cache-Control max-age=86400, private, must-revalidate Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=93 Content-Length 4175
GET H/1.1	200 OK	logo-ismg-print.png www.bankinfosecurity.com/images-responsive/	5 KB 6 KB	145ms 144ms	Image image/png	50.56.167.254 RMH-14
General Check archive.org Show headers Download Go to Show image Full URL https://www.bankinfosecurity.com/images-responsive/logo-ismg-print.png Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US), Reverse DNS Software Apache / Resource Hash 5133e2e1a213ca44a8adb1f42f103a2d2e495849dfa4d42bf67c04fcc962e577 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:28 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding Content-Type image/png Cache-Control max-age=86400, private, must-revalidate Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 5598
GET H/1.1	200 OK	ondemand-preview-w-255.jpg f5bd7c2823d8d0533dcb-62d55445ed2ff88556926faa498f48fa.ssl.cf1.rackcdn.com/	56 KB 57 KB	1293ms 35ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://f5bd7c2823d8d0533dcb-62d55445ed2ff88556926faa498f48fa.ssl.cf1.rackcdn.com/ondemand-preview-w-255.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash 3059f92e36a564c5cbcedc195f764e3c55c8cf919c84129c5f202870e7026b61 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:29 GMT Last-Modified Fri, 05 Jul 2013 12:55:26 GMT ETag 7aece0902995efedc289b7c24037434b Content-Type image/jpeg X-Timestamp 1373028925.94439 Cache-Control public, max-age=56 Content-Length 57633 Connection keep-alive Accept-Ranges bytes X-Trans-Id tx39bf6aa0db5641a99fffe-005e833885dfw1 Expires Tue, 31 Mar 2020 15:01:25 GMT
GET H/1.1	200 OK	ron-ross-smallImage-a-558.jpg 6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/	10 KB 11 KB	233ms 31ms	Image image/jpeg	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/ron-ross-smallImage-a-558.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash 9c8bb391a723e088d163b560afa73f709c42a69df5647c4fefce9d16e4226895 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 31 Mar 2020 15:00:28 GMT Last-Modified Fri, 01 Nov 2013 13:09:25 GMT ETag fac8c56390d084c4f1dfaa9b24a58c33 Content-Type image/jpeg X-Timestamp 1383311364.81114 Cache-Control public, max-age=75710 Content-Length 10640 Connection keep-alive Accept-Ranges bytes X-Trans-Id tx5748e52cbd89455f95306-005e7206f9dfw1 Expires Wed, 01 Apr 2020 12:02:18 GMT
GET H2	200	mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2 fonts.gstatic.com/s/opensans/v17/	9 KB 9 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:820::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2 Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/javascripts-responsive/vendor/modernizr.j Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800 Origin https://www.bankinfosecurity.com Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sat, 28 Mar 2020 00:54:51 GMT x-content-type-options nosniff last-modified Tue, 23 Jul 2019 19:30:49 GMT server sffe age 309935 content-type font/woff2 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-origin * content-length 9132 x-xss-protection 0 expires Sun, 28 Mar 2021 00:54:51 GMT
POST H/1.1	200 OK	ismg-user-ip Show response worker.ismgcorp.com/	15 B 407 B	3547ms 137ms	XHR text/html	104.130.251.6 RMH-14
General Check archive.org Show headers Download Go to Full URL https://worker.ismgcorp.com/ismg-user-ip Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/javascripts-responsive/vendor/jquery.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.130.251.6 San Antonio, United States, ASN33070 (RMH-14, US), Reverse DNS Software Apache / Resource Hash 6014df0f686fb7955d4e60152afa174b5c133c20a27be8ae3935d2d789a612df Request headers Accept */* Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Origin https://www.bankinfosecurity.com Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 31 Mar 2020 15:00:30 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin * Cache-Control no-cache, private Connection Keep-Alive Keep-Alive timeout=5, max=100 Content-Length 33
GET H2	200	gpt.js Show response www.googletagservices.com/tag/js/	43 KB 14 KB	15ms 14ms	Script text/javascript	2a00:1450:4001:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 32962186b329a311e475c0a6d1449541c9a197058c3e0e05a8140e50760b0630 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Tue, 31 Mar 2020 15:00:28 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "472 / 10 of 1000 / last-modified: 1585592934" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 14649 x-xss-protection 0 expires Tue, 31 Mar 2020 15:00:28 GMT
GET H/1.1	200 OK	munchkin.js Show response munchkin.marketo.net/	1 KB 1 KB	5100ms 32ms	Script application/x-javascript	88.221.60.75 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://munchkin.marketo.net/munchkin.js Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/javascripts-responsive/vendor/jquery.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 88.221.60.75 , Ascension Island, ASN16625 (AKAMAI-AS, US), Reverse DNS a88-221-60-75.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 6de8549645c339a95031df376cb1dc18490a258edb6a0892bb4c322b3bd5481f Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Tue, 31 Mar 2020 15:00:33 GMT Content-Encoding gzip Last-Modified Fri, 20 Mar 2020 02:11:06 GMT Server Apache ETag "a97244e012764b34cb1bd3468d3e10b8:1584670266" Vary Accept-Encoding P3P policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR" Connection keep-alive Accept-Ranges bytes Content-Type application/x-javascript Content-Length 759
GET H2	200	gtm.js Show response www.googletagmanager.com/	528 KB 34 KB	21ms 20ms	Script application/javascript	2a00:1450:4001:81d::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-T6KM3T Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 6d05a5d5db383493a34aadbb8fb8f6b2669bde38b03e6a49d3b2e557de56e50c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Tue, 31 Mar 2020 15:00:28 GMT content-encoding br alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 server Google Tag Manager access-control-allow-origin http://www.googletagmanager.com vary Accept-Encoding content-type application/javascript; charset=UTF-8 status 200 cache-control private, max-age=900 access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains access-control-allow-headers Cache-Control content-length 34503 x-xss-protection 0 expires Tue, 31 Mar 2020 15:00:28 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	50 KB 19 KB	16ms 15ms	Script application/javascript	2a00:1450:4001:81d::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-T8C2JFW Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash f2bc04fc8b0e63615d87bf68fdcec5f51f14a569b86999af167e25a1b7394b18 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Tue, 31 Mar 2020 15:00:28 GMT content-encoding br alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 server Google Tag Manager access-control-allow-origin http://www.googletagmanager.com vary Accept-Encoding content-type application/javascript; charset=UTF-8 status 200 cache-control private, max-age=900 access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains access-control-allow-headers Cache-Control content-length 19187 x-xss-protection 0 expires Tue, 31 Mar 2020 15:00:28 GMT
GET H2	200	moatframe.js Show response z.moatads.com/addthismoatframe568911941483/	2 KB 1 KB	2082ms 22ms	Script application/x-javascript	95.101.185.246 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://z.moatads.com/addthismoatframe568911941483/moatframe.js Requested by Host: s7.addthis.com URL: https://s7.addthis.com/js/250/addthis_widget.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.101.185.246 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-185-246.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Tue, 31 Mar 2020 15:00:30 GMT content-encoding gzip last-modified Fri, 08 Nov 2019 20:13:52 GMT server AmazonS3 x-amz-request-id 3DA20F33DFB043F4 etag "f14b4e1f799b14f798a195f43cf58376" vary Accept-Encoding content-type application/x-javascript status 200 cache-control max-age=55667 accept-ranges bytes content-length 948 x-amz-id-2 g7+QTkfgFpKXdjIV1ns3PedgNVHG4mi9TLupYfjziOmGieTRD5DTu0V21U3C4oqBbTG5njMGxL0=
GET H2	200	mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2 fonts.gstatic.com/s/opensans/v17/	9 KB 9 KB	6ms 5ms	Font font/woff2	2a00:1450:4001:820::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2 Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800 Origin https://www.bankinfosecurity.com Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 10 Mar 2020 17:19:07 GMT x-content-type-options nosniff last-modified Tue, 23 Jul 2019 19:30:37 GMT server sffe age 1806080 content-type font/woff2 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-origin * content-length 9016 x-xss-protection 0 expires Wed, 10 Mar 2021 17:19:07 GMT
GET H/1.1	200 OK	fontawesome-webfont.woff www.bankinfosecurity.com/css-responsive/fonts/	43 KB 44 KB	134ms 133ms	Font application/font-woff	50.56.167.254 RMH-14
General Check archive.org Show headers Download Go to Full URL https://www.bankinfosecurity.com/css-responsive/fonts/fontawesome-webfont.woff?v=4.2.0 Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US), Reverse DNS Software Apache / Resource Hash 0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849 Request headers Referer https://www.bankinfosecurity.com/css-responsive/vendor/font-awesome.min.css Origin https://www.bankinfosecurity.com Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 31 Mar 2020 15:00:27 GMT Last-Modified Wed, 25 Mar 2020 18:45:31 GMT Server Apache ETag "ad90-5a1b245da5ad5" Content-Type application/font-woff Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 44432
GET H/1.1	200 OK	main.js Show response www.bankinfosecurity.com/javascripts-responsive/	37 KB 9 KB	135ms 135ms	Script application/javascript	50.56.167.254 RMH-14
General Check archive.org Show headers Download Go to Full URL https://www.bankinfosecurity.com/javascripts-responsive/main.js Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US), Reverse DNS Software Apache / Resource Hash 6cd08c8b7a6da3bb29c4fe03a127d5240b89ab5219039088fa5e4118e3d844d0 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Tue, 31 Mar 2020 15:00:27 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=86400, private, must-revalidate Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 8894
GET H/1.1	200 OK	bis-hdr.r1.js Show response www.bankinfosecurity.com/javascripts-responsive/	1 KB 766 B	132ms 132ms	Script application/javascript	50.56.167.254 RMH-14
General Check archive.org Show headers Download Go to Full URL https://www.bankinfosecurity.com/javascripts-responsive/bis-hdr.r1.js Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US), Reverse DNS Software Apache / Resource Hash 4c92262ff23b2116bad93fc1e36f1a597dc713ad8b3cd03d56f8e49bec4cb186 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Tue, 31 Mar 2020 15:00:27 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=86400, private, must-revalidate Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 455
GET H/1.1	200 OK	jquery.browser.js Show response www.bankinfosecurity.com/javascripts-responsive/	2 KB 1 KB	137ms 137ms	Script application/javascript	50.56.167.254 RMH-14
General Check archive.org Show headers Download Go to Full URL https://www.bankinfosecurity.com/javascripts-responsive/jquery.browser.js Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US), Reverse DNS Software Apache / Resource Hash bbe0aa82dca8a36f677fb17025c3baa011d355bd7cb42d4aacea1b0265855d6e Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Tue, 31 Mar 2020 15:00:27 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=86400, private, must-revalidate Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 1022
GET H/1.1	200 OK	jquery.prettyPhoto.js Show response www.bankinfosecurity.com/javascripts-responsive/	24 KB 7 KB	136ms 136ms	Script application/javascript	50.56.167.254 RMH-14
General Check archive.org Show headers Download Go to Full URL https://www.bankinfosecurity.com/javascripts-responsive/jquery.prettyPhoto.js Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US), Reverse DNS Software Apache / Resource Hash 1edbdbe7dd4c59e2fef20ef8dc4615a18d116fdf43daf018dce46a93e6cb153e Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Tue, 31 Mar 2020 15:00:27 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=86400, private, must-revalidate Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=95 Content-Length 6459
GET H2	200	mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2 fonts.gstatic.com/s/opensans/v17/	9 KB 9 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:820::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2 Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800 Origin https://www.bankinfosecurity.com Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 10 Mar 2020 17:00:48 GMT x-content-type-options nosniff last-modified Tue, 23 Jul 2019 19:31:11 GMT server sffe age 1807179 content-type font/woff2 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-origin * content-length 9080 x-xss-protection 0 expires Wed, 10 Mar 2021 17:00:48 GMT
GET H2	200	mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2 fonts.gstatic.com/s/opensans/v17/	9 KB 9 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:820::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2 Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800 Origin https://www.bankinfosecurity.com Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 10 Mar 2020 23:56:14 GMT x-content-type-options nosniff last-modified Tue, 23 Jul 2019 19:30:44 GMT server sffe age 1782253 content-type font/woff2 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-origin * content-length 9180 x-xss-protection 0 expires Wed, 10 Mar 2021 23:56:14 GMT
