urlscan.io logo urlscan.io
SecurityTrails logo

www.zdnet.com Open in urlscan Pro
2a04:4e42:3::444  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
Submission: On April 28 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 5 countries across 19 domains to perform 136 HTTP transactions. The main IP is 2a04:4e42:3::444, located in Ascension Island and belongs to FASTLY, US. The main domain is www.zdnet.com.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on January 24th 2020. Valid for: a year.
This is the only time www.zdnet.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
43 2a04:4e42:3::444 54113 (FASTLY)
6 152.195.132.202 15133 (EDGECAST)
1 2a04:4e42:1b:... 54113 (FASTLY)
8 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 151.101.129.188 54113 (FASTLY)
14 172.217.22.66 15169 (GOOGLE)
1 34.102.213.242 15169 (GOOGLE)
12 72.247.226.64 16625 (AKAMAI-AS)
13 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
12 2a00:1450:400... 15169 (GOOGLE)
1 63.35.59.66 16509 (AMAZON-02)
2 52.215.85.82 16509 (AMAZON-02)
1 23.2.219.214 16625 (AKAMAI-AS)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:3::645 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 2.16.106.58 20940 (AKAMAI-ASN1)
1 1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
136 23
43    2a04:4e42:3::444 (Ascension Island)

ASN54113 (FASTLY, US)
www.zdnet.com
zdnet4.cbsistatic.com
zdnet2.cbsistatic.com
zdnet3.cbsistatic.com
zdnet1.cbsistatic.com
6    152.195.132.202 (United States)

ASN15133 (EDGECAST, US)
cdn.cookielaw.org
1    2a04:4e42:1b::444 (Ascension Island)

ASN54113 (FASTLY, US)
production-cmp.isgprivacy.cbsi.com
8    2a02:26f0:6c00:181::11a6 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
c.go-mpulse.net
685d5b19.akstat.io
1    151.101.129.188 (United States)

ASN54113 (FASTLY, US)
at.cbsi.com
14    172.217.22.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s17-in-f66.1e100.net
securepubads.g.doubleclick.net
1    34.102.213.242 (United States)

ASN15169 (GOOGLE, US)
PTR: 242.213.102.34.bc.googleusercontent.com
urs.zdnet.com
12    72.247.226.64 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a72-247-226-64.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
13    2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.be
www.googletagservices.com
adservice.google.de
6    2a00:1450:4001:815::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
pagead2.googlesyndication.com
1    2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
12    2a00:1450:4001:820::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    63.35.59.66 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-59-66.eu-west-1.compute.amazonaws.com
mb.moatads.com
2    52.215.85.82 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-85-82.eu-west-1.compute.amazonaws.com
geo.moatads.com
1    23.2.219.214 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-2-219-214.deploy.static.akamaitechnologies.com
rev.cbsi.com
7    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
1    2a00:1450:4001:815::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a04:4e42:3::645 (Ascension Island)

ASN54113 (FASTLY, US)
vidtech.cbsinteractive.com
2    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2.16.106.58 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-16-106-58.deploy.static.akamaitechnologies.com
trial-eum-clientnsv4-s.akamaihd.net
kjtbhcaccbvduxvihk3q-pubyz2-34b0c58ef-clientnsv4-s.akamaihd.net
1    2a02:26f0:6c00::210:ba19 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
trial-eum-clienttons-s.akamaihd.net
1    2a02:26f0:6c00::210:ba13 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
fiaqj6absjkbikqce3ygyaaaabpkqovx-pubyz2-974849f39-clienttons-s.akamaihd.net
1    2a02:26f0:6c00:192::11a6 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
684dd30a.akstat.io
Domain Requested by
14 securepubads.g.doubleclick.net zdnet4.cbsistatic.com
securepubads.g.doubleclick.net
www.zdnet.com
www.googletagservices.com
14 zdnet4.cbsistatic.com www.zdnet.com
zdnet2.cbsistatic.com
zdnet3.cbsistatic.com
12 tpc.googlesyndication.com securepubads.g.doubleclick.net
www.zdnet.com
cdn.ampproject.org
tpc.googlesyndication.com
11 www.googletagservices.com www.zdnet.com
securepubads.g.doubleclick.net
rev.cbsi.com
11 zdnet3.cbsistatic.com www.zdnet.com
zdnet2.cbsistatic.com
zdnet3.cbsistatic.com
9 z.moatads.com zdnet4.cbsistatic.com
securepubads.g.doubleclick.net
8 zdnet2.cbsistatic.com www.zdnet.com
zdnet3.cbsistatic.com
7 cdn.ampproject.org securepubads.g.doubleclick.net
7 zdnet1.cbsistatic.com zdnet2.cbsistatic.com
zdnet3.cbsistatic.com
6 cdn.cookielaw.org www.zdnet.com
cdn.cookielaw.org
5 685d5b19.akstat.io zdnet1.cbsistatic.com
4 pagead2.googlesyndication.com securepubads.g.doubleclick.net
3 px.moatads.com www.zdnet.com
3 c.go-mpulse.net www.zdnet.com
c.go-mpulse.net
zdnet1.cbsistatic.com
3 www.zdnet.com zdnet3.cbsistatic.com
2 fonts.gstatic.com www.zdnet.com
2 geo.moatads.com z.moatads.com
2 adservice.google.com securepubads.g.doubleclick.net
www.googletagservices.com
1 684dd30a.akstat.io c.go-mpulse.net
1 fiaqj6absjkbikqce3ygyaaaabpkqovx-pubyz2-974849f39-clienttons-s.akamaihd.net
1 trial-eum-clienttons-s.akamaihd.net 1 redirects
1 kjtbhcaccbvduxvihk3q-pubyz2-34b0c58ef-clientnsv4-s.akamaihd.net
1 trial-eum-clientnsv4-s.akamaihd.net 1 redirects
1 adservice.google.de www.googletagservices.com
1 vidtech.cbsinteractive.com zdnet2.cbsistatic.com
1 fonts.googleapis.com securepubads.g.doubleclick.net
1 rev.cbsi.com www.zdnet.com
1 mb.moatads.com z.moatads.com
1 geolocation.onetrust.com cdn.cookielaw.org
1 adservice.google.be securepubads.g.doubleclick.net
1 urs.zdnet.com zdnet2.cbsistatic.com
1 at.cbsi.com zdnet4.cbsistatic.com
1 production-cmp.isgprivacy.cbsi.com www.zdnet.com
136 33
Subject Issuer Validity Valid
*.zdnet.com
DigiCert SHA2 High Assurance Server CA		 2020-01-24 -
2021-06-18		 a year crt.sh
*.cbsistatic.com
DigiCert SHA2 High Assurance Server CA		 2019-02-22 -
2021-02-26		 2 years crt.sh
sa437gl.wpc.edgecastcdn.net
DigiCert SHA2 Secure Server CA		 2018-05-17 -
2020-08-19		 2 years crt.sh
*.isgprivacy.cbsi.com
DigiCert SHA2 High Assurance Server CA		 2019-10-07 -
2021-10-14		 2 years crt.sh
akstat.io
DigiCert SHA2 Secure Server CA		 2019-04-16 -
2020-06-14		 a year crt.sh
*.at.cbsi.com
DigiCert SHA2 High Assurance Server CA		 2019-12-17 -
2021-12-21		 2 years crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2020-01-17 -
2021-03-17		 a year crt.sh
*.google.be
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh
*.onetrust.com
DigiCert SHA2 Secure Server CA		 2018-03-12 -
2020-06-14		 2 years crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh
*.moatads.com
DigiCert SHA2 Secure Server CA		 2019-03-12 -
2021-06-10		 2 years crt.sh
www.cbs.com
GeoTrust RSA CA 2018		 2019-04-23 -
2020-07-22		 a year crt.sh
misc-sni.google.com
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh
vidtech.cbsinteractive.com
DigiCert SHA2 High Assurance Server CA		 2018-12-13 -
2020-12-17		 2 years crt.sh
*.gstatic.com
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh
*.google.de
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh
a248.e.akamai.net
DigiCert Secure Site ECC CA-1		 2019-08-13 -
2020-08-12		 a year crt.sh

This page contains 13 frames:

Primary Page: https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
Frame ID: F12C8AD450905AA106F474228449A317
Requests: 87 HTTP requests in this frame