GET H2	200	memnYaGs126MiZpBA-UFUKWyV9hrIqOxjaPX.woff2 fonts.gstatic.com/s/opensans/v17/	10 KB 10 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:820::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v17/memnYaGs126MiZpBA-UFUKWyV9hrIqOxjaPX.woff2 Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 41c93545a4e2a1a46bca581d80fec8c8da014e13b310c65d694e4af30c7da9bd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800 Origin https://www.bankinfosecurity.com Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 05 Mar 2020 01:55:24 GMT x-content-type-options nosniff last-modified Tue, 23 Jul 2019 19:30:56 GMT server sffe age 2293503 content-type font/woff2 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-origin * content-length 9744 x-xss-protection 0 expires Fri, 05 Mar 2021 01:55:24 GMT
GET		ondemand-preview-w-255.mp4 f5bd7c2823d8d0533dcb-62d55445ed2ff88556926faa498f48fa.ssl.cf1.rackcdn.com/	0 0
GET H/1.1	200 OK	embed.js Show response bankinfosecurity.disqus.com/	67 KB 22 KB	819ms 22ms	Script application/javascript	151.101.12.134 FASTLY
General Check archive.org Show headers Download Go to Full URL https://bankinfosecurity.disqus.com/embed.js Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.12.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software openresty / Resource Hash 0fb726c410e19fe8beba57b9da7d132b7bb780fa00633dfef7508d377f680f38 Security Headers Name Value Strict-Transport-Security max-age=300; includeSubdomains Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Tue, 31 Mar 2020 15:00:29 GMT Content-Encoding gzip Server openresty Age 27 Vary Accept-Encoding Strict-Transport-Security max-age=300; includeSubdomains Content-Type application/javascript; charset=utf-8 Cache-Control private, max-age=60 X-Service router Connection keep-alive Link <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect Content-Length 22288
GET H2	200	analytics.js Show response www.google-analytics.com/	44 KB 18 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:81d::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Thu, 06 Feb 2020 00:21:02 GMT server Golfe2 age 1616 date Tue, 31 Mar 2020 14:33:32 GMT vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=7200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 18174 expires Tue, 31 Mar 2020 16:33:32 GMT
GET H/1.1	200 OK	tag.aspx Show response ml314.com/	26 KB 12 KB	3178ms 39ms	Script application/javascript	52.49.96.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ml314.com/tag.aspx?3122020 Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.49.96.126 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-49-96-126.eu-west-1.compute.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash c293a28e23c66b27bd04bc1742f3aab0ebf6c382961c1e83140f035a08ea5e5d Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Tue, 31 Mar 2020 15:00:31 GMT Content-Encoding gzip Last-Modified Tue, 31 Mar 2020 05:55:45 GMT Server Microsoft-IIS/10.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Cache-Control public, max-age=53714 Connection keep-alive Content-Length 11932 Expires Wed, 01 Apr 2020 05:55:45 GMT
GET H/1.1	200 OK	insight.min.js Show response sjs.bizographics.com/	3 KB 2 KB	8ms 7ms	Script application/x-javascript	2a02:26f0:1700:194::3adf AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://sjs.bizographics.com/insight.min.js Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1700:194::3adf , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software / Resource Hash 41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Tue, 31 Mar 2020 15:00:28 GMT Content-Encoding gzip Last-Modified Mon, 07 Oct 2019 16:41:31 GMT X-CDN AKAM Vary Accept-Encoding Content-Type application/x-javascript;charset=utf-8 Cache-Control max-age=13390 Connection keep-alive Accept-Ranges bytes Content-Length 1576
GET H2	200	livechat.ashx Show response vue.comm100.com/ Redirect Chain https://chatserver.comm100.com/livechat.ashx?siteId=92035 https://vue.comm100.com/livechat.ashx?siteId=92035	990 B 620 B	627ms 613ms	Script application/x-javascript	104.20.5.43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://vue.comm100.com/livechat.ashx?siteId=92035 Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.20.5.43 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash fe22e1de38d017229acd5f79c996496ced9db6983f125973821f1092b4430bc9 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 31 Mar 2020 15:00:33 GMT content-encoding gzip cf-cache-status DYNAMIC server cloudflare x-aspnet-version 4.0.30319 access-control-allow-origin * x-powered-by ASP.NET expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type application/x-javascript; charset=utf-8 status 200 cache-control no-cache, no-store cf-ray 57caf0ca395dc78d-AMS content-length 515 Redirect headers date Tue, 31 Mar 2020 15:00:32 GMT cf-cache-status DYNAMIC server cloudflare access-control-allow-origin * x-powered-by ASP.NET expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" location https://vue.comm100.com/livechat.ashx?siteId=92035 content-type text/html; charset=UTF-8 status 301 cf-ray 57caf0c51a2cc78d-AMS content-length 173
GET H/1.1	200 OK	2682.js Show response dnn506yrbagrg.cloudfront.net/pages/scripts/0021/	309 B 821 B	813ms 20ms	Script application/x-javascript	143.204.208.128 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dnn506yrbagrg.cloudfront.net/pages/scripts/0021/2682.js?440463 Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.208.128 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-208-128.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash 6caf904d3dfc096ae3b4e40aed43181686bdf1bac4722b3dd2a775ab6d2a9992 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Tue, 03 Mar 2020 19:31:54 GMT Via 1.1 850ccace60916919bf31313cb9176e01.cloudfront.net (CloudFront) Last-Modified Tue, 03 Mar 2020 19:14:28 GMT Server AmazonS3 Age 2402915 ETag "53b0291ca3900aca920ad48e9790c1b7" X-Cache Hit from cloudfront Content-Type application/x-javascript Cache-Control max-age=31536000 X-Amz-Cf-Pop FRA53-C1 Connection keep-alive Accept-Ranges bytes Content-Length 309 X-Amz-Cf-Id yhNg8Zh0rno276_-3-nNDX9owVURJ8Z10APEP35u5U5ExFCqZZLyfw==
GET H/1.1	200 OK	ajax.php Show response www.bankinfosecurity.com/	5 KB 2 KB	156ms 155ms	XHR text/html	50.56.167.254 RMH-14
General Check archive.org Show headers Download Go to Full URL https://www.bankinfosecurity.com/ajax.php?json=twitterWidget Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/javascripts-responsive/vendor/jquery.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US), Reverse DNS Software Apache / Resource Hash f26193de570ed55dd61682d9d42c625ff09e0da939f03d9e734d3841865dab68 Request headers Accept text/html, */*; q=0.01 Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Sec-Fetch-Dest empty X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Tue, 31 Mar 2020 15:00:27 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding Content-Type text/html; charset=UTF-8 Cache-Control no-store, no-cache, must-revalidate Transfer-Encoding chunked Connection Keep-Alive Keep-Alive timeout=5, max=94 Expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	_ate.track.config_resp Show response v1.addthisedge.com/live/boost/ra-4fd21f2b39b17192/	166 B 325 B	308ms 305ms	Script application/javascript	23.210.248.44 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://v1.addthisedge.com/live/boost/ra-4fd21f2b39b17192/_ate.track.config_resp Requested by Host: s7.addthis.com URL: https://s7.addthis.com/js/250/addthis_widget.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-210-248-44.deploy.static.akamaitechnologies.com Software / Resource Hash 4cf8b4da854cac70fb514c2d255e93904353bda1fcc7229de2f59d5971d83028 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Tue, 31 Mar 2020 15:00:28 GMT content-encoding gzip etag 659743217 vary Accept-Encoding content-type application/javascript;charset=utf-8 status 200 cache-control public, max-age=58, s-maxage=86400 content-disposition attachment; filename=1.txt content-length 154
GET H/1.1	206 Partial Content	ondemand-preview-w-255.mp4 f5bd7c2823d8d0533dcb-62d55445ed2ff88556926faa498f48fa.ssl.cf1.rackcdn.com/	3 MB 0	1147ms 28ms	Media video/mp4	95.101.184.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://f5bd7c2823d8d0533dcb-62d55445ed2ff88556926faa498f48fa.ssl.cf1.rackcdn.com/ondemand-preview-w-255.mp4 Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.184.183 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-183.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Sec-Fetch-Dest video Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Range bytes=0- Response headers Date Tue, 31 Mar 2020 15:00:29 GMT Last-Modified Fri, 05 Jul 2013 12:56:36 GMT X-Trans-Id txe5dc40a8c59646debeca8-005e720e37dfw1 ETag e5d65b36cc2f1ee7de6cc53cd6609280 Content-Type video/mp4 Content-Range bytes 0-10621769/10621770 X-Timestamp 1373028995.98411 Cache-Control public, max-age=14 Connection keep-alive Accept-Ranges bytes Content-Length 10621770 Expires Tue, 31 Mar 2020 15:00:43 GMT
GET H2	200	sdUszzU8_normal.jpg pbs.twimg.com/profile_images/1237723850755969025/	2 KB 2 KB	7ms 6ms	Image image/jpeg	2606:2800:134:1a0d:1429:742:782:b6 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://pbs.twimg.com/profile_images/1237723850755969025/sdUszzU8_normal.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (fcn/418A) / Resource Hash 18a0b61ff468292b649079b7fdffc46fa976698a7e5034e57b4abb4b68b1e73d Security Headers Name Value Strict-Transport-Security max-age=631138519 X-Content-Type-Options nosniff Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Tue, 31 Mar 2020 15:00:28 GMT x-content-type-options nosniff age 525440 x-cache HIT status 200 content-length 2035 x-response-time 124 surrogate-key profile_images profile_images/bucket/0 profile_images/1237723850755969025 last-modified Wed, 11 Mar 2020 12:53:36 GMT server ECS (fcn/418A) strict-transport-security max-age=631138519 content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control max-age=604800, must-revalidate x-connection-hash fcfbb17716055ba74dec1eeed98c81eb accept-ranges bytes
GET H2	200	_33VjOc9_normal.jpg pbs.twimg.com/profile_images/633272018654396416/	2 KB 2 KB	7ms 7ms	Image image/jpeg	2606:2800:134:1a0d:1429:742:782:b6 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://pbs.twimg.com/profile_images/633272018654396416/_33VjOc9_normal.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (fcn/419A) / Resource Hash d67e0c4a1210c593ac10e6cf84f74996413ea4a0b202fde651887f09d7b9bbb2 Security Headers Name Value Strict-Transport-Security max-age=631138519 X-Content-Type-Options nosniff Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Tue, 31 Mar 2020 15:00:28 GMT x-content-type-options nosniff age 186562 x-cache HIT status 200 content-length 1579 x-response-time 127 surrogate-key profile_images profile_images/bucket/8 profile_images/633272018654396416 last-modified Mon, 17 Aug 2015 13:37:49 GMT server ECS (fcn/419A) strict-transport-security max-age=631138519 content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control max-age=604800, must-revalidate x-connection-hash da4d196617ed4af3dcc5f11c633957fb accept-ranges bytes
GET H2	200	eFoL_pj-_normal.jpg pbs.twimg.com/profile_images/1222069058373390336/	2 KB 2 KB	7ms 6ms	Image image/jpeg	2606:2800:134:1a0d:1429:742:782:b6 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://pbs.twimg.com/profile_images/1222069058373390336/eFoL_pj-_normal.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (fcn/40B2) / Resource Hash 14f8aada46cc71222a04254a68d2222dd286f87c5279a4db44d4e67cb6cc1bc6 Security Headers Name Value Strict-Transport-Security max-age=631138519 X-Content-Type-Options nosniff Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Tue, 31 Mar 2020 15:00:28 GMT x-content-type-options nosniff age 108054 x-cache HIT status 200 content-length 2111 x-response-time 123 surrogate-key profile_images profile_images/bucket/0 profile_images/1222069058373390336 last-modified Tue, 28 Jan 2020 08:07:03 GMT server ECS (fcn/40B2) strict-transport-security max-age=631138519 content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control max-age=604800, must-revalidate x-connection-hash fd1eddae79107fe9e5246eeb8b32b3b2 accept-ranges bytes
GET H2	200	a8b65f6a1741585ab894fac80d77e45b_normal.jpeg pbs.twimg.com/profile_images/378800000307027766/	1 KB 1 KB	6ms 6ms	Image image/jpeg	2606:2800:134:1a0d:1429:742:782:b6 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://pbs.twimg.com/profile_images/378800000307027766/a8b65f6a1741585ab894fac80d77e45b_normal.jpeg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (fcn/418A) / Resource Hash 3698af6d5e67197367996162542727f1dd9dd843a42ef156d06b7afd8a38b12c Security Headers Name Value Strict-Transport-Security max-age=631138519 X-Content-Type-Options nosniff Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Tue, 31 Mar 2020 15:00:28 GMT x-content-type-options nosniff age 546720 x-cache HIT status 200 content-length 1123 x-response-time 131 surrogate-key profile_images profile_images/bucket/8 profile_images/378800000307027766 last-modified Sat, 14 Sep 2013 08:36:52 GMT server ECS (fcn/418A) strict-transport-security max-age=631138519 content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control max-age=604800, must-revalidate x-connection-hash 731f9187e1a5cbd0e5249e7f351af91f accept-ranges bytes