Frame: https://c.go-mpulse.net/boomerang/YZ2TK-PC7PJ-K64DL-L53CR-P2G4E
Frame ID: 1D342FFA1C1585968EB98ECC6F11F7F7
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuUG2QIrF6J13rUKL4rSi9ksk8E9Lu1-b-0wlc8CzkAAeceJwuX9TfInpmLhIAnCRiJ9EEEtyKwQoP50tatjMFEcYSVOuWPnQGtAy5by2RxSzCF7Ku9HhemACNj-laZYqH2qlfCJ8i9uB7t5C2w3B-bqsSTXEkf94HRxnMm61iQaOuYhxohYjlijbJGAxO201ArtGm_XA6SbK3xkWeOtLXja9B7EnDCe4LjjAKiU1TNNYokYtbwhm9ZOYNnOzg8sMzWYmwMajep&sai=AMfl-YT9tFR62IJWHc6D4Pn6T-ZzrNqyu8gBIb_ZGaFzYIxynyo0DYIk47SZLkq-AIi32ofMnQpIvSkXh5duAUg_ItAMTpmKI2s_BwlGfsil&sig=Cg0ArKJSzJWirQk0IbeCEAE&urlfix=1&adurl=
Frame ID: C26F5273021472B5DDEA5B66FC2A239E
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst3Q4yf7t2wIz9fBLP2sBFSCGT_9qO8OvQlZve1NHfd3rzlcAp3g_aI3F0VsI4UgtbFRMZwD8pWsn0iLXvTv2z1a2F1fUDWA1MIePOE-BLJvEw5zjwx3RSQzoih4F6VFcGKqX7VP7vcvSDV1oeIftBgov5rLwxO9LlHJp-mfTXNFIC1zchmhqXcpoIJXo_h7EFOb_GIo1N5fJE-1qswcxMHR_KCxa61oREWstqI3_vh6gyqdpeBWoSzSNtUgPhK1lE0fJdl5IXZ&sai=AMfl-YQmC3R9daafeglP6piCGu6-TcKQEekCeJDkK2qH-relS3gI49gsld1tNstqmufZ-ekFPJE73lUf8L3BRRsgxK6KuZq1Thhk_97OxxzH&sig=Cg0ArKJSzBJnyC25wusGEAE&urlfix=1&adurl=
Frame ID: 634EF928D3A9DD137356410EF63109AD
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvMrQas66Dt-78tFhrXQeIeBFooD0NQOaQN3kUrwI7VXwCACTuLSj2JEoIaO9jFPgxzDAHd2x_LKnDhRDDVW99BTzfcWH-d4OF1KEmJup7PvwhTKGtCKbnrS8UkLSs8GsNextXxbOCMpj6-GUybHO3ruMxRvkOqIuwvrTteVgVjU1GtrBEN0ZdZ1gMYVlvI--tTa3WQcCiXExsmdyhfGtNTVN1aHKAXAriL8147pTCBQ2sJbS-P9zpn2Z5irWawieo9Fdi_t-E4&sai=AMfl-YRmND7BjHbqLdtysm-zzyCKqHBE98zCcEUzvPUVwoYpOZMP68hMduRVLSQ4du-u34z_9Juq8YHO7u6ljIMKK6GG1jVq7NfMrDJNb7TU&sig=Cg0ArKJSzIg7-TrV7ZoSEAE&urlfix=1&adurl=
Frame ID: B583C6EEE3E4D5BF3A8764170134DF4D
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvy04T_UUygNqzAoyIGBUrf8-FIB-Hm6YxnUwFs9CqV9-To1u-ritQZgjuCZsvBgNVCWSDW6Vrw8dPns_J0IkTb32fkWVrMW9p6-B0u0egwwu0gf_PQzkbr41GGSS1F4xPLoyJtv50btY2l2AMkLOmGWmIOGi6sbVIOYO7Uib3GkzjoXOX4DI7bHiCkufOU7q5KIym9AftzyAwVPL1yGLim7BzsMUaX4dQwmP46zs3saRAMHvv7Dnd-zrr53g-rn0epDw8LNfPv&sai=AMfl-YSLBnrdV34ImIp6z792zZAvJiaNQfDjuaAeKPVF7vnvNg3G1GX88QPDx-NjFN8IP0Ul3R_bTbkePG2UzztFqJkOuCV7VyecZz9yJnPz&sig=Cg0ArKJSzO8mVGuysWF3EAE&urlfix=1&adurl=
Frame ID: D92B045AB4EB02B26EA582FD7544F457
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsurZpLWWAU6WIr15VxFntEQbmO--70ONf7-MV5ZfBYQXeG26elUmJobedm1ohn2A4Edkyp739dZ9ICmgLegIkgPcYeCWidITsv2jbcCOss3DHDuBDpZ7uqouwJuM9o9vdkat92T8d_8F1t-YSwfkdFvtpc5nQbG68ofsVLdHcu3QRvF0w7qWFCa8ON2PznXjBPToo_UWZ2jIgGSizsqYdMsX1FsxmZmevjW63R4D4u6mgAZAkmNJlR_RBWSn8c7jIJ3QZZZTnjL&sai=AMfl-YRRozxxWBlBM5iWT5I8bB3Ikbkp1gVuu_xEMiWSkgqZjghO5NHJ6c8ed6DFR3ASzMNvQHg-IsRGU1KZ7hUfRXMWISM68PSKNkFnZzjC&sig=Cg0ArKJSzCHarGYIw74jEAE&urlfix=1&adurl=
Frame ID: 453ADB867C5E029A84CFD69AFEA9C95B
Requests: 14 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js
Frame ID: 74D91344FF7100AD0AAEE470DACE47FA
Requests: 18 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsur94zOqibzsyaSO7b_-Wv1PL8ZFfEYsjsH31rZ3g1ob5E7Jm7zHj79rpxE80p_IBE74rlJvKecu8dnhchSMXzuyW1gDByIJcLJUj7STzRduZ3CcUIrRiwg2xN_EPNkNCwUfTImcDTnZ-IszZzJhYt8v36U0pEExvmYYsZN3_MMF8ULk7ezMhlObCOacyWzux-lF1j6q2tcdITVbv9rqQw5EmTLvLEl24XvL6LJHpOjA6wy0caKDK6T-8eRwaU2VL20rDTPvJRP&sai=AMfl-YTGsmvQ2clsxhdFYbZ92CBOOm9sKeMCbKjxYZpT20xiuxNClNeYB1Uu3NmYGVYSonnkL010KSTL6BHCkNp-KHhPqz2n6ksmNe4SK5Z5&sig=Cg0ArKJSzJ6hKhi_xPjaEAE&urlfix=1&adurl=
Frame ID: E5F8B115A74111F8FA044FA6A2234F68
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvnLtTA3CdWssqXIxp0o2zttPhCB-Ez-aniEnloTFxHkZDOHym7IJHAMocoX5ToxvQ7WytAsFhDONDBwm8uBiakyvraSrPSy3Om63KbYcmj7DdQkb1B0ZUD3_sATNogLBBLzEWKbsErD_rLs1r9oc2m1b0rnL4a-Wsl9SrA8Royy2nEruvY-H-Ak1moIWCfki07JAb_WsZDR4BkIH9kW-v4aKj85aJXkU6RISUDKu0MDJ3aZ2k1c299YSkK8CPx30HhsMGQnnmp&sai=AMfl-YSGpfsrKq4iRIH1QS_g8ECPLRBFZro5FXytLfY5mTaJlJPQ-dGaep_azV2qYxGX7LfK9Bt_tYlWeM0RBPzpQE-dofuJ0CwqowGnwNRa&sig=Cg0ArKJSzKSvpv2vp4hWEAE&urlfix=1&adurl=
Frame ID: 51ED9619F47DC180CE0E7278F4DB00E8
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvlyTNG75fI3t_zT9pxOrQaCeBANITF-WAX3B0LxDx3OwSnb7Wu0j7qnvRifTfIl5m2QVAOltQ4lqn_X0LDsqaGGHpOh0tJ4Ba6mFNCPlUaSA_iJphLilNOn0R1piuSWTXLCHogQj4p5hNP-G4SXhKnsoprxN2MyX5s76Y1wzMfUSofqr5O-XbQIQ5uy8MBPeeZMP8DiSVNFAU-yWzBireyIeO_FRzLK_6PDvVzTTgoY3ce99lwF99nxHkEY5-psXyKJQKnHHIS&sai=AMfl-YRG7Bl_TOXusFS_K9nRdSVZW5GApD0302TXOKuAS8c-PwbmpniwzhkMamOErm_BK87IfgPC6aW8ZTGko4-QSf79NOltDCsG4UFgD-9U&sig=Cg0ArKJSzJUmewlR6aQHEAE&urlfix=1&adurl=
Frame ID: 8D279EDFC51FB1D2C9F5F420C6DCD30E
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 530BA83C9EAF84B010402265E7828A2F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: A6A0B0FA44CAD36154C4493A3B9DC672
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

136
Requests

100 %
HTTPS

61 %
IPv6

19
Domains

33
Subdomains

23
IPs

5
Countries

3462 kB
Transfer

9358 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 129
  • https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pubyz2i33 HTTP 302
  • https://kjtbhcaccbvduxvihk3q-pubyz2-34b0c58ef-clientnsv4-s.akamaihd.net/eum/results.txt
Request Chain 130
  • https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pubyz2i33 HTTP 302
  • https://fiaqj6absjkbikqce3ygyaaaabpkqovx-pubyz2-974849f39-clienttons-s.akamaihd.net/eum/results.txt

136 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/ 		512 KB
148 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c1fe1c7104ecaac33f1e63108206e68e57ebba36ddc1c7019409f0bd7dfeb249
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.zdnet.com *.ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.zdnet.com
:scheme
https
:path
/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
content-type
text/html; charset=UTF-8
x-tx-id
f26c00de-7788-4451-a6a6-1a647fe51c4f
x-xss-protection
1; mode=block
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
expect-ct
max-age=0, report-uri="https://7a8f8748a40805618a61b617481a6ebc.report-uri.com/r/d/ct/reportOnly"
content-security-policy
frame-ancestors 'self' *.zdnet.com *.ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
x-frame-options
SAMEORIGIN
access-control-allow-origin
https://www.zdnet.com
content-encoding
gzip
set-cookie
nemo_highlander=share_bar:3:a; expires=Wed, 06-May-2020 14:00:00 GMT; path=/; domain=.zdnet.com; secure fly_geo={"countryCode": "de"}; max-age=604800; path=/; domain=.zdnet.com; Secure; fly_device=desktop; max-age=604800; path=/; domain=.zdnet.com; Secure; fly_preferred_edition=eu; path=/; domain=.zdnet.com; Secure; fly_default_edition=eu; path=/; domain=.zdnet.com; Secure;
date
Tue, 28 Apr 2020 14:16:15 GMT
cache-control
max-age=5400, private
expires
Tue, 28 Apr 2020 15:15:14 GMT
vary
Accept-Encoding, User-Agent
strict-transport-security
max-age=63072000; includeSubDomains; preload
accept-ranges
bytes
content-length
150580
main-6d8381d422-rev.css
zdnet4.cbsistatic.com/fly/2060-fly/css/core/ 		350 KB
63 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://zdnet4.cbsistatic.com/fly/2060-fly/css/core/main-6d8381d422-rev.css
Requested by
Host: www.zdnet.com
URL: https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
ContentServer /
Resource Hash
17c871d09578495e31181c653c0366c6de030519cf9668ab2937766784cf8db5
Security Headers
Name Value
Content-Security-Policy default-src https://*.zdnet.com:*
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13260
status
200
vary
Accept-Encoding
content-length
64458
x-xss-protection
1; mode=block
last-modified
Tue, 28 Apr 2020 10:13:22 GMT
server
ContentServer
x-frame-options
SAMEORIGIN
etag
W/"5ea801c2-57894"
strict-transport-security
max-age=31536000
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
gcstest
false
content-security-policy
default-src https://*.zdnet.com:*
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 May 2020 10:35:15 GMT
controls-09a50ea065-rev.css
zdnet2.cbsistatic.com/fly/css/video/htmlPlayerControls/ 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://zdnet2.cbsistatic.com/fly/css/video/htmlPlayerControls/controls-09a50ea065-rev.css
Requested by
Host: www.zdnet.com
URL: https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
ContentServer /
Resource Hash
1c14d3996c13263cfa324a4b2e97649877455eab114547ff5d8b168e10cb2c16
Security Headers
Name Value
Content-Security-Policy default-src https://*.zdnet.com:*
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13259
status
200
vary
Accept-Encoding
content-length
3740
x-xss-protection
1; mode=block
last-modified
Tue, 28 Apr 2020 10:13:33 GMT
server
ContentServer
x-frame-options
SAMEORIGIN
etag
W/"5ea801cd-4563"
strict-transport-security
max-age=31536000
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
gcstest
false
content-security-policy
default-src https://*.zdnet.com:*
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 May 2020 10:35:15 GMT
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.zdnet.com
URL: https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.132.202 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8AAA) /
Resource Hash
8e00ebebe053ff93e139bab1a80ced2517b33572ab374ae641e0e1cfed58d8e0