GET H2	200	P_02hGXs_normal.jpg pbs.twimg.com/profile_images/1170679435110092801/	2 KB 2 KB	6ms 6ms	Image image/jpeg	2606:2800:134:1a0d:1429:742:782:b6 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://pbs.twimg.com/profile_images/1170679435110092801/P_02hGXs_normal.jpg Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (fcn/41AC) / Resource Hash 25e531ad62842b7dcd3383e2a60d2d0dfbe28c5e48ba82d017febf7f589f0e1c Security Headers Name Value Strict-Transport-Security max-age=631138519 X-Content-Type-Options nosniff Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Tue, 31 Mar 2020 15:00:28 GMT x-content-type-options nosniff age 3522 x-cache HIT status 200 content-length 2187 x-response-time 126 surrogate-key profile_images profile_images/bucket/9 profile_images/1170679435110092801 last-modified Sun, 08 Sep 2019 12:43:02 GMT server ECS (fcn/41AC) strict-transport-security max-age=631138519 content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control max-age=604800, must-revalidate x-connection-hash 3ef4a04eeef75f221a9a7743c089355c accept-ranges bytes
GET H2	200	2682.js Show response script.crazyegg.com/pages/scripts/0021/	25 KB 10 KB	16ms 15ms	Script text/javascript	2606:4700::6813:9308 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.crazyegg.com/pages/scripts/0021/2682.js Requested by Host: dnn506yrbagrg.cloudfront.net URL: https://dnn506yrbagrg.cloudfront.net/pages/scripts/0021/2682.js?440463 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2fea43f25c14882a39252545543608f3f93d199700513fe755fcfc2f14afc02f Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Tue, 31 Mar 2020 15:00:28 GMT content-encoding gzip cf-cache-status HIT last-modified Mon, 30 Mar 2020 18:25:30 GMT server cloudflare age 73463 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript status 200 cache-control max-age=300 accept-ranges bytes cf-ray 57caf0af8f643248-FRA access-control-allow-origin * content-length 9654
GET H2	200	integrator.js Show response adservice.google.de/adsid/	109 B 171 B	16ms 16ms	Script application/javascript	2a00:1450:4001:814::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.bankinfosecurity.com Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Tue, 31 Mar 2020 15:00:28 GMT content-encoding gzip x-content-type-options nosniff content-type application/javascript; charset=UTF-8 server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." status 200 cache-control private, no-cache, no-store content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 104 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	109 B 171 B	15ms 15ms	Script application/javascript	2a00:1450:4001:800::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.bankinfosecurity.com Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Tue, 31 Mar 2020 15:00:28 GMT content-encoding gzip x-content-type-options nosniff content-type application/javascript; charset=UTF-8 server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." status 200 cache-control private, no-cache, no-store content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 104 x-xss-protection 0
GET H2	200	pubads_impl_2020032302.js Show response securepubads.g.doubleclick.net/gpt/	168 KB 62 KB	1134ms 64ms	Script text/javascript	172.217.22.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032302.js Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.22.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s18-in-f98.1e100.net Software sffe / Resource Hash 26fd020a6c1f169eab6b6232014e6e6d067788f63a8995b682ee77d6f41b56cd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Tue, 31 Mar 2020 15:00:29 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 23 Mar 2020 17:22:36 GMT server sffe vary Accept-Encoding content-type text/javascript status 200 cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 62957 x-xss-protection 0 expires Tue, 31 Mar 2020 15:00:29 GMT
GET H2	200	collect px.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=749&url=https%3A%2F%2Fwww.bankinfosecurity.com%2Fhijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022&time=1585666828639 https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D749%26url%3Dhttps%253A%252F%252Fwww.bankinfosecurity.com%252Fhijacked-routers-ste... https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=749&url=https%3A%2F%2Fwww.bankinfosecurity.com%2Fhijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022&time=1585666828639&liSync=true	0 64 B	170ms 170ms	Image application/javascript	2a05:f500:10:101::b93f:9105 LINKEDIN
General Check archive.org Show headers Download Go to Show image Full URL https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=749&url=https%3A%2F%2Fwww.bankinfosecurity.com%2Fhijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022&time=1585666828639&liSync=true Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a05:f500:10:101::b93f:9105 , Ireland, ASN14413 (LINKEDIN, US), Reverse DNS Software Play / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 31 Mar 2020 15:00:29 GMT server Play linkedin-action 1 x-li-fabric prod-ltx1 status 200 x-li-proto http/2 x-li-pop prod-efr5 content-type application/javascript content-length 0 x-li-uuid 54Zyb5RrARaAW+acGSsAAA== Redirect headers date Tue, 31 Mar 2020 15:00:28 GMT x-content-type-options nosniff linkedin-action 1 status 302 strict-transport-security max-age=2592000 content-length 0 x-li-uuid V7fBZZRrARawfoCV8ioAAA== server Play pragma no-cache x-li-pop prod-efr5 expect-ct max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct" x-frame-options sameorigin x-li-fabric prod-ltx1 location https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=749&url=https%3A%2F%2Fwww.bankinfosecurity.com%2Fhijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022&time=1585666828639&liSync=true x-xss-protection 1; mode=block cache-control no-cache, no-store content-security-policy default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l x-li-proto http/2 expires Thu, 01 Jan 1970 00:00:00 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	2 B 104 B	19ms 18ms	XHR text/plain	2a00:1450:4001:81d::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j81&a=2076495057&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bankinfosecurity.com%2Fhijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022&ul=en-us&de=UTF-8&dt=Hijacked%20Routers%20Steering%20Users%20to%20Malicious%20COVID-19%20Sites&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEDAAMABAAAAAC~&jid=1234597688&gjid=382633725&cid=10344982.1585666829&tid=UA-212197-36&_gid=328572495.1585666829&_r=1&z=694027701 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Origin https://www.bankinfosecurity.com Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 31 Mar 2020 15:00:28 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 status 200 content-type text/plain access-control-allow-origin https://www.bankinfosecurity.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	collect www.google-analytics.com/r/	35 B 111 B	13ms 13ms	Image image/gif	2a00:1450:4001:81d::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/r/collect?v=1&_v=j81&a=2076495057&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bankinfosecurity.com%2Fhijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022&ul=en-us&de=UTF-8&dt=Hijacked%20Routers%20Steering%20Users%20to%20Malicious%20COVID-19%20Sites&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=1950009389&gjid=568725084&cid=10344982.1585666829&tid=UA-212197-2&_gid=328572495.1585666829&_r=1&z=1454901103 Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers pragma no-cache date Tue, 31 Mar 2020 15:00:28 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 access-control-allow-origin * content-type image/gif status 200 cache-control no-cache, no-store, must-revalidate alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	collect www.google-analytics.com/	35 B 110 B	6ms 6ms	Image image/gif	2a00:1450:4001:81d::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j81&a=2076495057&t=event&_s=2&dl=https%3A%2F%2Fwww.bankinfosecurity.com%2Fhijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022&ul=en-us&de=UTF-8&dt=Hijacked%20Routers%20Steering%20Users%20to%20Malicious%20COVID-19%20Sites&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=dailyemailupdates&ea=impression&el=&_u=IEDAAMABAAAAAC~&jid=&gjid=&cid=10344982.1585666829&tid=UA-212197-2&_gid=328572495.1585666829&z=511963123 Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers pragma no-cache date Thu, 27 Feb 2020 09:56:15 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 2869453 content-type image/gif status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 cache-control no-cache, no-store, must-revalidate access-control-allow-origin * content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	1 B 104 B	15ms 15ms	XHR text/plain	2a00:1450:400c:c08::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-212197-36&cid=10344982.1585666829&jid=1234597688&gjid=382633725&_gid=328572495.1585666829&_u=IEDAAMABAAAAAC~&z=239437218 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Origin https://www.bankinfosecurity.com Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Tue, 31 Mar 2020 15:00:28 GMT status 200 content-type text/plain access-control-allow-origin https://www.bankinfosecurity.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	lounge.b362154b0539d5d23b6125bb3e3735c6.css c.disquscdn.com/next/embed/styles/	0 21 KB	17ms 15ms	Other text/css	2606:4700::6810:4fa6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.disquscdn.com/next/embed/styles/lounge.b362154b0539d5d23b6125bb3e3735c6.css Requested by Host: bankinfosecurity.disqus.com URL: https://bankinfosecurity.disqus.com/embed.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:4fa6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=300; includeSubdomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest empty Response headers date Tue, 31 Mar 2020 15:00:29 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT age 408269 cf-ray 57caf0b3fda9d6c5-FRA status 200 vary Accept-Encoding content-length 21796 x-xss-protection 1; mode=block last-modified Thu, 26 Mar 2020 17:38:55 GMT server cloudflare etag "5e7ce8af-5524" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=300; includeSubdomains content-type text/css; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000, public, immutable, no-transform accept-ranges bytes timing-allow-origin * expires Fri, 26 Mar 2021 21:35:59 GMT
GET H2	200	common.bundle.35e517736a0f081c6fbaee05b4da1b3a.js c.disquscdn.com/next/embed/	0 89 KB	18ms 17ms	Other application/javascript	2606:4700::6810:4fa6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.disquscdn.com/next/embed/common.bundle.35e517736a0f081c6fbaee05b4da1b3a.js Requested by Host: bankinfosecurity.disqus.com URL: https://bankinfosecurity.disqus.com/embed.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:4fa6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=300; includeSubdomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest empty Response headers date Tue, 31 Mar 2020 15:00:29 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT age 651249 cf-ray 57caf0b3fdacd6c5-FRA status 200 vary Accept-Encoding content-length 90458 x-xss-protection 1; mode=block last-modified Wed, 18 Mar 2020 17:54:58 GMT server cloudflare etag "5e726072-1615a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=300; includeSubdomains content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000, public, immutable, no-transform accept-ranges bytes timing-allow-origin * expires Fri, 19 Mar 2021 17:49:00 GMT
GET H2	200	lounge.bundle.24cead898f86515a9757ee11b7b34eb3.js c.disquscdn.com/next/embed/	0 108 KB	17ms 16ms	Other application/javascript	2606:4700::6810:4fa6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.disquscdn.com/next/embed/lounge.bundle.24cead898f86515a9757ee11b7b34eb3.js Requested by Host: bankinfosecurity.disqus.com URL: https://bankinfosecurity.disqus.com/embed.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:4fa6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=300; includeSubdomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest empty Response headers date Tue, 31 Mar 2020 15:00:29 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT age 67893 cf-ray 57caf0b3fdaed6c5-FRA status 200 vary Accept-Encoding content-length 110812 x-xss-protection 1; mode=block last-modified Mon, 30 Mar 2020 17:53:20 GMT server cloudflare etag "5e823210-1b0dc" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=300; includeSubdomains content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000, public, immutable, no-transform accept-ranges bytes timing-allow-origin * expires Tue, 30 Mar 2021 20:08:54 GMT
GET H/1.1	200 OK	config.js disqus.com/next/	0 6 KB	274ms 18ms	Other application/javascript	151.101.0.134 FASTLY
General Check archive.org Show headers Download Go to Full URL https://disqus.com/next/config.js Requested by Host: bankinfosecurity.disqus.com URL: https://bankinfosecurity.disqus.com/embed.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.0.134 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=300; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest empty Response headers Timing-Allow-Origin * Date Tue, 31 Mar 2020 15:00:29 GMT X-Content-Type-Options nosniff Server nginx Age 39 X-Frame-Options SAMEORIGIN Connection keep-alive p3p CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM" Access-Control-Allow-Origin * Cache-Control public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60 Strict-Transport-Security max-age=300; includeSubdomains Content-Type application/javascript; charset=UTF-8 Content-Length 5816 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	/ disqus.com/embed/comments/ Frame 1DB5	0 0	160ms 125ms	Document text/html	151.101.0.134 FASTLY
General Check archive.org Show headers Download Go to Full URL https://disqus.com/embed/comments/?base=default&f=bankinfosecurity&t_u=https%3A%2F%2Fwww.bankinfosecurity.com%2Fhijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022&t_d=Hijacked%20Routers%20Steering%20Users%20to%20Malicious%20COVID-19%20Sites&t_t=Hijacked%20Routers%20Steering%20Users%20to%20Malicious%20COVID-19%20Sites&s_o=default Requested by Host: bankinfosecurity.disqus.com URL: https://bankinfosecurity.disqus.com/embed.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.0.134 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Content-Security-Policy script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ 'unsafe-inline' https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ https://apis.google.com https://www.google.com/recaptcha/ https://disqus.com Strict-Transport-Security max-age=300; includeSubdomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Host disqus.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest iframe Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest iframe Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Response headers Server nginx Content-Security-Policy script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ 'unsafe-inline' https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ https://apis.google.com https://www.google.com/recaptcha/ https://disqus.com Link <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch Cache-Control stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5 p3p CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM" Timing-Allow-Origin * X-Content-Type-Options nosniff X-XSS-Protection 1; mode=block Content-Type text/html; charset=utf-8 Last-Modified Fri, 27 Mar 2020 15:08:22 GMT ETag W/"lounge:view:7937317670.fbc5fed55645f9da27b7ac4b92119758.2" Content-Encoding gzip Content-Length 2671 Date Tue, 31 Mar 2020 15:00:29 GMT Age 8 Connection keep-alive Vary Accept-Encoding Strict-Transport-Security max-age=300; includeSubdomains
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	131 KB 13 KB	164ms 164ms	XHR text/plain	172.217.22.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=374133468699695&correlator=2951347906364176&output=ldjh&impl=fifs&adsid=NT&eid=21064366%2C21065390%2C21065735&vrg=2020032302&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200331&iu_parts=4444691%2CBIS_TOP_728x90%2CBIS_MID_RB_300x250%2CBIS_MID_RB_2_300x250%2CBIS_MID_RB_3_300x250%2CBIS_MID_RB_300x600%2CBIS_MID_L_180x150%2CBIS_MID_R_180x150%2CBIS_MID2_L_180x150%2CBIS_MID2_R_180x150%2CBIS_TEXT_1%2CBIS_TEXT_2%2CBIS_BOTTOM_728x90%2CBIS_MID_728x90%2CBIS_Interstitial%2CBIS_TOP_320x50%2CBIS_BOTTOM_320x50%2CBIS_MID_320x50%2CBIS_CAT_LOGO&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F11%2C%2F0%2F12%2C%2F0%2F13%2C%2F0%2F14%2C%2F0%2F15%2C%2F0%2F16%2C%2F0%2F17%2C%2F0%2F18&prev_iu_szs=728x90%2C300x250%2C300x250%2C300x250%2C300x600%2C180x150%2C180x150%2C180x150%2C180x150%2C280x70%2C280x70%2C728x90%2C728x90%2C640x480%2C320x50%2C320x50%2C320x50%2C216x54&cust_params=category%3D%255B497%252C416%252C506%252C409%252C410%252C93%252C465%255D%26gated%3Dn&cookie_enabled=1&bc=31&abxe=1&lmt=1585666829&dt=1585666829971&dlt=1585666826348&idt=3600&frm=20&biw=1585&bih=1200&oid=3&adxs=608%2C1018%2C1018%2C-9%2C1003%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C15%2C-9%2C-12245933%2C-12245933%2C-12245933%2C-9%2C-12245933&adys=71%2C587%2C3985%2C-9%2C2178%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C4385%2C-9%2C-12245933%2C-12245933%2C-12245933%2C-9%2C-12245933&adks=606436291%2C592806581%2C4037182823%2C700692632%2C585369811%2C2214922354%2C1142555781%2C3687202745%2C1536889060%2C1397140349%2C824892936%2C1158310571%2C1554130010%2C3082656849%2C1657167512%2C3519266287%2C3120678580%2C3463778582&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg%7Ch%7Ci&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.bankinfosecurity.com%2Fhijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022&dssz=71&icsg=824633469695&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=800x90%7C360x0%7C360x0%7C0x-1%7C390x595%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C1585x90%7C0x-1%7C0x-1%7C0x0%7C0x0%7C0x-1%7C780x4022&msz=770x90%7C360x250%7C360x250%7C0x-1%7C390x600%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C1555x90%7C0x-1%7C0x-1%7C0x0%7C0x0%7C0x-1%7C236x64&ga_vid=1187881504.1585666830&ga_sid=1585666830&ga_hid=2076495057&fws=0%2C0%2C0%2C2%2C0%2C2%2C2%2C2%2C2%2C2%2C2%2C0%2C2%2C644%2C128%2C128%2C2%2C128&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C1585%2C0%2C0%2C0%2C0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032302.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.22.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s18-in-f98.1e100.net Software cafe / Resource Hash 7844899cc700e950a0e440119f6a5e75437d34b5054d17b81e8879c642304288 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Origin https://www.bankinfosecurity.com Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 31 Mar 2020 15:00:30 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 12243 x-xss-protection 0 google-lineitem-id 5306369483,5301120422,5301120422,5306369483,5306369483,-2,-2,-2,-2,-2,-2,5306369483,5301120422,5317949205,-2,-2,-2,-2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138307387065,138303680626,138303269328,138307386885,138303639696,-2,-2,-2,-2,-2,-2,138307387272,138303319436,138305107121,-2,-2,-2,-2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.bankinfosecurity.com access-control-expose-headers x-google-amp-ad-validated-version cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pubads_impl_rendering_2020032302.js Show response securepubads.g.doubleclick.net/gpt/	67 KB 25 KB	55ms 55ms	Script text/javascript	172.217.22.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032302.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032302.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.22.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s18-in-f98.1e100.net Software sffe / Resource Hash a07183e063a79a699b732e200a3accdf4716cbc6e8bf8a6a709b9adba07d998d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Tue, 31 Mar 2020 15:00:30 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 23 Mar 2020 17:22:36 GMT server sffe vary Accept-Encoding content-type text/javascript status 200 cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 25234 x-xss-protection 0 expires Tue, 31 Mar 2020 15:00:30 GMT
GET H2	200	container.html tpc.googlesyndication.com/safeframe/1-0-37/html/	0 0	10ms 10ms	Other text/html	2a00:1450:4001:816::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032302.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest empty Response headers
GET H2	200	amp4ads-v0.js Show response cdn.ampproject.org/rtv/012003101714470/ Frame F05D	200 KB 55 KB	8ms 6ms	Script text/javascript	2a00:1450:4001:81b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012003101714470/amp4ads-v0.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032302.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4486f4e70d7321e8f64da51c38b50767e846bdaf4ef3441d628f27a4f8952c10 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Origin https://www.bankinfosecurity.com Sec-Fetch-Dest script User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 6725 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 55811 x-xss-protection 0 server sffe date Tue, 31 Mar 2020 13:08:25 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "789295de90cb321e" accept-ranges bytes timing-allow-origin * expires Wed, 31 Mar 2021 13:08:25 GMT
GET H2	200	amp4ads-v0.js Show response cdn.ampproject.org/rtv/012003101714470/ Frame F05D	200 KB 55 KB	7ms 5ms	Script text/javascript	2a00:1450:4001:81b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012003101714470/amp4ads-v0.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032302.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4486f4e70d7321e8f64da51c38b50767e846bdaf4ef3441d628f27a4f8952c10 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 6725 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 55811 x-xss-protection 0 server sffe date Tue, 31 Mar 2020 13:08:25 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "789295de90cb321e" accept-ranges bytes timing-allow-origin * expires Wed, 31 Mar 2021 13:08:25 GMT
GET H2	200	amp-analytics-0.1.js Show response cdn.ampproject.org/rtv/012003101714470/v0/ Frame F05D	92 KB 28 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:81b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012003101714470/v0/amp-analytics-0.1.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032302.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e17e03dc3ff1767a8d185975a2bf392068a0b2f2848503c38ceaa3f10fb0ea84 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 6664 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 28328 x-xss-protection 0 server sffe date Tue, 31 Mar 2020 13:09:26 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "f4788313c10056ed" accept-ranges bytes timing-allow-origin * expires Wed, 31 Mar 2021 13:09:26 GMT
GET DATA	200 OK	truncated / Frame F05D	217 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9f19c4e619e54bee4cc0378d2fb4c1362e0550a9680fa21b9d436720f9effc14 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET H2	200	amp4ads-host-v0.js Show response cdn.ampproject.org/rtv/012003101714470/	20 KB 7 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:81b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012003101714470/amp4ads-host-v0.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032302.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c2b0d171a4179bf00898c430c1c15464e528aff5762fc70a5d02184834c82eff Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 6415 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 7178 x-xss-protection 0 server sffe date Tue, 31 Mar 2020 13:13:35 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "9d3d923337ef7e9b" accept-ranges bytes timing-allow-origin * expires Wed, 31 Mar 2021 13:13:35 GMT
GET H2	200	amp4ads-v0.js Show response cdn.ampproject.org/rtv/012003101714470/ Frame 3D28	200 KB 55 KB	8ms 5ms	Script text/javascript	2a00:1450:4001:81b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012003101714470/amp4ads-v0.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032302.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4486f4e70d7321e8f64da51c38b50767e846bdaf4ef3441d628f27a4f8952c10 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Origin https://www.bankinfosecurity.com Sec-Fetch-Dest script User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 6725 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 55811 x-xss-protection 0 server sffe date Tue, 31 Mar 2020 13:08:25 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "789295de90cb321e" accept-ranges bytes timing-allow-origin * expires Wed, 31 Mar 2021 13:08:25 GMT
GET H2	200	amp4ads-v0.js Show response cdn.ampproject.org/rtv/012003101714470/ Frame 3D28	200 KB 55 KB	10ms 5ms	Script text/javascript	2a00:1450:4001:81b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012003101714470/amp4ads-v0.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032302.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4486f4e70d7321e8f64da51c38b50767e846bdaf4ef3441d628f27a4f8952c10 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 6725 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 55811 x-xss-protection 0 server sffe date Tue, 31 Mar 2020 13:08:25 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "789295de90cb321e" accept-ranges bytes timing-allow-origin * expires Wed, 31 Mar 2021 13:08:25 GMT
GET H2	200	amp-analytics-0.1.js Show response cdn.ampproject.org/rtv/012003101714470/v0/ Frame 3D28	92 KB 28 KB	14ms 12ms	Script text/javascript	2a00:1450:4001:81b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012003101714470/v0/amp-analytics-0.1.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032302.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e17e03dc3ff1767a8d185975a2bf392068a0b2f2848503c38ceaa3f10fb0ea84 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 6664 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 28328 x-xss-protection 0 server sffe date Tue, 31 Mar 2020 13:09:26 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "f4788313c10056ed" accept-ranges bytes timing-allow-origin * expires Wed, 31 Mar 2021 13:09:26 GMT
GET DATA	200 OK	truncated / Frame 3D28	212 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 519fa59b14fe4820e4c2c661b324abff932828ab5747d288fd7bcd504b5697dd Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET H2	200	amp4ads-v0.js Show response cdn.ampproject.org/rtv/012003101714470/ Frame 8360	200 KB 55 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:81b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012003101714470/amp4ads-v0.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032302.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4486f4e70d7321e8f64da51c38b50767e846bdaf4ef3441d628f27a4f8952c10 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Origin https://www.bankinfosecurity.com Sec-Fetch-Dest script User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 6725 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 55811 x-xss-protection 0 server sffe date Tue, 31 Mar 2020 13:08:25 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "789295de90cb321e" accept-ranges bytes timing-allow-origin * expires Wed, 31 Mar 2021 13:08:25 GMT