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 28 Apr 2020 14:16:16 GMT
content-encoding
gzip
content-md5
tGBfN8Dt0N9MQGOfm2RbWw==
age
5908
x-cache
HIT
status
200
content-length
3742
x-ms-lease-status
unlocked
last-modified
Fri, 24 Apr 2020 16:08:30 GMT
server
ECAcc (ama/8AAA)
etag
0x8D7E869BB210898
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
9f696142-801e-0008-4359-1dc395000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
expires
Tue, 28 Apr 2020 18:16:16 GMT
optanon.js
production-cmp.isgprivacy.cbsi.com/dist/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://production-cmp.isgprivacy.cbsi.com/dist/optanon.js
Requested by
Host: www.zdnet.com
URL: https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1d93d85e9887c861e43962220f8ae363c16197932c5ffa3620eb42bb3c216a99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2763
x-cache
HIT
status
200
x-cache-hits
358
vary
Accept-Encoding
content-length
10074
x-xss-protection
1; mode=block
x-served-by
cache-hhn4042-HHN
access-control-allow-origin
*
last-modified
Tue, 31 Mar 2020 23:59:57 GMT
x-timer
S1588083376.064165,VS0,VE0
x-frame-options
SAMEORIGIN
etag
"b7a27fff8da8a3fc715c5003c0e1ea15"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript
via
1.1 varnish
access-control-expose-headers
X-CDN
accept-ranges
bytes
x-amz-id-2
tUBcpSLx20qDvRxQwvHdTRMYN9R57WxJf6d2/WtGqdTgKUU/8tIX6XUf5vQfajPTAapd6+jIvFA=
bidbarrel-2.12.js
zdnet4.cbsistatic.com/fly/bundles/zdnetjs/js/libs/ads/ 		348 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zdnet4.cbsistatic.com/fly/bundles/zdnetjs/js/libs/ads/bidbarrel-2.12.js
Requested by
Host: www.zdnet.com
URL: https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
ContentServer /
Resource Hash
83cbc7b54092b1bc2080b2ef7a7096e2c125a21a8b58895fa2cccd7e0a03d89d
Security Headers
Name Value
Content-Security-Policy default-src https://*.zdnet.com:*
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69212
status
200
vary
Accept-Encoding
content-length
111609
x-xss-protection
1; mode=block
last-modified
Thu, 23 Apr 2020 17:47:38 GMT
server
ContentServer
x-frame-options
SAMEORIGIN
etag
W/"5ea1d4ba-56e18"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
gcstest
false
content-security-policy
default-src https://*.zdnet.com:*
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 May 2020 19:02:43 GMT
charlie-osborne.jpg
zdnet2.cbsistatic.com/hub/i/r/2014/07/22/36b8334d-1175-11e4-9732-00505685119a/thumbnail/40x40/d95deacb5e6bd3a9d82988a322877f5b/ 		930 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zdnet2.cbsistatic.com/hub/i/r/2014/07/22/36b8334d-1175-11e4-9732-00505685119a/thumbnail/40x40/d95deacb5e6bd3a9d82988a322877f5b/charlie-osborne.jpg
Requested by
Host: www.zdnet.com
URL: https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
ContentServer /
Resource Hash
b4b2d45758098ad4513cbcb4b8d2ea58c84f37ab1642b9aefd81818da523e8c6
Security Headers
Name Value
Content-Security-Policy default-src https://*.zdnet.com:*
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:15 GMT
x-content-type-options
nosniff
age
620082
status
200
content-transfer-encoding
binary
x-image-exists
1
vary
Accept-Image-Webp,Accept-Image-Webv
content-length
930
x-xss-protection
1; mode=block
server
ContentServer
x-frame-options
SAMEORIGIN
etag
"1cc3633c579a90cfdd895e64021e2163"
strict-transport-security
max-age=31536000
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
gcstest
false
content-security-policy
default-src https://*.zdnet.com:*
accept-ranges
bytes
timing-allow-origin
*
zoom-or-teams-virtual-parliament-puts-re-5e9ec0c31c719e452658e7c4-1-apr-23-2020-9-11-12-poster.jpg
zdnet4.cbsistatic.com/hub/i/r/2020/04/23/d6392b6c-6dcd-46c1-8a4a-fc78895e8c03/thumbnail/570x322/b0a20ae4ee48055d4935a8b124ca6988/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zdnet4.cbsistatic.com/hub/i/r/2020/04/23/d6392b6c-6dcd-46c1-8a4a-fc78895e8c03/thumbnail/570x322/b0a20ae4ee48055d4935a8b124ca6988/zoom-or-teams-virtual-parliament-puts-re-5e9ec0c31c719e452658e7c4-1-apr-23-2020-9-11-12-poster.jpg
Requested by
Host: www.zdnet.com
URL: https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
ContentServer /
Resource Hash
142802f684dd3b6d16a2de880165028598598c2438c0d5238032456f3f728556
Security Headers
Name Value
Content-Security-Policy default-src https://*.zdnet.com:*
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
121701
status
200
content-transfer-encoding
binary
x-image-exists
1
vary
Accept-Image-Webp,Accept-Image-Webv
content-length
37416
x-xss-protection
1; mode=block
server
ContentServer
x-frame-options
SAMEORIGIN
etag
W/"3a0c652a9bb4387df21060f16048ce11"
strict-transport-security
max-age=31536000
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
gcstest
false
content-security-policy
default-src https://*.zdnet.com:*
accept-ranges
bytes
timing-allow-origin
*
advertisement.js
zdnet2.cbsistatic.com/fly/bundles/zdnetjs/js/utils/ 		53 B
195 B 		Script
General
Check archive.org
Download Go to
Full URL
https://zdnet2.cbsistatic.com/fly/bundles/zdnetjs/js/utils/advertisement.js
Requested by
Host: www.zdnet.com
URL: https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
ContentServer /
Resource Hash
07b69027231d985f5bdcd4d5a539f120d26003feef6e9dc0a6b77a4b43a9b21f
Security Headers
Name Value
Content-Security-Policy default-src https://*.zdnet.com:*
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
335399
status
200
vary
Accept-Encoding
content-length
71
x-xss-protection
1; mode=block
last-modified
Thu, 23 Apr 2020 17:47:38 GMT
server
ContentServer
x-frame-options
SAMEORIGIN
etag
"5ea1d4ba-35"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
gcstest
false
content-security-policy
default-src https://*.zdnet.com:*
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 May 2020 17:06:16 GMT
screenshot-2020-04-26-at-14-38-36.png
zdnet4.cbsistatic.com/hub/i/2020/04/26/8f73d153-dbef-4251-a335-f53b4afc4ee8/ 		195 KB
191 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zdnet4.cbsistatic.com/hub/i/2020/04/26/8f73d153-dbef-4251-a335-f53b4afc4ee8/screenshot-2020-04-26-at-14-38-36.png
Requested by
Host: www.zdnet.com
URL: https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
ContentServer /
Resource Hash
f51847fa7ee7ca77bfddece1bf796d701feb167b1d401eb4cfc35731f218071c
Security Headers
Name Value
Content-Security-Policy default-src https://*.zdnet.com:*
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
121226
status
200
content-transfer-encoding
binary
x-image-exists
1
vary
Accept-Image-Webp,Accept-Image-Webv
content-length
194958
x-xss-protection
1; mode=block
server
ContentServer
x-frame-options
SAMEORIGIN
etag
W/"dccb818e143d857e8d17fc9ba3ab280b"
strict-transport-security
max-age=31536000
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
gcstest
false
content-security-policy
default-src https://*.zdnet.com:*
accept-ranges
bytes
timing-allow-origin
*
require-2.1.2.js
zdnet2.cbsistatic.com/fly/js/libs/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zdnet2.cbsistatic.com/fly/js/libs/require-2.1.2.js
Requested by
Host: www.zdnet.com
URL: https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
ContentServer /
Resource Hash
a70d5b9ad136255942779acf94da5cc72316fde5c10c5e7707d6f1888f43dcb8
Security Headers
Name Value
Content-Security-Policy default-src https://*.zdnet.com:*
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
97279
status
200
vary
Accept-Encoding
content-length
6288
x-xss-protection
1; mode=block
last-modified
Thu, 23 Apr 2020 17:52:09 GMT
server
ContentServer
x-frame-options
SAMEORIGIN
etag
W/"5ea1d5c9-3f88"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
gcstest
false
content-security-policy
default-src https://*.zdnet.com:*
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 May 2020 11:14:55 GMT
YZ2TK-PC7PJ-K64DL-L53CR-P2G4E
c.go-mpulse.net/boomerang/ Frame 1D34 		202 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/boomerang/YZ2TK-PC7PJ-K64DL-L53CR-P2G4E
Requested by
Host: www.zdnet.com
URL: https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:181::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 28 Apr 2020 14:16:15 GMT
Content-Encoding
br
Last-Modified
Wed, 11 Mar 2020 17:14:33 GMT
Server
Akamai Resource Optimizer
Vary
Accept-Encoding
Content-Type
application/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800, s-maxage=604800
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
51580
truncated
/ 		31 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f3e2e0f12c5badfe408d69bf6c0fa9ce6247f9a45c849851a53b8647637cfcd0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfd272053c730cd470302af475eb401d9be41c81f0081c20d7910f6c12732c9d

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95783bf43b78701a92daf5ec7268db97c7144599c774821126b8cc5396724bfa

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		917 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d2fe67ecc4354b214728e0a7d75b67536a78f6b575080b589d54a1937fc46b41

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1724d7fd70903754d6f29172f2ac879dc6dab79df6c4c78ed06f45c0f117e15c

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ceffb891c3e1891757ead2e7e41497adc13abca0d14d7f58d20e3aa8d5aee108

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1c0ccb11374e2374cb7a52c792ffe07d9203d28d4ad97623bcf27bc58d2513f9