GET H2	200	amp4ads-v0.js Show response cdn.ampproject.org/rtv/012003101714470/ Frame 8360	200 KB 55 KB	10ms 10ms	Script text/javascript	2a00:1450:4001:81b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012003101714470/amp4ads-v0.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032302.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4486f4e70d7321e8f64da51c38b50767e846bdaf4ef3441d628f27a4f8952c10 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 6725 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 55811 x-xss-protection 0 server sffe date Tue, 31 Mar 2020 13:08:25 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "789295de90cb321e" accept-ranges bytes timing-allow-origin * expires Wed, 31 Mar 2021 13:08:25 GMT
GET H2	200	amp-analytics-0.1.js Show response cdn.ampproject.org/rtv/012003101714470/v0/ Frame 8360	92 KB 28 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:81b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012003101714470/v0/amp-analytics-0.1.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032302.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e17e03dc3ff1767a8d185975a2bf392068a0b2f2848503c38ceaa3f10fb0ea84 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 6664 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 28328 x-xss-protection 0 server sffe date Tue, 31 Mar 2020 13:09:26 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "f4788313c10056ed" accept-ranges bytes timing-allow-origin * expires Wed, 31 Mar 2021 13:09:26 GMT
GET DATA	200 OK	truncated / Frame 8360	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e06b3d52f07f5f861fcbe919130889de1aa2458bd0ea15200a5780e91a45c33a Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET H2	200	8097704371802300227 tpc.googlesyndication.com/simgad/ Frame F05D	31 KB 31 KB	7ms 6ms	Image image/png	2a00:1450:4001:816::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/8097704371802300227 Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f7ae06de7f6eb25d9f3f1eef277adfdcd1c559177daf98de2fd3f0606fc73ad2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Fri, 27 Mar 2020 20:48:30 GMT x-content-type-options nosniff age 324720 x-dns-prefetch-control off status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 31937 x-xss-protection 0 last-modified Fri, 27 Mar 2020 19:58:38 GMT server sffe content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 27 Mar 2021 20:48:30 GMT
GET H2	200	view securepubads.g.doubleclick.net/pcs/ Frame F05D	0 309 B	33ms 32ms	Image image/gif	172.217.22.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss8pKme3z0GHNX9HaYIHG2vDZl0dxc6rE3gD76D39e6mMw8OnFgBOSD6kIPWDSktmeMWwJ-57nTlDDPkU9ihLIWdxKxVyuQdc14YrKo7gAVFQPiUheO7MuX2H4VfL1MZLBJpba4_nVuar0553xpe7hIy5ZjC436H_MeseUhTCE5GDC0uy0VEiY4bhkCQip8XJvmK0GLBzx0-foZ4TnTQ21rYa9wiOdaWxZCc_3a7Z1PSM80aDKWbUzxHzvyzEabntvPog48cw9wUR4zCTuJku4&sai=AMfl-YRi_S6nVuL9YPf86L-vrrOA4WczCQV8eEGZDvcievlIgP5BZx7POTPZ7nJb680OhS32ZUmhhltWQDHqwT7DaCSEBgnF9O_VgWl37GnPGA&sig=Cg0ArKJSzDbMPtgZpsh1EAE&adurl= Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.22.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s18-in-f98.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Tue, 31 Mar 2020 15:00:30 GMT x-content-type-options nosniff content-type image/gif server cafe access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 cache-control private timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Tue, 31 Mar 2020 15:00:30 GMT
GET H2	200	12054981889413655668 tpc.googlesyndication.com/simgad/ Frame 3D28	161 KB 161 KB	8ms 8ms	Image image/png	2a00:1450:4001:816::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/12054981889413655668 Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2cd1f8be0e57181c86cbe42bf87d2076ba7ef78ab2b49bf17e4f225850cee6de Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Tue, 31 Mar 2020 02:20:40 GMT x-content-type-options nosniff age 45590 x-dns-prefetch-control off status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 164373 x-xss-protection 0 last-modified Thu, 30 Jan 2020 16:42:48 GMT server sffe content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 31 Mar 2021 02:20:40 GMT
GET H2	200	view securepubads.g.doubleclick.net/pcs/ Frame 3D28	0 289 B	34ms 33ms	Image image/gif	172.217.22.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstlBLk9pA5DIA3OYrp-Lq7YxdoGTPpF61Y6FNcekucLNLFGZd5dcKRdy15VlHi_gKUHwuTPA9BV-WgDXUyGKuGCabZiEvrMHzXW9tPpN91gk-ESMcc4gN1kzVePwIXuxg_IGNX29K-OpyJVa6F-FwCmAS-QtQcm9uD-W0F2g9lPDbQO0IyGY1Q1gjIWMHM1XDfV2vm6TGjmb7MhsjQW3eAg0wBCmHOh_2EoQRZGxULVoEZQUiQqhrYBNYuoYU7Mwbh6b4-4_XZO8tKHOSVWs3lGJTXz&sai=AMfl-YSI5MczkFxd_x_KxnxhzF3nkczRE_ZbaISzkadUINzJ-b9EjiVABVvjI0X5K00rdIQdPPQx7GWxgqnTbw1ryWjmViF3Z0G0O198bNxfig&sig=Cg0ArKJSzBmsWHCNMdE7EAE&adurl= Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.22.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s18-in-f98.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Tue, 31 Mar 2020 15:00:30 GMT x-content-type-options nosniff content-type image/gif server cafe access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 cache-control private timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Tue, 31 Mar 2020 15:00:30 GMT
GET H2	200	12054981889413655668 tpc.googlesyndication.com/simgad/ Frame 8360	161 KB 161 KB	10ms 10ms	Image image/png	2a00:1450:4001:816::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/12054981889413655668 Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2cd1f8be0e57181c86cbe42bf87d2076ba7ef78ab2b49bf17e4f225850cee6de Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Tue, 31 Mar 2020 02:20:40 GMT x-content-type-options nosniff age 45590 x-dns-prefetch-control off status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 164373 x-xss-protection 0 last-modified Thu, 30 Jan 2020 16:42:48 GMT server sffe content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 31 Mar 2021 02:20:40 GMT
GET H2	200	view securepubads.g.doubleclick.net/pcs/ Frame 8360	0 290 B	34ms 33ms	Image image/gif	172.217.22.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuPK-WuFq898fXym3-1jXaVyBUR0OtGsrti2_ujxVeqWGGoGx9eYwfB0myePOioW7rXML5y0yziIqjQVRTCHH-AaC4kNcdFygtwlFkdFvU1DuKTrDn1o23hOPs03DAKtOVQ7RSmMxPaQ1do6n0U4qniiyCL_vwo1n3RkaGulfPYEaR6MSrZWRGjxmFt58opeEvUk-RRpIOGX--XEqKqkbcgp44tRUH1bNMEnwBLVkfbSSJijpt6TRSAK4c24c3MO41yCYJ8nje2aoitykiov3KPkZ-3vM4&sai=AMfl-YTwyTjBkZkFJgc6pf6rtEEib84idqOLi0gAjp-XR6afmM8lFDGJVRxgZs7EBS2IEGVw7YYILUPuWDriZvvRhqGZiokyCC-r45ZRK2_-Qw&sig=Cg0ArKJSzD6P0BOPQOudEAE&adurl= Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.22.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s18-in-f98.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Tue, 31 Mar 2020 15:00:30 GMT x-content-type-options nosniff content-type image/gif server cafe access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 cache-control private timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Tue, 31 Mar 2020 15:00:30 GMT
GET H2	200	amp4ads-v0.js Show response cdn.ampproject.org/rtv/012003101714470/ Frame A933	200 KB 55 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:81b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012003101714470/amp4ads-v0.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032302.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4486f4e70d7321e8f64da51c38b50767e846bdaf4ef3441d628f27a4f8952c10 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Origin https://www.bankinfosecurity.com Sec-Fetch-Dest script User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 6725 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 55811 x-xss-protection 0 server sffe date Tue, 31 Mar 2020 13:08:25 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "789295de90cb321e" accept-ranges bytes timing-allow-origin * expires Wed, 31 Mar 2021 13:08:25 GMT
GET H2	200	amp4ads-v0.js Show response cdn.ampproject.org/rtv/012003101714470/ Frame A933	200 KB 55 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:81b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012003101714470/amp4ads-v0.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032302.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4486f4e70d7321e8f64da51c38b50767e846bdaf4ef3441d628f27a4f8952c10 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 6725 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 55811 x-xss-protection 0 server sffe date Tue, 31 Mar 2020 13:08:25 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "789295de90cb321e" accept-ranges bytes timing-allow-origin * expires Wed, 31 Mar 2021 13:08:25 GMT
GET H2	200	amp-analytics-0.1.js Show response cdn.ampproject.org/rtv/012003101714470/v0/ Frame A933	92 KB 28 KB	9ms 9ms	Script text/javascript	2a00:1450:4001:81b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012003101714470/v0/amp-analytics-0.1.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032302.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e17e03dc3ff1767a8d185975a2bf392068a0b2f2848503c38ceaa3f10fb0ea84 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 6664 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 28328 x-xss-protection 0 server sffe date Tue, 31 Mar 2020 13:09:26 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "f4788313c10056ed" accept-ranges bytes timing-allow-origin * expires Wed, 31 Mar 2021 13:09:26 GMT
GET DATA	200 OK	truncated / Frame A933	213 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 21d40a63a7ce3a8076d763988e6aeb363eff0566c934578d2cf3be955ce4bcd5 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET H2	200	amp4ads-v0.js Show response cdn.ampproject.org/rtv/012003101714470/ Frame 2831	200 KB 55 KB	9ms 3ms	Script text/javascript	2a00:1450:4001:81b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012003101714470/amp4ads-v0.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032302.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4486f4e70d7321e8f64da51c38b50767e846bdaf4ef3441d628f27a4f8952c10 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Origin https://www.bankinfosecurity.com Sec-Fetch-Dest script User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 6725 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 55811 x-xss-protection 0 server sffe date Tue, 31 Mar 2020 13:08:25 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "789295de90cb321e" accept-ranges bytes timing-allow-origin * expires Wed, 31 Mar 2021 13:08:25 GMT
GET H2	200	amp4ads-v0.js Show response cdn.ampproject.org/rtv/012003101714470/ Frame 2831	200 KB 55 KB	14ms 8ms	Script text/javascript	2a00:1450:4001:81b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012003101714470/amp4ads-v0.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032302.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4486f4e70d7321e8f64da51c38b50767e846bdaf4ef3441d628f27a4f8952c10 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 6725 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 55811 x-xss-protection 0 server sffe date Tue, 31 Mar 2020 13:08:25 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "789295de90cb321e" accept-ranges bytes timing-allow-origin * expires Wed, 31 Mar 2021 13:08:25 GMT
GET H2	200	amp-analytics-0.1.js Show response cdn.ampproject.org/rtv/012003101714470/v0/ Frame 2831	92 KB 28 KB	12ms 6ms	Script text/javascript	2a00:1450:4001:81b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012003101714470/v0/amp-analytics-0.1.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032302.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e17e03dc3ff1767a8d185975a2bf392068a0b2f2848503c38ceaa3f10fb0ea84 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 6664 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 28328 x-xss-protection 0 server sffe date Tue, 31 Mar 2020 13:09:26 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "f4788313c10056ed" accept-ranges bytes timing-allow-origin * expires Wed, 31 Mar 2021 13:09:26 GMT
GET H2	200	8097704371802300227 tpc.googlesyndication.com/simgad/ Frame 2831	31 KB 31 KB	12ms 6ms	Image image/png	2a00:1450:4001:816::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/8097704371802300227 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032302.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f7ae06de7f6eb25d9f3f1eef277adfdcd1c559177daf98de2fd3f0606fc73ad2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Fri, 27 Mar 2020 20:48:30 GMT x-content-type-options nosniff age 324720 x-dns-prefetch-control off status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 31937 x-xss-protection 0 last-modified Fri, 27 Mar 2020 19:58:38 GMT server sffe content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 27 Mar 2021 20:48:30 GMT
GET DATA	200 OK	truncated / Frame 2831	210 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ae043074210d499724923b35c640328c3febabbe022e822def6a37a29d5ee16a Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET H2	200	amp4ads-v0.js Show response cdn.ampproject.org/rtv/012003101714470/ Frame 8459	200 KB 55 KB	11ms 9ms	Script text/javascript	2a00:1450:4001:81b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012003101714470/amp4ads-v0.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032302.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4486f4e70d7321e8f64da51c38b50767e846bdaf4ef3441d628f27a4f8952c10 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Origin https://www.bankinfosecurity.com Sec-Fetch-Dest script User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 6725 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 55811 x-xss-protection 0 server sffe date Tue, 31 Mar 2020 13:08:25 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "789295de90cb321e" accept-ranges bytes timing-allow-origin * expires Wed, 31 Mar 2021 13:08:25 GMT
GET H2	200	amp4ads-v0.js Show response cdn.ampproject.org/rtv/012003101714470/ Frame 8459	200 KB 55 KB	9ms 9ms	Script text/javascript	2a00:1450:4001:81b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012003101714470/amp4ads-v0.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032302.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4486f4e70d7321e8f64da51c38b50767e846bdaf4ef3441d628f27a4f8952c10 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 6725 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 55811 x-xss-protection 0 server sffe date Tue, 31 Mar 2020 13:08:25 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "789295de90cb321e" accept-ranges bytes timing-allow-origin * expires Wed, 31 Mar 2021 13:08:25 GMT
GET H2	200	amp-analytics-0.1.js Show response cdn.ampproject.org/rtv/012003101714470/v0/ Frame 8459	92 KB 28 KB	11ms 11ms	Script text/javascript	2a00:1450:4001:81b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012003101714470/v0/amp-analytics-0.1.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032302.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e17e03dc3ff1767a8d185975a2bf392068a0b2f2848503c38ceaa3f10fb0ea84 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 6664 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 28328 x-xss-protection 0 server sffe date Tue, 31 Mar 2020 13:09:26 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "f4788313c10056ed" accept-ranges bytes timing-allow-origin * expires Wed, 31 Mar 2021 13:09:26 GMT
GET H2	200	713737757822001072 tpc.googlesyndication.com/simgad/ Frame A933	44 KB 45 KB	13ms 7ms	Image image/jpeg	2a00:1450:4001:816::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/713737757822001072 Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0e100268f8f83bfb184ba2ad4feb278311aede978c543c33fcb2748d6383dce2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Sat, 28 Mar 2020 13:07:47 GMT x-content-type-options nosniff age 265963 x-dns-prefetch-control off status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 45429 x-xss-protection 0 last-modified Wed, 19 Feb 2020 17:41:38 GMT server sffe content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 28 Mar 2021 13:07:47 GMT
GET H2	200	view securepubads.g.doubleclick.net/pcs/ Frame A933	0 290 B	33ms 32ms	Image image/gif	172.217.22.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss14FEqk3IP540sOklY-hg1msRCBq_PsEE0oysGdmD4zi2Y7bWCaDaF7izrIfv1U7ZTRVhbZMmByUdAa5jMEkdN4F-PqtlQ6E-ebFyFeQUP22kUOhhhU5oRcJvPC-jBpp0nmGdFvkjEShDxyndNOIVTh_UWK9g9bPvl1L-TJsBISm5PhzBP97k8d_WbNKguEOuEtoAKeftt2DqH2ja9QEh3kjYT186tkmGgOV9r_GBrDBM7olws4LBM9YtpfXITVinqhrJTUSGoX4JjeBeEtIUADJbn&sai=AMfl-YQDQ4biL_YoSw930MIvNl48jRn5z6OWEvILJOhxpjqciTptLnqf9LuMBP6IlO0_pg5uFFlITbj4vMHFg5OsCAXpPNTVyKlD4w-hSbrnQA&sig=Cg0ArKJSzMAFPCcxae2VEAE&adurl= Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.22.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s18-in-f98.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Tue, 31 Mar 2020 15:00:30 GMT x-content-type-options nosniff content-type image/gif server cafe access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 cache-control private timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Tue, 31 Mar 2020 15:00:30 GMT
GET H2	200	view securepubads.g.doubleclick.net/pcs/ Frame 2831	0 281 B	35ms 34ms	Image image/gif	172.217.22.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvd7H512UDTOPUIQeo0PVfSkA-G6qUL2N9q2Abmwqdp6wbd-dzdSha74jonVblc4tf0wkag1pxTMymgVE0I4MlM8G80Imc99X4O_fBbXKve29aPhOTTyUa_hbGwrHw0_RHiI1DM-CYsmBCsq1uinxrzUIJPiJfAnFMwM96YksRX_vbCmy_1biTIt7uM9zTS1hN8SPnRI58dyAOa5zDJERCQEWEnvPPiw4PjjkO33RFq1tXQiHspmrvi0N9AjVOAyQu1Z9QkZcx2GiFCijj1h6FKQm0&sai=AMfl-YSjA_RPPvdA-NQcBwrn4auZEzOgI_Ow0NIoJPtLZ7R6dKMMhLXxm-QepTdl7cRT08bZOdz5WO1m0IDtT5uG22U59mSSp_NzuRSggPGrcw&sig=Cg0ArKJSzImpqDzjT7pAEAE&adurl= Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.22.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s18-in-f98.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Tue, 31 Mar 2020 15:00:30 GMT x-content-type-options nosniff content-type image/gif server cafe access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 cache-control private timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Tue, 31 Mar 2020 15:00:30 GMT
GET H2	200	13610648135486597254 tpc.googlesyndication.com/simgad/ Frame 8459	58 KB 58 KB	13ms 8ms	Image image/jpeg	2a00:1450:4001:816::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/13610648135486597254 Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash acf1e823530a498e173971fd5dde3285bd3ed7623564629fc0067d897121b7a3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Mon, 30 Mar 2020 02:34:19 GMT x-content-type-options nosniff age 131171 x-dns-prefetch-control off status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 59179 x-xss-protection 0 last-modified Tue, 03 Mar 2020 16:14:15 GMT server sffe content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 30 Mar 2021 02:34:19 GMT
GET H2	200	view securepubads.g.doubleclick.net/pcs/ Frame 8459	0 281 B	36ms 35ms	Image image/gif	172.217.22.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvTZIu5yJ22pQVetk4At3Fg9b4m4ta99py1rOZ3-xWzK9sZHjfrBrxw3lP6L6Jq4X616f19doZY2ueBqeL5QdF8k-QBEydhGD2Ngs2rYwC6ZZVOSIhrBbb-_uzEocrPNQuNBwzxIHx8KsRa9AaGDh-XU9ku4MeQho7gQ95McmBjlprFwI-nc7GNdIz6G0V62Tpt_toq-t3Di4GWVafoeHO2DMpfbfxj98JSV-D4lGTUlQ-lbG6vQUp3pOai3nXmCEr8FHS2rM22rGdzciIHKuM-NA&sai=AMfl-YQwyRjEdVGMADeIsf3bv_t7EcNScIK8gwhJIdyXkDilBsL0LsiLalsTdV-gtnMHyJmlwkbxEPBQgGE8gOMAzWu8coCx45KKmaqXOvG1VA&sig=Cg0ArKJSzHa3T8dX8LjjEAE&adurl= Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.22.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s18-in-f98.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Tue, 31 Mar 2020 15:00:30 GMT x-content-type-options nosniff content-type image/gif server cafe access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 cache-control private timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Tue, 31 Mar 2020 15:00:30 GMT
GET H2	200	8097704371802300227 tpc.googlesyndication.com/simgad/ Frame F05D	31 KB 31 KB	7ms 6ms	Image image/png	2a00:1450:4001:816::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/8097704371802300227 Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/rtv/012003101714470/amp4ads-v0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f7ae06de7f6eb25d9f3f1eef277adfdcd1c559177daf98de2fd3f0606fc73ad2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Fri, 27 Mar 2020 20:48:30 GMT x-content-type-options nosniff age 324720 x-dns-prefetch-control off status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 31937 x-xss-protection 0 last-modified Fri, 27 Mar 2020 19:58:38 GMT server sffe content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 27 Mar 2021 20:48:30 GMT
GET H2	200	12054981889413655668 tpc.googlesyndication.com/simgad/ Frame 3D28	161 KB 161 KB	11ms 9ms	Image image/png	2a00:1450:4001:816::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/12054981889413655668 Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/rtv/012003101714470/amp4ads-v0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2cd1f8be0e57181c86cbe42bf87d2076ba7ef78ab2b49bf17e4f225850cee6de Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Tue, 31 Mar 2020 02:20:40 GMT x-content-type-options nosniff age 45590 x-dns-prefetch-control off status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 164373 x-xss-protection 0 last-modified Thu, 30 Jan 2020 16:42:48 GMT server sffe content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 31 Mar 2021 02:20:40 GMT
GET H2	200	12054981889413655668 tpc.googlesyndication.com/simgad/ Frame 8360	161 KB 161 KB	7ms 6ms	Image image/png	2a00:1450:4001:816::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/12054981889413655668 Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/rtv/012003101714470/amp4ads-v0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2cd1f8be0e57181c86cbe42bf87d2076ba7ef78ab2b49bf17e4f225850cee6de Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Tue, 31 Mar 2020 02:20:40 GMT x-content-type-options nosniff age 45590 x-dns-prefetch-control off status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 164373 x-xss-protection 0 last-modified Thu, 30 Jan 2020 16:42:48 GMT server sffe content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 31 Mar 2021 02:20:40 GMT
GET H2	200	713737757822001072 tpc.googlesyndication.com/simgad/ Frame A933	44 KB 44 KB	8ms 7ms	Image image/jpeg	2a00:1450:4001:816::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/713737757822001072 Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/rtv/012003101714470/amp4ads-v0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0e100268f8f83bfb184ba2ad4feb278311aede978c543c33fcb2748d6383dce2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Sat, 28 Mar 2020 13:07:47 GMT x-content-type-options nosniff age 265963 x-dns-prefetch-control off status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 45429 x-xss-protection 0 last-modified Wed, 19 Feb 2020 17:41:38 GMT server sffe content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 28 Mar 2021 13:07:47 GMT
GET H2	200	8097704371802300227 tpc.googlesyndication.com/simgad/ Frame 2831	31 KB 31 KB	6ms 6ms	Image image/png	2a00:1450:4001:816::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/8097704371802300227 Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/rtv/012003101714470/amp4ads-v0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f7ae06de7f6eb25d9f3f1eef277adfdcd1c559177daf98de2fd3f0606fc73ad2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Fri, 27 Mar 2020 20:48:30 GMT x-content-type-options nosniff age 324720 x-dns-prefetch-control off status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 31937 x-xss-protection 0 last-modified Fri, 27 Mar 2020 19:58:38 GMT server sffe content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 27 Mar 2021 20:48:30 GMT
POST H/1.1	200 OK	ajax.php Show response www.bankinfosecurity.com/	5 B 500 B	157ms 156ms	XHR text/html	50.56.167.254 RMH-14
General Check archive.org Show headers Download Go to Full URL https://www.bankinfosecurity.com/ajax.php?json=notificationCookies&action=getNotifications Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/javascripts-responsive/vendor/jquery.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US), Reverse DNS Software Apache / Resource Hash fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa Request headers Accept */* Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Origin https://www.bankinfosecurity.com X-Requested-With XMLHttpRequest Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Tue, 31 Mar 2020 15:00:30 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding Content-Type text/html; charset=UTF-8 Cache-Control no-store, no-cache, must-revalidate Transfer-Encoding chunked Connection Keep-Alive Keep-Alive timeout=5, max=95 Expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	activeview pagead2.googlesyndication.com/pcs/ Frame F05D	42 B 110 B	16ms 16ms	Image image/gif	2a00:1450:4001:825::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstd1sWkvg52z5Fh-haWdygzd7pYSUgUtafv_t6qS6QINmFurwjmrzhrU0t5of8IIvSrL8swfj3cDYw92KNiyR7do-vutkG8oUIyXqGgAhU&sig=Cg0ArKJSzLn-3Eu7b8MLEAE&id=ampim&o=629,71&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=166&tls=1166&g=100&h=100&tt=1166&r=v&adk=606436291&avms=ampa Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers pragma no-cache date Tue, 31 Mar 2020 15:00:31 GMT x-content-type-options nosniff content-type image/gif server cafe access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, must-revalidate timing-allow-origin * alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	activeview pagead2.googlesyndication.com/pcs/ Frame 3D28	42 B 110 B	15ms 15ms	Image image/gif	2a00:1450:4001:825::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvDXqUoZGvnehJFVax39oXQl1iNiocXu4-Ju79g_MqtQkcwSCus_x264ABt_C4u1dgKoR4sQOSCJ6p5A-kET--M-w1rMc0DO7f1I7qDFCE&sig=Cg0ArKJSzEtPLA_tYouQEAE&id=ampim&o=1033,587&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=132&tls=1132&g=100&h=100&tt=1132&r=v&adk=592806581&avms=ampa Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers pragma no-cache date Tue, 31 Mar 2020 15:00:31 GMT x-content-type-options nosniff content-type image/gif server cafe access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, must-revalidate timing-allow-origin * alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	utsync.ashx Show response ml314.com/	733 B 1 KB	39ms 38ms	Script application/javascript	52.49.96.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=57819&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.bankinfosecurity.com%2Fhijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022&pv=1585666831791_r49valic4&bl=en-us&cb=1844914&return=&ht=&d=&dc=&si=1585666831791_r49valic4&cid=&s=1600x1200&rp= Requested by Host: ml314.com URL: https://ml314.com/tag.aspx?3122020 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.49.96.126 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-49-96-126.eu-west-1.compute.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash b9a6b09d6861e145f9f348ef8a207a51d6b29d2be6fcc2e70d8dd8c08ed1278e Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Pragma no-cache Date Tue, 31 Mar 2020 15:00:31 GMT Content-Encoding gzip Server Microsoft-IIS/10.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Vary Accept-Encoding p3P CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA" Cache-Control private Connection keep-alive Content-Type application/javascript; charset=utf-8 Content-Length 501 Expires 0