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/jpeg
mag-white01.png
zdnet4.cbsistatic.com/fly/1588068637-asset/bundles/zdnetcss/images/core/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zdnet4.cbsistatic.com/fly/1588068637-asset/bundles/zdnetcss/images/core/mag-white01.png
Requested by
Host: www.zdnet.com
URL: https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
ContentServer /
Resource Hash
69721aa2f1085046c84d1943a1daa0515be8e2f060c21063024ea117789e425c
Security Headers
Name Value
Content-Security-Policy default-src https://*.zdnet.com:*
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://zdnet4.cbsistatic.com/fly/2060-fly/css/core/main-6d8381d422-rev.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13258
status
200
vary
Accept-Encoding
content-length
936
x-xss-protection
1; mode=block
last-modified
Tue, 28 Apr 2020 10:10:37 GMT
server
ContentServer
x-frame-options
SAMEORIGIN
etag
W/"5ea8011d-4f1"
strict-transport-security
max-age=31536000
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
gcstest
false
content-security-policy
default-src https://*.zdnet.com:*
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 May 2020 10:35:16 GMT
ring-animated.svg
zdnet3.cbsistatic.com/fly/1588068637-asset/bundles/zdnetcss/images/video/ 		704 B
647 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zdnet3.cbsistatic.com/fly/1588068637-asset/bundles/zdnetcss/images/video/ring-animated.svg
Requested by
Host: www.zdnet.com
URL: https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
ContentServer /
Resource Hash
0025565f0cddfceb7ebdbc4b21d2552c894998e443153f97a6e8b353dfd9bebd
Security Headers
Name Value
Content-Security-Policy default-src https://*.zdnet.com:*
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://zdnet2.cbsistatic.com/fly/css/video/htmlPlayerControls/controls-09a50ea065-rev.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13257
status
200
vary
Accept-Encoding
content-length
364
x-xss-protection
1; mode=block
last-modified
Tue, 28 Apr 2020 10:10:37 GMT
server
ContentServer
x-frame-options
SAMEORIGIN
etag
"5ea8011d-2c0"
strict-transport-security
max-age=31536000
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
gcstest
false
content-security-policy
default-src https://*.zdnet.com:*
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Apr 2021 10:35:16 GMT
Semibold.woff2
zdnet4.cbsistatic.com/bundles/zdnetcss/fonts/Proxima%20Nova/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://zdnet4.cbsistatic.com/bundles/zdnetcss/fonts/Proxima%20Nova/Semibold.woff2
Requested by
Host: www.zdnet.com
URL: https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
ContentServer /
Resource Hash
21c9c7889404394d4e4c780022b56b5fa39e83b19c34eb0508561a115a1dcc6a
Security Headers
Name Value
Content-Security-Policy default-src https://*.zdnet.com:*
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://zdnet4.cbsistatic.com/fly/2060-fly/css/core/main-6d8381d422-rev.css
Origin
https://www.zdnet.com

Response headers

date
Tue, 28 Apr 2020 14:16:16 GMT
x-content-type-options
nosniff
age
5271377
status
200
vary
Accept-Encoding
content-length
20344
x-xss-protection
1; mode=block
last-modified
Thu, 27 Feb 2020 13:35:38 GMT
server
ContentServer
x-frame-options
SAMEORIGIN
etag
"5e57c5aa-4f78"
strict-transport-security
max-age=31536000
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
gcstest
false
content-security-policy
default-src https://*.zdnet.com:*
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 26 Feb 2021 13:59:59 GMT
Regular.woff2
zdnet4.cbsistatic.com/bundles/zdnetcss/fonts/Proxima%20Nova/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://zdnet4.cbsistatic.com/bundles/zdnetcss/fonts/Proxima%20Nova/Regular.woff2
Requested by
Host: www.zdnet.com
URL: https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
ContentServer /
Resource Hash
7fa1c7b1686f9f116183456c39f7b3ed9cce063cfb428e575fe4a29ae05c4fa6
Security Headers
Name Value
Content-Security-Policy default-src https://*.zdnet.com:*
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://zdnet4.cbsistatic.com/fly/2060-fly/css/core/main-6d8381d422-rev.css
Origin
https://www.zdnet.com

Response headers

date
Tue, 28 Apr 2020 14:16:16 GMT
x-content-type-options
nosniff
age
5271377
status
200
vary
Accept-Encoding
content-length
20256
x-xss-protection
1; mode=block
last-modified
Thu, 27 Feb 2020 13:35:38 GMT
server
ContentServer
x-frame-options
SAMEORIGIN
etag
"5e57c5aa-4f20"
strict-transport-security
max-age=31536000
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
gcstest
false
content-security-policy
default-src https://*.zdnet.com:*
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 26 Feb 2021 13:59:59 GMT
truncated
/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/gif
charlie-osborne.jpg
zdnet2.cbsistatic.com/hub/i/r/2014/07/22/36b8334d-1175-11e4-9732-00505685119a/thumbnail/40x40/d95deacb5e6bd3a9d82988a322877f5b/ 		930 B
996 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zdnet2.cbsistatic.com/hub/i/r/2014/07/22/36b8334d-1175-11e4-9732-00505685119a/thumbnail/40x40/d95deacb5e6bd3a9d82988a322877f5b/charlie-osborne.jpg
Requested by
Host: www.zdnet.com
URL: https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
ContentServer /
Resource Hash
b4b2d45758098ad4513cbcb4b8d2ea58c84f37ab1642b9aefd81818da523e8c6
Security Headers
Name Value
Content-Security-Policy default-src https://*.zdnet.com:*
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:16 GMT
x-content-type-options
nosniff
age
620082
status
200
content-transfer-encoding
binary
x-image-exists
1
vary
Accept-Image-Webp,Accept-Image-Webv
content-length
930
x-xss-protection
1; mode=block
server
ContentServer
x-frame-options
SAMEORIGIN
etag
"1cc3633c579a90cfdd895e64021e2163"
strict-transport-security
max-age=31536000
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
gcstest
false
content-security-policy
default-src https://*.zdnet.com:*
accept-ranges
bytes
timing-allow-origin
*
logo.png
zdnet4.cbsistatic.com/fly/1588068637-asset/bundles/zdnetcss/images/core/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zdnet4.cbsistatic.com/fly/1588068637-asset/bundles/zdnetcss/images/core/logo.png
Requested by
Host: www.zdnet.com
URL: https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
ContentServer /
Resource Hash
ff2ae991ac0efdb5ae8b4428ba8555a0aeb0fd94b8014ce290c484242c524097
Security Headers
Name Value
Content-Security-Policy default-src https://*.zdnet.com:*
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://zdnet4.cbsistatic.com/fly/2060-fly/css/core/main-6d8381d422-rev.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13260
status
200
vary
Accept-Encoding
content-length
4128
x-xss-protection
1; mode=block
last-modified
Tue, 28 Apr 2020 10:10:37 GMT
server
ContentServer
x-frame-options
SAMEORIGIN
etag
W/"5ea8011d-1009"
strict-transport-security
max-age=31536000
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
gcstest
false
content-security-policy
default-src https://*.zdnet.com:*
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 May 2020 10:35:16 GMT
client-info
at.cbsi.com/lib/api/ 		99 B
339 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://at.cbsi.com/lib/api/client-info
Requested by
Host: zdnet4.cbsistatic.com
URL: https://zdnet4.cbsistatic.com/fly/bundles/zdnetjs/js/libs/ads/bidbarrel-2.12.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.188 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
25332bd52a16b6053fcee418b1eacc1240ef37b4b94412457fb4b7f19190fea3
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:17 GMT
via
1.1 varnish
x-cache
HIT
status
200
content-length
99
x-served-by
cache-ams21073-AMS
server
Varnish
x-timer
S1588083378.795705,VS0,VE0
strict-transport-security
max-age=300
access-control-allow-methods
OPTIONS, POST, GET
content-type
application/json
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
retry-after
0
x-cache-hits
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		43 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: zdnet4.cbsistatic.com
URL: https://zdnet4.cbsistatic.com/fly/bundles/zdnetjs/js/libs/ads/bidbarrel-2.12.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
sffe /
Resource Hash
d549c4084d312d53cb0eb372bfc5b02b793973c0726a61a9415fd7e5c0c030da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"499 / 989 of 1000 / last-modified: 1588026265"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
14516
x-xss-protection
0
expires
Tue, 28 Apr 2020 14:16:16 GMT
bc1ecd99-9ce4-4c1a-97f9-51121cc6da4c.json
cdn.cookielaw.org/consent/bc1ecd99-9ce4-4c1a-97f9-51121cc6da4c/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/bc1ecd99-9ce4-4c1a-97f9-51121cc6da4c/bc1ecd99-9ce4-4c1a-97f9-51121cc6da4c.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.132.202 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8B5A) /
Resource Hash
3e197065a7140de42dd208e9d62e19a1dffb7849965296e2c57fa2d12fa692ae

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 28 Apr 2020 14:16:17 GMT
content-encoding
gzip
content-md5
lt3wTQAVMGYQppuN62v4Ow==
age
4406
x-cache
HIT
status
200
content-length
1109
x-ms-lease-status
unlocked
last-modified
Fri, 17 Apr 2020 14:56:29 GMT
server
ECAcc (ama/8B5A)
etag
0x8D7E2DF82CCB9CF
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
aa9c935f-401e-0096-655d-1dbad2000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
expires
Tue, 28 Apr 2020 18:16:17 GMT
main.default.js
zdnet3.cbsistatic.com/fly/2060-fly/js/ 		223 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zdnet3.cbsistatic.com/fly/2060-fly/js/main.default.js
Requested by
Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/js/libs/require-2.1.2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
ContentServer /
Resource Hash
38b105aaaea628c1b123cc6c484b947929d2465ad1b01ac0c9342ba21f6d5336
Security Headers
Name Value
Content-Security-Policy default-src https://*.zdnet.com:*
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13260
status
200
vary
Accept-Encoding
content-length
74660
x-xss-protection
1; mode=block
last-modified
Tue, 28 Apr 2020 10:13:37 GMT
server
ContentServer
x-frame-options
SAMEORIGIN
etag
W/"5ea801d1-37b22"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
gcstest
false
content-security-policy
default-src https://*.zdnet.com:*
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 May 2020 10:35:16 GMT
config.json
c.go-mpulse.net/api/ Frame 1D34 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/api/config.json?key=YZ2TK-PC7PJ-K64DL-L53CR-P2G4E&d=www.zdnet.com&t=5293611&v=1.632.0&if=&sl=0&si=eqjk1zbkorh-q9i4z4&plugins=ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,LOGN&acao=
Requested by
Host: c.go-mpulse.net
URL: https://c.go-mpulse.net/boomerang/YZ2TK-PC7PJ-K64DL-L53CR-P2G4E
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:181::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
3b1fc99009fb66968e4aeef296d850ffebe8644ec24f5ad3cacbb78c9fb5139d

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 28 Apr 2020 14:16:16 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
821
urs.js
urs.zdnet.com/sdk/ 		50 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://urs.zdnet.com/sdk/urs.js
Requested by
Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/js/libs/require-2.1.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.213.242 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
242.213.102.34.bc.googleusercontent.com
Software
/
Resource Hash
fb7a86f12d2f0ac2f4111c147415ab30f9c7d84c5e15faba3875fce7ce590127

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:18 GMT
via
1.1 google
last-modified
Mon, 13 Apr 2020 17:57:02 GMT
etag
"5e94a7ee-c803"
content-type
application/javascript
status
200
accept-ranges
bytes
alt-svc
clear
content-length
51203
moatheader.js
z.moatads.com/cbsprebidheader506831276743/ 		200 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/cbsprebidheader506831276743/moatheader.js
Requested by
Host: zdnet4.cbsistatic.com
URL: https://zdnet4.cbsistatic.com/fly/bundles/zdnetjs/js/libs/ads/bidbarrel-2.12.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-226-64.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
3e739d0fcd6811c6f2c97393b66431eda17c61ebbdd01b88344e90a7a7a90c0b