GET H/1.1	200 OK	ud.ashx Show response in.ml314.com/	20 B 481 B	1245ms 188ms	Script application/javascript	52.44.39.89 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://in.ml314.com/ud.ashx?topiclimit=&cb=3122020 Requested by Host: ml314.com URL: https://ml314.com/tag.aspx?3122020 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.44.39.89 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-44-39-89.compute-1.amazonaws.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Tue, 31 Mar 2020 15:00:32 GMT Content-Encoding gzip Server Microsoft-IIS/8.5 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Cache-Control public Connection keep-alive Content-Length 138 Expires Wed, 01 Apr 2020 15:00:32 GMT
GET H/1.1	200 OK	csync.ashx ml314.com/ Redirect Chain https://tags.bluekai.com/site/20486?limit=0&id=3609249039358885954&redir=https://ml314.com/csync.ashx%3Ffp=$_BK_UUID%26person_id=3609249039358885954%26eid=50056 https://ml314.com/csync.ashx?fp=H7T01999999DYTBK&person_id=3609249039358885954&eid=50056	43 B 312 B	37ms 37ms	Image image/gif	52.49.96.126 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ml314.com/csync.ashx?fp=H7T01999999DYTBK&person_id=3609249039358885954&eid=50056 Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.49.96.126 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-49-96-126.eu-west-1.compute.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 31 Mar 2020 15:00:34 GMT Server Microsoft-IIS/10.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Content-Type image/gif Cache-Control private Connection keep-alive Content-Length 43 Expires Wed, 01 Apr 2020 11:00:34 GMT Redirect headers Location https://ml314.com/csync.ashx?fp=H7T01999999DYTBK&person_id=3609249039358885954&eid=50056 Date Tue, 31 Mar 2020 15:00:34 GMT Connection keep-alive Content-Length 0 BK-Server a221 P3P CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
GET H/1.1	200 OK	csync.ashx ml314.com/ Redirect Chain https://idsync.rlcdn.com/395886.gif?partner_uid=3609249039358885954 https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYwOTI0OTAzOTM1ODg4NTk1NBAAGg0Ij7aN9AUSBQjoBxAAQgBKAA https://ml314.com/csync.ashx?fp=6ad855929243f8ec9883d35728ec5678e168fbf5049f541ef9955d0c3092fcf7f4cb09cee1a4f8eb&person_id=3609249039358885954&eid=50082	43 B 312 B	38ms 37ms	Image image/gif	52.49.96.126 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ml314.com/csync.ashx?fp=6ad855929243f8ec9883d35728ec5678e168fbf5049f541ef9955d0c3092fcf7f4cb09cee1a4f8eb&person_id=3609249039358885954&eid=50082 Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.49.96.126 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-49-96-126.eu-west-1.compute.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 31 Mar 2020 15:00:31 GMT Server Microsoft-IIS/10.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Content-Type image/gif Cache-Control private Connection keep-alive Content-Length 43 Expires Wed, 01 Apr 2020 11:00:32 GMT Redirect headers date Tue, 31 Mar 2020 15:00:32 GMT via 1.1 google location https://ml314.com/csync.ashx?fp=6ad855929243f8ec9883d35728ec5678e168fbf5049f541ef9955d0c3092fcf7f4cb09cee1a4f8eb&person_id=3609249039358885954&eid=50082 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" status 307 cache-control no-cache, no-store timing-allow-origin * alt-svc clear content-length 0
GET H/1.1	200 OK	csync.ashx ml314.com/ Redirect Chain https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1 https://match.adsrvr.org/track/cmb/generic?ttd_pid=d0tro1j&ttd_tpi=1 https://ml314.com/utsync.ashx?eid=53819&et=0&fp=cea81d2b-c8d7-41ea-a3d1-d6883b9618fc https://ml314.com/csync.ashx?fp=cea81d2b-c8d7-41ea-a3d1-d6883b9618fc&person_id=3609249039358885954&eid=53819	43 B 312 B	37ms 37ms	Image image/gif	52.49.96.126 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ml314.com/csync.ashx?fp=cea81d2b-c8d7-41ea-a3d1-d6883b9618fc&person_id=3609249039358885954&eid=53819 Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.49.96.126 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-49-96-126.eu-west-1.compute.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 31 Mar 2020 15:00:31 GMT Server Microsoft-IIS/10.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Content-Type image/gif Cache-Control private Connection keep-alive Content-Length 43 Expires Wed, 01 Apr 2020 11:00:31 GMT Redirect headers Pragma no-cache Date Tue, 31 Mar 2020 15:00:31 GMT Server Microsoft-IIS/10.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET p3P CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA" Location https://ml314.com/csync.ashx?fp=cea81d2b-c8d7-41ea-a3d1-d6883b9618fc&person_id=3609249039358885954&eid=53819 Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Type image/gif Content-Length 43 Expires 0,Wed, 01 Apr 2020 11:00:31 GMT
GET H/1.1	200 OK	csync.ashx ml314.com/ Redirect Chain https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3609249039358885954 https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3609249039358885954 https://ml314.com/csync.ashx?fp=54e07b7f4caff634ba9d0d64c08164c0&eid=50146&person_id=3609249039358885954	43 B 312 B	38ms 38ms	Image image/gif	52.49.96.126 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ml314.com/csync.ashx?fp=54e07b7f4caff634ba9d0d64c08164c0&eid=50146&person_id=3609249039358885954 Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.49.96.126 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-49-96-126.eu-west-1.compute.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 31 Mar 2020 15:00:33 GMT Server Microsoft-IIS/10.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Content-Type image/gif Cache-Control private Connection keep-alive Content-Length 43 Expires Wed, 01 Apr 2020 11:00:34 GMT Redirect headers Pragma no-cache Date Tue, 31 Mar 2020 15:00:34 GMT P3P CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV Location https://ml314.com/csync.ashx?fp=54e07b7f4caff634ba9d0d64c08164c0&eid=50146&person_id=3609249039358885954 Cache-Control no-cache X-Server 10.45.12.202 Connection keep-alive Content-Length 0 Expires 0
GET H/1.1	200 OK	match ps.eyeota.net/ Redirect Chain https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2786_sSKDI5CtcrgS0F7zgxRchPe-dkyeYsz9bCOx8ho&gdpr=1&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil https://ml314.com/csync.ashx?fp=2786_sSKDI5CtcrgS0F7zgxRchPe-dkyeYsz9bCOx8ho&person_id=3609249039358885954&eid=50052&return=https%3a%2f%2fps.eyeota.net%2fmatch%3fbid%3dr8hrb20%26uid%3dnil https://ps.eyeota.net/match?bid=r8hrb20&uid=nil	70 B 440 B	45ms 44ms	Image image/gif	3.120.214.218 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ps.eyeota.net/match?bid=r8hrb20&uid=nil Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 3.120.214.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-120-214-218.eu-central-1.compute.amazonaws.com Software / Resource Hash de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 31 Mar 2020 15:00:33 GMT P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml" Content-Length 70 Content-Type image/gif Redirect headers Date Tue, 31 Mar 2020 15:00:32 GMT Server Microsoft-IIS/10.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Content-Type text/html; charset=utf-8 Location https://ps.eyeota.net/match?bid=r8hrb20&uid=nil Cache-Control private Connection keep-alive Content-Length 168 Expires Wed, 01 Apr 2020 11:00:33 GMT
GET H/1.1	200 OK	livechat.ashx Show response hostedmax.comm100.com/chatserver/	997 B 821 B	650ms 159ms	Script application/x-javascript	64.69.81.182 COGECO-PEER1
General Check archive.org Show headers Download Go to Full URL https://hostedmax.comm100.com/chatserver/livechat.ashx?siteId=92035 Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 64.69.81.182 Vancouver, Canada, ASN13768 (COGECO-PEER1, CA), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash eac40f1a7c2dff8d10a4461024f0bce8d88ee5896960d48e8a2418b085f622bb Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Tue, 31 Mar 2020 15:00:09 GMT Content-Encoding gzip Server Microsoft-IIS/8.5 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Content-Type application/x-javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control no-cache, no-store Content-Length 519
GET H2	200	bundle.099e61e16efedea507ca37360f78f15f.js Show response standby.comm100vue.com/js/ Frame E84C	1002 KB 328 KB	42ms 42ms	Script application/javascript	2606:4700:10::6816:941 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://standby.comm100vue.com/js/bundle.099e61e16efedea507ca37360f78f15f.js Requested by Host: hostedmax.comm100.com URL: https://hostedmax.comm100.com/chatserver/livechat.ashx?siteId=92035 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:941 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 0a076a70f1f327ba3be434082c06613f8fe53c89e79ab12f524ff0b662c3043f Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Tue, 31 Mar 2020 15:00:33 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 11 Dec 2019 21:20:34 GMT server cloudflare age 4600609 x-powered-by ASP.NET etag "03dfad268b0d51:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=31536000 cf-ray 57caf0cb68f1175e-FRA access-control-allow-origin *
POST H2	200	visitor.ashx Show response chatserver3.comm100.com/ Frame E84C	996 B 992 B	204ms 189ms	XHR text/json	104.20.5.43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://chatserver3.comm100.com/visitor.ashx?siteId=92035 Requested by Host: standby.comm100vue.com URL: https://standby.comm100vue.com/js/bundle.099e61e16efedea507ca37360f78f15f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.20.5.43 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 43e83158d97ef3ea049cc7c9887aa4d3b2972d943f1ce4cfd7d334d28bfdedcb Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Origin https://www.bankinfosecurity.com Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Tue, 31 Mar 2020 15:00:33 GMT content-encoding gzip cf-cache-status DYNAMIC x-aspnet-version 4.0.30319 x-powered-by ASP.NET p3p CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE" status 200 content-length 546 x-robots-tag noindex, nofollow server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type text/json; charset=utf-8 access-control-allow-origin https://www.bankinfosecurity.com cache-control private access-control-allow-credentials true cf-ray 57caf0cc4fcec78d-AMS access-control-allow-headers Content-type,api-key,Authorization,X-Requested-With
POST H2	200	visitor.ashx Show response chatserver3.comm100.com/ Frame E84C	999 B 731 B	209ms 209ms	XHR text/json	104.20.5.43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://chatserver3.comm100.com/visitor.ashx?siteId=92035 Requested by Host: standby.comm100vue.com URL: https://standby.comm100vue.com/js/bundle.099e61e16efedea507ca37360f78f15f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.20.5.43 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 242799a20c7f08876dd7aa64c80f7c45f31dde812cdd42f720dca026c2e21c60 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Origin https://www.bankinfosecurity.com Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Tue, 31 Mar 2020 15:00:33 GMT content-encoding gzip cf-cache-status DYNAMIC x-aspnet-version 4.0.30319 x-powered-by ASP.NET p3p CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE" status 200 content-length 575 x-robots-tag noindex, nofollow server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type text/json; charset=utf-8 access-control-allow-origin https://www.bankinfosecurity.com cache-control private access-control-allow-credentials true cf-ray 57caf0cd7b81c78d-AMS access-control-allow-headers Content-type,api-key,Authorization,X-Requested-With
GET H2	200	bundle.099e61e16efedea507ca37360f78f15f.js Show response vue.comm100.com/js/ Frame 9CF3	1002 KB 243 KB	26ms 25ms	Script application/javascript	104.20.5.43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://vue.comm100.com/js/bundle.099e61e16efedea507ca37360f78f15f.js Requested by Host: vue.comm100.com URL: https://vue.comm100.com/livechat.ashx?siteId=92035 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.20.5.43 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 0a076a70f1f327ba3be434082c06613f8fe53c89e79ab12f524ff0b662c3043f Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Tue, 31 Mar 2020 15:00:33 GMT content-encoding gzip cf-cache-status HIT age 7564237 x-powered-by ASP.NET status 200 content-length 248215 last-modified Wed, 11 Dec 2019 21:20:34 GMT server cloudflare etag "03dfad268b0d51:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cf-ray 57caf0ce1cefc78d-AMS