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:18 GMT
content-encoding
gzip
last-modified
Wed, 11 Mar 2020 17:17:53 GMT
server
AmazonS3
x-amz-request-id
93C07487D3965A69
etag
"6d1c9d5f2e90a2e13a74e809a3b63438"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=3331
accept-ranges
bytes
content-length
72041
x-amz-id-2
6yRJLuuw62Zrtt6rKsiN9MmkEpsx9hfeEtK3yTVeDPAbpTLOee1S7FrXakj/3lYS0q5z5RxEwP4=
integrator.js
adservice.google.be/adsid/ 		109 B
839 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.be/adsid/integrator.js?domain=www.zdnet.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 28 Apr 2020 14:16:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
839 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.zdnet.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 28 Apr 2020 14:16:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
104
x-xss-protection
0
pubads_impl_2020042302.js
securepubads.g.doubleclick.net/gpt/ 		237 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
sffe /
Resource Hash
0b3678d81937a06cba82b9b8d1b69a6e60c1133246d9798e681bf3908aa390bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 23 Apr 2020 17:07:14 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
87243
x-xss-protection
0
expires
Tue, 28 Apr 2020 14:16:17 GMT
mpulse-1.0.2.js
zdnet1.cbsistatic.com/fly/js/libs/ 		61 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zdnet1.cbsistatic.com/fly/js/libs/mpulse-1.0.2.js
Requested by
Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/js/libs/require-2.1.2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
ContentServer /
Resource Hash
ea7373d7059ab32d4304249b48a91311f91d2dce5e1ebf10450f33f9a8c5f5ec
Security Headers
Name Value
Content-Security-Policy default-src https://*.zdnet.com:*
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
335407
status
200
vary
Accept-Encoding
content-length
13447
x-xss-protection
1; mode=block
last-modified
Thu, 23 Apr 2020 17:52:09 GMT
server
ContentServer
x-frame-options
SAMEORIGIN
etag
W/"5ea1d5c9-f278"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
gcstest
false
content-security-policy
default-src https://*.zdnet.com:*
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 May 2020 17:06:10 GMT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		161 B
540 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48b9b9c50fd14ec46d7bafe5857e5aeeb945e25a79f678f31f02d2c2761e5971
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:18 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
58b16678ad09dfc3-FRA
cf-request-id
0262be5f670000dfc34631d200000001
config.json
c.go-mpulse.net/api/v2/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/api/v2/config.json?key=YZ2TK-PC7PJ-K64DL-L53CR-P2G4E&t=1588083378079&s=e94a31688954afdfac8dc05868c4b0e349e24b42809f50e2d4bf627e6e9a544f
Requested by
Host: zdnet1.cbsistatic.com
URL: https://zdnet1.cbsistatic.com/fly/js/libs/mpulse-1.0.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:181::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
6b1177d31c8c52d3a67f9eaa334aaeb9bb545fe838b4cfe3af41902ae4f6b727

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 28 Apr 2020 14:16:18 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
846
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/5.15.0/ 		304 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/5.15.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.132.202 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8B50) /
Resource Hash
0143251fc6233ab3db13575f4e5208ca169f7fc18ac72d5a6f62901d94aa6f22

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 28 Apr 2020 14:16:18 GMT
content-encoding
gzip
content-md5
cyq3+Z4DcEJk/dYwcUu3dw==
age
12761
x-cache
HIT
status
200
content-length
68064
x-ms-lease-status
unlocked
last-modified
Fri, 24 Apr 2020 16:08:31 GMT
server
ECAcc (ama/8B50)
etag
0x8D7E869BC001F7E
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
f484c36e-b01e-0066-1549-1d6abc000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
expires
Tue, 28 Apr 2020 18:16:18 GMT
en.json
cdn.cookielaw.org/consent/bc1ecd99-9ce4-4c1a-97f9-51121cc6da4c/bac19328-3673-4434-b575-5b669b4d361d/ 		99 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/bc1ecd99-9ce4-4c1a-97f9-51121cc6da4c/bac19328-3673-4434-b575-5b669b4d361d/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/5.15.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.132.202 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8AE7) /
Resource Hash
7444a4f95aa54b94261f01f7bc26d3fcd45f723643698a54412fc8dea4267179

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 28 Apr 2020 14:16:18 GMT
content-encoding
gzip
content-md5
JkkEaTxAkJvZn6QW+OIVuA==
age
4027
x-cache
HIT
status
200
content-length
17844
x-ms-lease-status
unlocked
last-modified
Fri, 17 Apr 2020 14:56:34 GMT
server
ECAcc (ama/8AE7)
etag
0x8D7E2DF85B23C5B
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
bfa0eca9-a01e-0050-465e-1dc7ee000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
expires
Tue, 28 Apr 2020 18:16:18 GMT
otFlat.json
cdn.cookielaw.org/scripttemplates/5.15.0/assets/ 		17 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/5.15.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/5.15.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.132.202 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8AC7) /
Resource Hash
e60d72219eb682a93fea26976d93acbe542afdd65065fd1e05c393d8dd996a30

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 28 Apr 2020 14:16:18 GMT
content-encoding
gzip
content-md5
02SC5G8dyC7Cq0+bUBFRrg==
age
3834
x-cache
HIT
status
200
content-length
3207
x-ms-lease-status
unlocked
last-modified
Fri, 24 Apr 2020 16:08:28 GMT
server
ECAcc (ama/8AC7)
etag
0x8D7E869B9CFE141
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
f4ab8eaf-b01e-0066-105e-1d6abc000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
expires
Tue, 28 Apr 2020 18:16:18 GMT
otPcPanel.json
cdn.cookielaw.org/scripttemplates/5.15.0/assets/ 		93 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/5.15.0/assets/otPcPanel.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/5.15.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.132.202 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8B31) /
Resource Hash
6c9ba076312d706e7a2c79aa15b2c7a50610191232a333f5504e8d8eded22ed7

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 28 Apr 2020 14:16:18 GMT
content-encoding
gzip
content-md5
jf3I2mH9mRIjc2onQNBADA==
age
11771
x-cache
HIT
status
200
content-length
18788
x-ms-lease-status
unlocked
last-modified
Fri, 24 Apr 2020 16:08:28 GMT
server
ECAcc (ama/8B31)
etag
0x8D7E869BA314CDE
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
759a468a-a01e-0176-064c-1d1a0f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
expires
Tue, 28 Apr 2020 18:16:18 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		152 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1370617840948837&correlator=2493906582622291&output=ldjh&impl=fifs&adsid=NT&eid=21064369%2C21065929&vrg=2020042302&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200428&iu_parts=8264%2Cuk-zdnet%2Csecurity&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=5x5%7C7x7%2C728x90%7C970x250%7C970x66%2C300x250%7C300x600%7C300x1050%2C300x250%2C371x771%2C300x250%2C728x90%7C970x250%7C970x66&prev_scp=pos%3Dnav%26sl%3Dnav-ad%253FT-1000%7Cpos%3Dtop%26sl%3Dleader-plus-top%253FT-1000%7Cpos%3Dtop%26sl%3Dmpu-plus-top%253FT-1000%7Cpos%3Dmiddle%26sl%3Dmpu-middle%253FT-1000%7Cpos%3Dtop%26sl%3Ddynamic-showcase-top%253FT-1000%7Cpos%3Dbottom%26sl%3Dmpu-bottom%253FT-1000%7Cpos%3Dbottom%26sl%3Dleader-plus-bottom%253FT-1000&eri=1&cust_params=test%3Dshare_bar%257C3%257Ca%26buyingcycle%3Ddiscover%26topic%3Dsecurity%252Cmicrosoft%26mfr%3Dmicrosoft%252Ccyberark%26tag%3Dmicrosoft%252Ccyber-security%252Ctarget%26pid%3Dmicrosoft-teams%252Cskype%252Cmicrosoft-sharepoint%252Cwindows-10%252Cmicrosoft-windows-10%26device%3Ddesktop%26ptype%3Darticle%26cid%3Dthis-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug%26env%3Dprod%26user%3Danon%26userGroup%3Dfirst_impression%26type%3Dgpt%26region%3Duk%26subses%3D4%26session%3Dc%26pv%3D1%26vguid%3D843688c6-7bdd-434a-b2b6-07986a50fe2e&cookie_enabled=1&bc=31&abxe=1&lmt=1588083378&dt=1588083378613&dlt=1588083375667&idt=2316&frm=20&biw=1585&bih=1200&oid=3&adxs=0%2C-20%2C1043%2C1043%2C1008%2C1043%2C429&adys=0%2C285%2C405%2C2424%2C1623%2C3306%2C4842&adks=1512325694%2C3581870410%2C1925781520%2C3289239044%2C3970605601%2C3509234736%2C519614694&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_sd=1&flash=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fthis-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug%2F&dssz=29&icsg=134260736&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1585x5301%7C1585x90%7C370x250%7C370x250%7C370x771%7C370x250%7C1210x90&msz=1585x5%7C1585x90%7C370x250%7C370x250%7C370x771%7C370x250%7C1210x90&ga_vid=2073015055.1588083379&ga_sid=1588083379&ga_hid=1422169481&fws=4%2C4%2C4%2C4%2C4%2C4%2C4&ohw=1585%2C1585%2C1585%2C1585%2C1585%2C1585%2C1585
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
cafe /
Resource Hash
d30e3d54cc600603a8082cc015057bc68ef07a99879988234c9a8c57f5e397e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:19 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
24706
x-xss-protection
0
google-lineitem-id
4745699004,4745696286,4745571990,4745571990,4825966980,-1,4745696286
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138245072116,138239338542,138248164873,138239450932,138247024569,-1,138239338269
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.zdnet.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
/
685d5b19.akstat.io/ 		0
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://685d5b19.akstat.io/?h.pg=article&h.ab=share_bar_a_3&when=1588083378097&cdim.Site_View=desktop&t_other=custom0%7C2971&d=zdnet.com&h.key=YZ2TK-PC7PJ-K64DL-L53CR-P2G4E&h.d=zdnet.com&h.cr=c5d4938313416b6552eaeb0c0405233d16f05ad3&h.t=1588083378214&http.initiator=api&rt.start=api&rt.si=9bc54829-d6a6-4c5c-9b04-95b5a736574f&rt.ss=1588083381691&rt.sl=0&api=1&api.v=2&api.l=js&api.lv=0.0.1
Requested by
Host: zdnet1.cbsistatic.com
URL: https://zdnet1.cbsistatic.com/fly/js/libs/mpulse-1.0.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:181::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Apr 2020 14:16:19 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.zdnet.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
X-XSS-Protection
0
Expires
Tue, 28 Apr 2020 14:16:19 GMT
/
685d5b19.akstat.io/ 		0
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://685d5b19.akstat.io/?h.pg=article&h.ab=share_bar_a_3&when=1588083378097&cdim.Site_View=desktop&t_other=custom1%7C3036&d=zdnet.com&h.key=YZ2TK-PC7PJ-K64DL-L53CR-P2G4E&h.d=zdnet.com&h.cr=c5d4938313416b6552eaeb0c0405233d16f05ad3&h.t=1588083378214&http.initiator=api&rt.start=api&rt.si=9bc54829-d6a6-4c5c-9b04-95b5a736574f&rt.ss=1588083381691&rt.sl=0&api=1&api.v=2&api.l=js&api.lv=0.0.1
Requested by
Host: zdnet1.cbsistatic.com
URL: https://zdnet1.cbsistatic.com/fly/js/libs/mpulse-1.0.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:181::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Apr 2020 14:16:19 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.zdnet.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
X-XSS-Protection
0
Expires
Tue, 28 Apr 2020 14:16:19 GMT
/
685d5b19.akstat.io/ 		0
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://685d5b19.akstat.io/?h.pg=article&h.ab=share_bar_a_3&when=1588083378098&cdim.Site_View=desktop&t_other=custom4%7C1211&d=zdnet.com&h.key=YZ2TK-PC7PJ-K64DL-L53CR-P2G4E&h.d=zdnet.com&h.cr=c5d4938313416b6552eaeb0c0405233d16f05ad3&h.t=1588083378214&http.initiator=api&rt.start=api&rt.si=9bc54829-d6a6-4c5c-9b04-95b5a736574f&rt.ss=1588083381691&rt.sl=0&api=1&api.v=2&api.l=js&api.lv=0.0.1
Requested by
Host: zdnet1.cbsistatic.com
URL: https://zdnet1.cbsistatic.com/fly/js/libs/mpulse-1.0.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:181::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Apr 2020 14:16:19 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.zdnet.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
X-XSS-Protection
0
Expires
Tue, 28 Apr 2020 14:16:19 GMT
/
685d5b19.akstat.io/ 		0
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://685d5b19.akstat.io/?h.pg=article&h.ab=share_bar_a_3&when=1588083378497&cdim.Site_View=desktop&t_other=custom5%7C4031&d=zdnet.com&h.key=YZ2TK-PC7PJ-K64DL-L53CR-P2G4E&h.d=zdnet.com&h.cr=c5d4938313416b6552eaeb0c0405233d16f05ad3&h.t=1588083378214&http.initiator=api&rt.start=api&rt.si=9bc54829-d6a6-4c5c-9b04-95b5a736574f&rt.ss=1588083381691&rt.sl=0&api=1&api.v=2&api.l=js&api.lv=0.0.1
Requested by
Host: zdnet1.cbsistatic.com
URL: https://zdnet1.cbsistatic.com/fly/js/libs/mpulse-1.0.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:181::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Apr 2020 14:16:19 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.zdnet.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
X-XSS-Protection
0
Expires
Tue, 28 Apr 2020 14:16:19 GMT
/
685d5b19.akstat.io/ 		0
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://685d5b19.akstat.io/?h.pg=article&h.ab=share_bar_a_3&when=1588083378946&cdim.Site_View=desktop&t_other=custom3%7C4480&d=zdnet.com&h.key=YZ2TK-PC7PJ-K64DL-L53CR-P2G4E&h.d=zdnet.com&h.cr=c5d4938313416b6552eaeb0c0405233d16f05ad3&h.t=1588083378214&http.initiator=api&rt.start=api&rt.si=9bc54829-d6a6-4c5c-9b04-95b5a736574f&rt.ss=1588083381691&rt.sl=0&api=1&api.v=2&api.l=js&api.lv=0.0.1
Requested by
Host: zdnet1.cbsistatic.com
URL: https://zdnet1.cbsistatic.com/fly/js/libs/mpulse-1.0.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:181::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Apr 2020 14:16:19 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.zdnet.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
X-XSS-Protection
0
Expires
Tue, 28 Apr 2020 14:16:19 GMT
yi.js
mb.moatads.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mb.moatads.com/yi.js?ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fthis-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug%2F&confidence=2&pcode=cbsprebidheader506831276743&callback=MoatNadoAllJsonpRequest_58825200
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/cbsprebidheader506831276743/moatheader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.35.59.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-35-59-66.eu-west-1.compute.amazonaws.com
Software
TornadoServer/4.5.3 /
Resource Hash
7527b7f450a686266ec3c5fa39047f6b45769ae8224b9609556302dd8d44e908

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:20 GMT
server
TornadoServer/4.5.3
etag
"0e0dc09b80ef3fc5ced2ee074917799eeedfee75"
content-type
text/html; charset=UTF-8
status
200
cache-control
max-age=900
timing-allow-origin
*
content-length
2188
n.js
geo.moatads.com/ 		114 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geo.moatads.com/n.js?e=35&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fthis-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug%2F&confidence=2&pcode=cbsprebidheader506831276743&ql=&qo=0&i=CBS_PREBID_HEADER1&hp=1&wf=1&vb=7&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=11&f=0&j=&t=1588083379386&de=367274862731&rx=362775047630&m=0&ar=6ba875f-clean&iw=2ec19fd&q=1&cb=0&cu=1588083379386&ll=2&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fthis-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug%2F&id=1&bo=undefined&bd=undefined&gw=cbsprebidheader506831276743&fd=1&ac=1&it=500&pe=1%3A1743%3A1743%3A0%3A1966&fs=178191&na=1010855091&cs=0&callback=MoatDataJsonpRequest_58825200
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/cbsprebidheader506831276743/moatheader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.85.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-85-82.eu-west-1.compute.amazonaws.com
Software
TornadoServer/4.5.3 /
Resource Hash
7fb9d14d93ae5698aa9b8b33ac27bf1fc8fb7e78f151935b5eeb89612cd8bfb6

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:21 GMT
server
TornadoServer/4.5.3
etag
"a9c1d88a6e1a61611d9095e956a12c244700d9f5"
content-type
text/html; charset=UTF-8
status
200
cache-control
max-age=900
timing-allow-origin
*
content-length
114
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&t=1588083379386&de=592632448363&d=CBS_PREBID_HEADER1%3ADesktop%3A-%3A-&i=YIELD_INTELLIGENCE_INTERNAL1&ar=6ba875f-clean&iw=2ec19fd&zMoatRendered=0&zMoatSlotTargetingLoaded=0&zMoatSlotTargetingSet=0&zMoatPageDataTargetingSet=0&zMoatSafetyTargetingSet=0&zMoatEmptySlot=0&zMoatNadoDataLoadTime=Not%20Loaded&zMoatAllDataLoadTime=Not%20Loaded&bo=zdnet.com&bd=zdnet.com%2Farticle%2Fthis-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug&ac=1&bq=11&f=0&na=1816080799&cs=0
Requested by
Host: www.zdnet.com
URL: https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-226-64.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Apr 2020 14:16:19 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
status
200
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 28 Apr 2020 14:16:19 GMT
article-bdfb9b9622-rev.js
zdnet4.cbsistatic.com/fly/js/pages/ 		147 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zdnet4.cbsistatic.com/fly/js/pages/article-bdfb9b9622-rev.js
Requested by
Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/js/libs/require-2.1.2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
ContentServer /
Resource Hash
b37f511be983e8dbafb0a6ec4ba2710468eb35312e3b28c622e806ed88e1b196
Security Headers
Name Value
Content-Security-Policy default-src https://*.zdnet.com:*
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
87044
status
200
vary
Accept-Encoding
content-length
41583
x-xss-protection
1; mode=block
last-modified
Thu, 23 Apr 2020 17:52:09 GMT
server
ContentServer
x-frame-options
SAMEORIGIN
etag
W/"5ea1d5c9-24c14"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
gcstest
false
content-security-policy
default-src https://*.zdnet.com:*
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 May 2020 14:05:34 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C26F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuUG2QIrF6J13rUKL4rSi9ksk8E9Lu1-b-0wlc8CzkAAeceJwuX9TfInpmLhIAnCRiJ9EEEtyKwQoP50tatjMFEcYSVOuWPnQGtAy5by2RxSzCF7Ku9HhemACNj-laZYqH2qlfCJ8i9uB7t5C2w3B-bqsSTXEkf94HRxnMm61iQaOuYhxohYjlijbJGAxO201ArtGm_XA6SbK3xkWeOtLXja9B7EnDCe4LjjAKiU1TNNYokYtbwhm9ZOYNnOzg8sMzWYmwMajep&sai=AMfl-YT9tFR62IJWHc6D4Pn6T-ZzrNqyu8gBIb_ZGaFzYIxynyo0DYIk47SZLkq-AIi32ofMnQpIvSkXh5duAUg_ItAMTpmKI2s_BwlGfsil&sig=Cg0ArKJSzJWirQk0IbeCEAE&urlfix=1&adurl=
Requested by
Host: www.zdnet.com
URL: https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 28 Apr 2020 14:16:20 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 28 Apr 2020 14:16:20 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame C26F 		75 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: www.zdnet.com
URL: https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7bee3a5ad33b029f119b2245f33ba68b6e3aff305c17379b180545b4e50ad178
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1587986955147099"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
28776
x-xss-protection
0
expires
Tue, 28 Apr 2020 14:16:20 GMT
moatad.js
z.moatads.com/cbsdfp5832910442/ Frame C26F 		314 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-226-64.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
de538a62257057626ff3689528e255f7a67482f33987fea0e0085da48281d016

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:20 GMT
content-encoding
gzip
last-modified
Wed, 11 Mar 2020 16:53:28 GMT
server
AmazonS3
x-amz-request-id
AA8AA328A7209807
etag
"2615d14012bc2e6c09dcdff2dd6bcd8e"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=56257
accept-ranges
bytes
content-length
107119
x-amz-id-2
uUMye47Mq9Hw+oOhYH5qDYvySc2wNOx8wi41H3cHqg3VAGGq2jOFUyn1dwO4Qw3VCTWS/goPqF4=
osd.js
www.googletagservices.com/activeview/js/current/ 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
51c56935854bed13b06e04dd8a756cb635edca2f98d1f55b3608ecc200162426
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1587986955147099"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
28343
x-xss-protection
0
expires
Tue, 28 Apr 2020 14:16:20 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 634E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst3Q4yf7t2wIz9fBLP2sBFSCGT_9qO8OvQlZve1NHfd3rzlcAp3g_aI3F0VsI4UgtbFRMZwD8pWsn0iLXvTv2z1a2F1fUDWA1MIePOE-BLJvEw5zjwx3RSQzoih4F6VFcGKqX7VP7vcvSDV1oeIftBgov5rLwxO9LlHJp-mfTXNFIC1zchmhqXcpoIJXo_h7EFOb_GIo1N5fJE-1qswcxMHR_KCxa61oREWstqI3_vh6gyqdpeBWoSzSNtUgPhK1lE0fJdl5IXZ&sai=AMfl-YQmC3R9daafeglP6piCGu6-TcKQEekCeJDkK2qH-relS3gI49gsld1tNstqmufZ-ekFPJE73lUf8L3BRRsgxK6KuZq1Thhk_97OxxzH&sig=Cg0ArKJSzBJnyC25wusGEAE&urlfix=1&adurl=
Requested by
Host: www.zdnet.com
URL: https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 28 Apr 2020 14:16:20 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 634E 		75 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: www.zdnet.com
URL: https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7bee3a5ad33b029f119b2245f33ba68b6e3aff305c17379b180545b4e50ad178
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1587986955147099"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
28776
x-xss-protection
0
expires
Tue, 28 Apr 2020 14:16:20 GMT
moatad.js
z.moatads.com/cbsdfp5832910442/ Frame 634E 		314 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-226-64.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
de538a62257057626ff3689528e255f7a67482f33987fea0e0085da48281d016