GET H/1.1	200 OK	munchkin.js Show response munchkin.marketo.net/157/	9 KB 5 KB	23ms 22ms	Script application/x-javascript	88.221.60.75 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://munchkin.marketo.net/157/munchkin.js Requested by Host: munchkin.marketo.net URL: https://munchkin.marketo.net/munchkin.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 88.221.60.75 , Ascension Island, ASN16625 (AKAMAI-AS, US), Reverse DNS a88-221-60-75.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 640a401ef807204873f6f29f1825bf7400035432bdfd51361edc487d17099df0 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Tue, 31 Mar 2020 15:00:33 GMT Content-Encoding gzip Last-Modified Fri, 01 Nov 2019 01:52:19 GMT Server Apache ETag "8b51a976b2f24b5c747cd9dff2d593ed:1572573139" Vary Accept-Encoding P3P policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR" Cache-Control max-age=8640000 Connection keep-alive Accept-Ranges bytes Content-Type application/x-javascript Content-Length 4265 Expires Thu, 09 Jul 2020 15:00:33 GMT
GET H2	200	campaign.ashx Show response chatserver3.comm100.com/ Frame E84C	6 KB 3 KB	236ms 194ms	XHR text/json	104.20.5.43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://chatserver3.comm100.com/campaign.ashx?siteId=92035&campaignId=1275&lastUpdateTime=75567E86D28614B61879350BF24B10CF3D5F2F97D558627059BACCEACEA691D0 Requested by Host: standby.comm100vue.com URL: https://standby.comm100vue.com/js/bundle.099e61e16efedea507ca37360f78f15f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.20.5.43 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 75567e86d28614b61879350bf24b10cf3d5f2f97d558627059bacceacea691d0 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Origin https://www.bankinfosecurity.com Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 31 Mar 2020 15:00:33 GMT content-encoding gzip cf-cache-status DYNAMIC x-aspnet-version 4.0.30319 x-powered-by ASP.NET cf-ray 57caf0cf0f87c78d-AMS status 200 content-length 2617 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/json; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 x-robots-tag noindex, nofollow access-control-allow-headers Content-type,api-key,Authorization,X-Requested-With
GET H/1.1	200 OK	visitWebPage Show response 051-zxi-237.mktoresp.com/webevents/	2 B 304 B	648ms 169ms	XHR text/plain	192.28.147.68 MARKETO
General Check archive.org Show headers Download Go to Full URL https://051-zxi-237.mktoresp.com/webevents/visitWebPage?_mchNc=1585666833725&_mchCn=&_mchId=051-ZXI-237&_mchTk=_mch-bankinfosecurity.com-1585666833725-31777&_mchHo=www.bankinfosecurity.com&_mchPo=&_mchRu=%2Fhijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022&_mchPc=https%3A&_mchVr=157&_mchEcid=&_mchHa=&_mchRe=&_mchQp= Requested by Host: munchkin.marketo.net URL: https://munchkin.marketo.net/157/munchkin.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 192.28.147.68 , United States, ASN53580 (MARKETO, US), Reverse DNS Software akka-http/10.1.10 / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Origin https://www.bankinfosecurity.com Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Tue, 31 Mar 2020 15:00:34 GMT Content-Encoding gzip Server akka-http/10.1.10 Transfer-Encoding chunked X-Request-Id 3ff91a4e-fd7f-41ce-8c12-15fb389de110 Content-Type text/plain; charset=UTF-8
GET H/1.1	200 OK	visitWebPage Show response 051-zxi-237.mktoresp.com/webevents/	2 B 304 B	813ms 165ms	XHR text/plain	192.28.147.68 MARKETO
General Check archive.org Show headers Download Go to Full URL https://051-zxi-237.mktoresp.com/webevents/visitWebPage?_mchNc=1585666833726&_mchRu=%2Fhijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022&_mchQp=cat%3D497%26cat%3D416%26cat%3D506%26cat%3D409%26cat%3D410%26cat%3D93%26cat%3D465%26assetID%3D14022%26assetType%3Darticle%26key%3Dcoronavirus%26key%3Drouters%26key%3Dcybersecurity%26key%3Dbitdefender%26key%3Dmark%20warner%26key%3Ddns%20hijacking%26key%3Dmalware%26key%3Dinfostealer%26key%3Doski%26key%3D&_mchId=051-ZXI-237&_mchTk=_mch-bankinfosecurity.com-1585666833725-31777&_mchHo=www.bankinfosecurity.com&_mchPo=&_mchPc=https%3A&_mchVr=157&_mchEcid=&_mchRe=https%3A%2F%2Fwww.bankinfosecurity.com%2Fhijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Requested by Host: munchkin.marketo.net URL: https://munchkin.marketo.net/157/munchkin.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 192.28.147.68 , United States, ASN53580 (MARKETO, US), Reverse DNS Software akka-http/10.1.10 / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Origin https://www.bankinfosecurity.com Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Tue, 31 Mar 2020 15:00:34 GMT Content-Encoding gzip Server akka-http/10.1.10 Transfer-Encoding chunked X-Request-Id cd234ea1-cf23-4902-8beb-7188ace7da0e Content-Type text/plain; charset=UTF-8
GET H/1.1	200 OK	bis-hdr.desktop.r2.js Show response www.bankinfosecurity.com/javascripts-responsive/	2 KB 906 B	137ms 137ms	Script application/javascript	50.56.167.254 RMH-14
General Check archive.org Show headers Download Go to Full URL https://www.bankinfosecurity.com/javascripts-responsive/bis-hdr.desktop.r2.js Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US), Reverse DNS Software Apache / Resource Hash a952a44375a3d8c869e96f85505fcbae076f4226021f08676a1b4627152252d0 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Tue, 31 Mar 2020 15:00:34 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=86400, private, must-revalidate Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=94 Content-Length 595
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	7 KB 5 KB	27ms 27ms	XHR application/json	2a00:1450:4001:814::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020032302&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032302.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 790228fd8424dfc453e171da2c465713345eb81284bcf96d971348483b2d0fd7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Origin https://www.bankinfosecurity.com Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers timing-allow-origin * date Tue, 31 Mar 2020 15:00:34 GMT content-encoding gzip x-content-type-options nosniff server cafe status 200 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 5200 x-xss-protection 0
GET DATA	200 OK	truncated / Frame 8459	212 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 8e31cf38b827f0bace0f8188fcedcec54c417490d2cf071984abe98ef482684a Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET H2	200	up.js Show response cdn01.basis.net/assets/	1 KB 919 B	95ms 31ms	Script application/javascript	178.79.227.167 LLNW
General Check archive.org Show headers Download Go to Full URL https://cdn01.basis.net/assets/up.js?um=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-T6KM3T Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 178.79.227.167 , Italy, ASN22822 (LLNW, US), Reverse DNS https-178-79-227-167.vie.llnw.net Software AC1.1 / Resource Hash 6d810862e66c6beb7963f98524bee4231cd6ae1a41a2c8389ea49c31976180f8 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Tue, 31 Mar 2020 15:00:34 GMT content-encoding gzip last-modified Wed, 13 Nov 2019 19:28:15 GMT server AC1.1 age 115092 vary Accept-Encoding content-type application/javascript status 200 accept-ranges bytes content-length 737
GET H/1.1	204 No Content	64ead273d1f41aa7 pixel.sitescout.com/iap/ Redirect Chain https://pixel-a.basis.net/iap/64ead273d1f41aa7 https://pixel.sitescout.com/iap/64ead273d1f41aa7	0 248 B	163ms 25ms	Image text/plain	66.155.71.149 COGECO-PEER1
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.sitescout.com/iap/64ead273d1f41aa7 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA), Reverse DNS Software AC1.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Tue, 31 Mar 2020 15:00:35 GMT Cache-Control max-age=0,no-cache,no-store Expires Tue, 11 Oct 1977 12:34:56 GMT Server AC1.1 P3P CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml" Redirect headers Location https://pixel.sitescout.com/iap/64ead273d1f41aa7 Content-length 0
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	14 KB 5 KB	14ms 13ms	Script text/javascript	2a00:1450:4001:816::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032302.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Tue, 31 Mar 2020 15:00:34 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1582746470043195" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=3000 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 5456 x-xss-protection 0 expires Tue, 31 Mar 2020 15:00:34 GMT
GET H2	200	runner.html tpc.googlesyndication.com/sodar/sodar2/209/ Frame 75A4	0 0	6ms 6ms	Document text/html	2a00:1450:4001:816::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/209/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-dest iframe accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest iframe Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Response headers status 200 accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html content-length 5727 date Tue, 31 Mar 2020 14:21:27 GMT expires Wed, 31 Mar 2021 14:21:27 GMT last-modified Tue, 25 Feb 2020 17:32:01 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 2347 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
GET H/1.1	204	asyncPixelSync pixel.sitescout.com/dmp/ Frame A5A8	0 0	1133ms 25ms	Document text/plain	66.155.71.149 COGECO-PEER1
General Check archive.org Show headers Download Go to Full URL https://pixel.sitescout.com/dmp/asyncPixelSync Requested by Host: www.bankinfosecurity.com URL: https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA), Reverse DNS Software AC1.1 / Resource Hash Request headers Host pixel.sitescout.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest iframe Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest iframe Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Response headers Cache-Control max-age=0,no-cache,no-store Pragma no-cache Expires Tue, 11 Oct 1977 12:34:56 GMT P3P CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml" Date Tue, 31 Mar 2020 15:00:35 GMT Server AC1.1
GET H/1.1	200 OK	dabbb58b17f5118e pixel.sitescout.com/up/	43 B 328 B	1163ms 28ms	Image image/gif	66.155.71.149 COGECO-PEER1
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.sitescout.com/up/dabbb58b17f5118e?cntr_url=https%3A%2F%2Fwww.bankinfosecurity.com%2Fhijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA), Reverse DNS Software AC1.1 / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Pragma no-cache Date Tue, 31 Mar 2020 15:00:35 GMT Server AC1.1 P3P CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml" Cache-Control max-age=0,no-cache,no-store Content-Type image/gif Content-Length 43 Expires Tue, 11 Oct 1977 12:34:56 GMT
GET H2	204	gen_204 pagead2.googlesyndication.com/pagead/	0 58 B	16ms 15ms	Image image/gif	2a00:1450:4001:825::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020032302&jk=374133468699695&bg=!uLulu6NYv32Kzn-mZ5cCAAAAPVIAAAAMmQFkSk4ISI8eioQ7HRsTzxqUGhPvfhXrVNz9aO1BvzVdbKEEP9ATJcNGqjlTu_0lH5L4tQRbuXPRxwAhEdMRKuJJXCI7Xqimdv_Ero5eLco7LzFm9MWOI25B3MiDTBsPiMFGahtjsIgo1SBe8B3E1gKvdIwE0Rwct0KgoZG2JfMkXtvTnLAk-jHzFJ4qUgk5bPS28ItIy25mIxDyAUxPspbuZy8_0lH-f7YnppjcolUBCXVRqUJwNyA_6DVocE3zKuGaxKxraLWQFnQdq3V5yVlbdhecyN1fr0dxyqv624QZ2HpOS6IV-QzfiGR08gGk6oXPMWTdAgPfoCd09subtxVxQ7vJUGezMY4nHYSVt2qzEveuXTRJ0dGGYL5yTNnJ7jxuWEymxIoVaLlZNsU0ygJ6bUVOxTN5SPw-ghYPCSzKeywclHhriVpptNWEzI9FrddmlYz4x9cjbTmVZ-YJTHY6udeBBrE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers pragma no-cache date Tue, 31 Mar 2020 15:00:34 GMT x-content-type-options nosniff content-type image/gif server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 204 cache-control no-cache, must-revalidate timing-allow-origin * alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	activeview pagead2.googlesyndication.com/pcs/ Frame 8459	42 B 110 B	15ms 14ms	Image image/gif	2a00:1450:4001:825::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvLyH7W-qSCbGKu6s8xE3lxgTIV80bpmKTJJf2DeswaWTNCxdkxWqUZzF51hVQIDfqW9dURyiIRnIIahI_US4eESTl2Ey9FO4jEhSt35mQ&sig=Cg0ArKJSzMe4FJqOCgw5EAE&id=ampim&o=0,0&d=640,480&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=4401&tls=5401&g=100&h=100&tt=5401&r=v&adk=3082656849&avms=ampa Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers pragma no-cache date Tue, 31 Mar 2020 15:00:35 GMT x-content-type-options nosniff content-type image/gif server cafe access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, must-revalidate timing-allow-origin * alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	imsync.ashx Show response ml314.com/	17 B 427 B	38ms 37ms	Script text/html	52.49.96.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ml314.com/imsync.ashx?pi=3609249039358885954&data=eyJwaCI6NjA1Mywid2giOjEyMDAsInRicyI6MCwiZHQiOjE1LCJwaWQiOiIxNTg1NjY2ODMxNzkxX3I0OXZhbGljNCIsInNkIjoxMjAwfQ%3D%3D Requested by Host: ml314.com URL: https://ml314.com/tag.aspx?3122020 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.49.96.126 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-49-96-126.eu-west-1.compute.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 62ce950ad0d7f664b316b4253bbc993bf0bf8310970f64b150fda6f1fa59dfea Request headers Referer https://www.bankinfosecurity.com/hijacked-routers-steering-users-to-malicious-covid-19-sites-a-14022 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Tue, 31 Mar 2020 15:00:46 GMT Content-Encoding gzip Server Microsoft-IIS/10.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Vary Accept-Encoding Content-Type text/html; charset=utf-8 Cache-Control private Connection keep-alive Content-Length 135

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

f5bd7c2823d8d0533dcb-62d55445ed2ff88556926faa498f48fa.ssl.cf1.rackcdn.com

URL

https://f5bd7c2823d8d0533dcb-62d55445ed2ff88556926faa498f48fa.ssl.cf1.rackcdn.com/ondemand-preview-w-255.mp4