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:20 GMT
content-encoding
gzip
last-modified
Wed, 11 Mar 2020 16:53:28 GMT
server
AmazonS3
x-amz-request-id
AA8AA328A7209807
etag
"2615d14012bc2e6c09dcdff2dd6bcd8e"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=56257
accept-ranges
bytes
content-length
107119
x-amz-id-2
uUMye47Mq9Hw+oOhYH5qDYvySc2wNOx8wi41H3cHqg3VAGGq2jOFUyn1dwO4Qw3VCTWS/goPqF4=
view
securepubads.g.doubleclick.net/pcs/ Frame B583 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvMrQas66Dt-78tFhrXQeIeBFooD0NQOaQN3kUrwI7VXwCACTuLSj2JEoIaO9jFPgxzDAHd2x_LKnDhRDDVW99BTzfcWH-d4OF1KEmJup7PvwhTKGtCKbnrS8UkLSs8GsNextXxbOCMpj6-GUybHO3ruMxRvkOqIuwvrTteVgVjU1GtrBEN0ZdZ1gMYVlvI--tTa3WQcCiXExsmdyhfGtNTVN1aHKAXAriL8147pTCBQ2sJbS-P9zpn2Z5irWawieo9Fdi_t-E4&sai=AMfl-YRmND7BjHbqLdtysm-zzyCKqHBE98zCcEUzvPUVwoYpOZMP68hMduRVLSQ4du-u34z_9Juq8YHO7u6ljIMKK6GG1jVq7NfMrDJNb7TU&sig=Cg0ArKJSzIg7-TrV7ZoSEAE&urlfix=1&adurl=
Requested by
Host: www.zdnet.com
URL: https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 28 Apr 2020 14:16:20 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame B583 		75 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: www.zdnet.com
URL: https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7bee3a5ad33b029f119b2245f33ba68b6e3aff305c17379b180545b4e50ad178
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1587986955147099"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
28776
x-xss-protection
0
expires
Tue, 28 Apr 2020 14:16:20 GMT
moatad.js
z.moatads.com/cbsdfp5832910442/ Frame B583 		314 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-226-64.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
de538a62257057626ff3689528e255f7a67482f33987fea0e0085da48281d016

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:20 GMT
content-encoding
gzip
last-modified
Wed, 11 Mar 2020 16:53:28 GMT
server
AmazonS3
x-amz-request-id
AA8AA328A7209807
etag
"2615d14012bc2e6c09dcdff2dd6bcd8e"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=56257
accept-ranges
bytes
content-length
107119
x-amz-id-2
uUMye47Mq9Hw+oOhYH5qDYvySc2wNOx8wi41H3cHqg3VAGGq2jOFUyn1dwO4Qw3VCTWS/goPqF4=
view
securepubads.g.doubleclick.net/pcs/ Frame D92B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvy04T_UUygNqzAoyIGBUrf8-FIB-Hm6YxnUwFs9CqV9-To1u-ritQZgjuCZsvBgNVCWSDW6Vrw8dPns_J0IkTb32fkWVrMW9p6-B0u0egwwu0gf_PQzkbr41GGSS1F4xPLoyJtv50btY2l2AMkLOmGWmIOGi6sbVIOYO7Uib3GkzjoXOX4DI7bHiCkufOU7q5KIym9AftzyAwVPL1yGLim7BzsMUaX4dQwmP46zs3saRAMHvv7Dnd-zrr53g-rn0epDw8LNfPv&sai=AMfl-YSLBnrdV34ImIp6z792zZAvJiaNQfDjuaAeKPVF7vnvNg3G1GX88QPDx-NjFN8IP0Ul3R_bTbkePG2UzztFqJkOuCV7VyecZz9yJnPz&sig=Cg0ArKJSzO8mVGuysWF3EAE&urlfix=1&adurl=
Requested by
Host: www.zdnet.com
URL: https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 28 Apr 2020 14:16:20 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame D92B 		75 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: www.zdnet.com
URL: https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7bee3a5ad33b029f119b2245f33ba68b6e3aff305c17379b180545b4e50ad178
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1587986955147099"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
28776
x-xss-protection
0
expires
Tue, 28 Apr 2020 14:16:20 GMT
moatad.js
z.moatads.com/cbsdfp5832910442/ Frame D92B 		314 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-226-64.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
de538a62257057626ff3689528e255f7a67482f33987fea0e0085da48281d016

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:20 GMT
content-encoding
gzip
last-modified
Wed, 11 Mar 2020 16:53:28 GMT
server
AmazonS3
x-amz-request-id
AA8AA328A7209807
etag
"2615d14012bc2e6c09dcdff2dd6bcd8e"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=56257
accept-ranges
bytes
content-length
107119
x-amz-id-2
uUMye47Mq9Hw+oOhYH5qDYvySc2wNOx8wi41H3cHqg3VAGGq2jOFUyn1dwO4Qw3VCTWS/goPqF4=
view
securepubads.g.doubleclick.net/pcs/ Frame 453A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsurZpLWWAU6WIr15VxFntEQbmO--70ONf7-MV5ZfBYQXeG26elUmJobedm1ohn2A4Edkyp739dZ9ICmgLegIkgPcYeCWidITsv2jbcCOss3DHDuBDpZ7uqouwJuM9o9vdkat92T8d_8F1t-YSwfkdFvtpc5nQbG68ofsVLdHcu3QRvF0w7qWFCa8ON2PznXjBPToo_UWZ2jIgGSizsqYdMsX1FsxmZmevjW63R4D4u6mgAZAkmNJlR_RBWSn8c7jIJ3QZZZTnjL&sai=AMfl-YRRozxxWBlBM5iWT5I8bB3Ikbkp1gVuu_xEMiWSkgqZjghO5NHJ6c8ed6DFR3ASzMNvQHg-IsRGU1KZ7hUfRXMWISM68PSKNkFnZzjC&sig=Cg0ArKJSzCHarGYIw74jEAE&urlfix=1&adurl=
Requested by
Host: www.zdnet.com
URL: https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 28 Apr 2020 14:16:20 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
adKit.min.js
rev.cbsi.com/common/js/ Frame 453A 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rev.cbsi.com/common/js/adKit.min.js?198819011
Requested by
Host: www.zdnet.com
URL: https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.2.219.214 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-2-219-214.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2bf78db102c9d6e84c8e86cd2bd6134383688ae866a991028728b62f482358ab

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 28 Apr 2020 14:16:20 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 May 2019 18:29:20 GMT
Server
Apache
ETag
"e524dc608d5c7c30eef57b6ed95dc6a8:1557772160"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2149
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 453A 		75 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: www.zdnet.com
URL: https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7bee3a5ad33b029f119b2245f33ba68b6e3aff305c17379b180545b4e50ad178
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1587986955147099"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
28776
x-xss-protection
0
expires
Tue, 28 Apr 2020 14:16:20 GMT
moatad.js
z.moatads.com/cbsdfp5832910442/ Frame 453A 		314 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-226-64.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
de538a62257057626ff3689528e255f7a67482f33987fea0e0085da48281d016

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:20 GMT
content-encoding
gzip
last-modified
Wed, 11 Mar 2020 16:53:28 GMT
server
AmazonS3
x-amz-request-id
AA8AA328A7209807
etag
"2615d14012bc2e6c09dcdff2dd6bcd8e"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=56257
accept-ranges
bytes
content-length
107119
x-amz-id-2
uUMye47Mq9Hw+oOhYH5qDYvySc2wNOx8wi41H3cHqg3VAGGq2jOFUyn1dwO4Qw3VCTWS/goPqF4=
amp4ads-v0.js
cdn.ampproject.org/rtv/012003262059300/ Frame 74D9 		200 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da8c4bacc841dac6fd247e95d34e81f9896c52f1c9560e1dc300b628c37330d1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.zdnet.com/
Origin
https://www.zdnet.com

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
5333
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
55871
x-xss-protection
0
server
sffe
date
Tue, 28 Apr 2020 12:47:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"5920a4a9dcd48347"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Apr 2021 12:47:27 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/012003262059300/ Frame 74D9 		200 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da8c4bacc841dac6fd247e95d34e81f9896c52f1c9560e1dc300b628c37330d1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zdnet.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
920
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
55871
x-xss-protection
0
server
sffe
date
Tue, 28 Apr 2020 14:01:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"5920a4a9dcd48347"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Apr 2021 14:01:00 GMT
amp-ad-exit-0.1.js
cdn.ampproject.org/rtv/012003262059300/v0/ Frame 74D9 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012003262059300/v0/amp-ad-exit-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7853f30b8d97f4ea1936818b0b01f1757e46fe3f99571a572582d4eec53e6875
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zdnet.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
106837
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
5717
x-xss-protection
0
server
sffe
date
Mon, 27 Apr 2020 08:35:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"955d460ecdaddff4"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 27 Apr 2021 08:35:43 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/012003262059300/v0/ Frame 74D9 		93 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012003262059300/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a58db5adf9958450ff7368808e322df972146f6c86546e471b0608af84e93bb3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zdnet.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
927
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
28417
x-xss-protection
0
server
sffe
date
Tue, 28 Apr 2020 14:00:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"40aee2f6297ccc56"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Apr 2021 14:00:53 GMT
amp-fit-text-0.1.js
cdn.ampproject.org/rtv/012003262059300/v0/ Frame 74D9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012003262059300/v0/amp-fit-text-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2deddad8c3b18a05e32ffdbb3e57004f820bf30d3ba341cd529b9156db47f41
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zdnet.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
21008
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
1416
x-xss-protection
0
server
sffe
date
Tue, 28 Apr 2020 08:26:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"7405f8d8da732be7"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Apr 2021 08:26:12 GMT
amp-form-0.1.js
cdn.ampproject.org/rtv/012003262059300/v0/ Frame 74D9 		46 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012003262059300/v0/amp-form-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
757356e3395a14678ad98d34ab39325de29d79752e66ae1748d0015cfd5d007e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zdnet.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
21010
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
14864
x-xss-protection
0
server
sffe
date
Tue, 28 Apr 2020 08:26:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"37d2c34b66959890"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Apr 2021 08:26:10 GMT
css
fonts.googleapis.com/ Frame 74D9 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d0cbfb1ab0f94123834567e32df7ec74a1c210793f797368d41a4b4c2732d4a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.zdnet.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 28 Apr 2020 14:16:20 GMT
server
ESF
date
Tue, 28 Apr 2020 14:16:20 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 28 Apr 2020 14:16:20 GMT
2076313506083323656
tpc.googlesyndication.com/simgad/6382499659298934064/ Frame 74D9 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6382499659298934064/2076313506083323656
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc9e639cdf31f14d62c1339c6a495811264fbbede9bddd3228ab8c7927bcddc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zdnet.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 04 Apr 2020 13:07:51 GMT
x-content-type-options
nosniff
age
2077709
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
21492
x-xss-protection
0
last-modified
Tue, 15 Oct 2019 00:12:37 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 04 Apr 2021 13:07:51 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/16591803916509506488/ Frame 74D9 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16591803916509506488/downsize_200k_v1?w=300&h=300
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d653cd969067d9b378a11dff27607249108c844f7ae32930f00ea05a13270c50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zdnet.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Mar 2020 13:55:23 GMT
x-content-type-options
nosniff
age
2506857
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
6889
x-xss-protection
0
last-modified
Tue, 15 Oct 2019 00:12:05 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 30 Mar 2021 13:55:23 GMT
truncated
/ Frame 74D9 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d07d89c78cc9ca10fe0d658aca7fa2328dd936ff1b7f89d9e5bd5c5ca3a9d8fb

Request headers

Referer
https://www.zdnet.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 74D9 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ac3a6bcb13bffe2ae82a836011c0a5fdc83b70154ec7a7e86af94948f5131bbd

Request headers

Referer
https://www.zdnet.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-host-v0.js
cdn.ampproject.org/rtv/012003262059300/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012003262059300/amp4ads-host-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d30ac22ab046870c2859ae90b8598967936e693bf0773ef5e41dae33a04f0a5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
916
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
7162
x-xss-protection
0
server
sffe
date
Tue, 28 Apr 2020 14:01:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"124c7b7cd5d53550"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Apr 2021 14:01:04 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E5F8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsur94zOqibzsyaSO7b_-Wv1PL8ZFfEYsjsH31rZ3g1ob5E7Jm7zHj79rpxE80p_IBE74rlJvKecu8dnhchSMXzuyW1gDByIJcLJUj7STzRduZ3CcUIrRiwg2xN_EPNkNCwUfTImcDTnZ-IszZzJhYt8v36U0pEExvmYYsZN3_MMF8ULk7ezMhlObCOacyWzux-lF1j6q2tcdITVbv9rqQw5EmTLvLEl24XvL6LJHpOjA6wy0caKDK6T-8eRwaU2VL20rDTPvJRP&sai=AMfl-YTGsmvQ2clsxhdFYbZ92CBOOm9sKeMCbKjxYZpT20xiuxNClNeYB1Uu3NmYGVYSonnkL010KSTL6BHCkNp-KHhPqz2n6ksmNe4SK5Z5&sig=Cg0ArKJSzJ6hKhi_xPjaEAE&urlfix=1&adurl=
Requested by
Host: www.zdnet.com
URL: https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 28 Apr 2020 14:16:20 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame E5F8 		75 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: www.zdnet.com
URL: https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7bee3a5ad33b029f119b2245f33ba68b6e3aff305c17379b180545b4e50ad178
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1587986955147099"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
28776
x-xss-protection
0
expires
Tue, 28 Apr 2020 14:16:20 GMT
moatad.js
z.moatads.com/cbsdfp5832910442/ Frame E5F8 		314 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-226-64.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
de538a62257057626ff3689528e255f7a67482f33987fea0e0085da48281d016

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:20 GMT
content-encoding
gzip
last-modified
Wed, 11 Mar 2020 16:53:28 GMT
server
AmazonS3
x-amz-request-id
AA8AA328A7209807
etag
"2615d14012bc2e6c09dcdff2dd6bcd8e"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=56257
accept-ranges
bytes
content-length
107119
x-amz-id-2
uUMye47Mq9Hw+oOhYH5qDYvySc2wNOx8wi41H3cHqg3VAGGq2jOFUyn1dwO4Qw3VCTWS/goPqF4=
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 74D9 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.zdnet.com
URL: https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zdnet.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 27 Apr 2020 23:33:53 GMT
x-content-type-options
nosniff
server
cafe
age
52948
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Tue, 28 Apr 2020 23:33:53 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 74D9 		295 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.zdnet.com
URL: https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zdnet.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 27 Apr 2020 21:53:20 GMT
x-content-type-options
nosniff
server
cafe
age
58981
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Tue, 28 Apr 2020 21:53:20 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 74D9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CqvAMsjqoXtaLPJPg7gPc74v4A4L9nIRZvfuCyqAKwI23ARABIMyRriJguei-gNQBoAHgwY3XA8gBCakCTMIypMG_pT7gAgCoAwHIAwqqBLMCT9DaxGTVNwgzSXYgWejhUTWwXrpbmFETv_7VUi07GEklJic6joQBZlTdBBY-dZgBNGibqJIEFzjJOUfSMyrMzKSVmW56ctPd6cJkO_msLA07yrQ129jEv8nYQEQnUIGeG8ZfLOzMAsFFbRNfdpVYG2ktDwLHUOq3bYcKR-cSq2cz7x52CqaShQ9WfBzgIeOh-ynOIk4hLC-9NsK24grTzHivkjAvwmqp3d_pfWVzX6xlKtNC4D8k_macpZOe8dP5Zg3f6QfeaQ_hkhhsetTBdp3TKbiUzQ4F1L6ap0fyz5yIgDDrB6-JPgXDPI9wnCrNA9kBMvGmz4PkpVtBmfJvM8-qrkJC2J-eEf39_zO5Di64qxiyNek2rr2Ar3HIexwh5AkmhC2aV7J4FZelhcL55clJvcAEl-_X17UC4AQBkgUECAQYAZIFBAgFGASgBi6AB4i-8iioB47OG6gH1ckbqAeT2BuoB7oGqAfw2RuoB_LZG6gHpr4bqAfs1RvYBwDyBwQQmKcJ0ggJCIDhgHAQARgdgAoDyAsB2BMK&sigh=7oe_2WOUw2w&template_id=484&tpd=AGWhJmtVgIsaGUsI1yzHkjHAsaff-xLe7bbxpGaFIu9U3ATJVw
Requested by
Host: www.zdnet.com
URL: https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.zdnet.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=CBS_PREBID_HEADER1&hp=1&wf=1&vb=7&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=11&f=0&j=&t=1588083379386&de=961150341498&rx=362775047630&m=0&ar=6ba875f-clean&iw=2ec19fd&q=2&cb=0&cu=1588083379386&ll=2&lm=0&ln=0&em=0&en=0&d=25365849%3A465723849%3A4676441751%3A138290752599&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fthis-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug%2F&id=1&bo=uk-zdnet&bd=security&gw=cbsprebidheader506831276743&fd=1&ac=1&it=500&pe=1%3A1743%3A1743%3A0%3A1966&fs=178191&na=1783996683&cs=0
Requested by
Host: www.zdnet.com
URL: https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-226-64.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Apr 2020 14:16:21 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
status
200
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 28 Apr 2020 14:16:21 GMT
fixate-4dbd107504-rev.js
zdnet4.cbsistatic.com/fly/js/components/ 		1 KB
592 B 		Script
General
Check archive.org
Download Go to
Full URL
https://zdnet4.cbsistatic.com/fly/js/components/fixate-4dbd107504-rev.js
Requested by
Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/js/libs/require-2.1.2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
ContentServer /
Resource Hash
91aa8c4c803bc26369b16ca534ba750c333c6dff082a52eda71b85e36eb1bf98
Security Headers
Name Value
Content-Security-Policy default-src https://*.zdnet.com:*
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
414971
status
200
vary
Accept-Encoding
content-length
482
x-xss-protection
1; mode=block
last-modified
Thu, 23 Apr 2020 17:52:09 GMT
server
ContentServer
x-frame-options
SAMEORIGIN
etag
W/"5ea1d5c9-579"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
gcstest
false
content-security-policy
default-src https://*.zdnet.com:*
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Apr 2020 18:59:48 GMT
scrolling-mpu-95acc37faa-rev.js
zdnet3.cbsistatic.com/fly/js/components/ 		954 B
762 B 		Script
General
Check archive.org
Download Go to
Full URL
https://zdnet3.cbsistatic.com/fly/js/components/scrolling-mpu-95acc37faa-rev.js
Requested by
Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/js/libs/require-2.1.2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
ContentServer /
Resource Hash
a4dcc566cee67b95f42d788b07c9ea8abc59eaa1b4953aa9b1aa6a7506a4c139
Security Headers
Name Value
Content-Security-Policy default-src https://*.zdnet.com:*
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
414948
status
200
vary
Accept-Encoding
content-length
490
x-xss-protection
1; mode=block
last-modified
Thu, 23 Apr 2020 17:52:09 GMT
server
ContentServer
x-frame-options
SAMEORIGIN
etag
"5ea1d5c9-3ba"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
gcstest
false
content-security-policy
default-src https://*.zdnet.com:*
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Apr 2020 19:00:22 GMT
CBSI-PLAYER.js
vidtech.cbsinteractive.com/uvpjs/0.42.297/ 		1 MB
281 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidtech.cbsinteractive.com/uvpjs/0.42.297/CBSI-PLAYER.js
Requested by
Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/js/libs/require-2.1.2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::645 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1df152c5f79010dd701eceeabbf5fae49f8b375b625f2a5d7f8a8fbe11b92f2b

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:21 GMT
content-encoding
gzip
age
1843088
x-cache
HIT, HIT
status
200
content-length
286838
x-amz-id-2
WsZMn1b4DWlY+9ifr3pbbXeD+ey1HoTP0Gb1ZwEp4aFa9pwUhy9bTx9y0SvJM0DhUMGJCX3Bl18=
x-served-by
cache-dca17775-DCA, cache-fra19165-FRA
last-modified
Fri, 01 Feb 2019 18:20:56 GMT
server
AmazonS3
x-timer
S1588083382.579330,VS0,VE2
etag
"eb5dd4ed3dcb7641ebbcb604d7ddb038"
vary
Accept-Encoding
x-amz-request-id
9D1B37F42EBF691F
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=2592000
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
1, 1
n.js
geo.moatads.com/ 		112 B
286 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geo.moatads.com/n.js?e=35&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fthis-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug%2F&confidence=2&pcode=cbsprebidheader506831276743&ql=&qo=0&i=CBSDFPCW2&hp=1&wf=1&vb=7&cm=20&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1588083381710&de=553319582590&m=0&ar=6ba875f-clean&iw=b4c0ffe&q=5&cb=0&ym=0&cu=1588083381710&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=25477209%3A2356361194%3A4745699004%3A138245072116&zMoatPS=nav&zMoatPT=article&zMoatW=5&zMoatH=5&zMoatVGUID=843688c6-7bdd-434a-b2b6-07986a50fe2e&zMoatSN=c&zMoatCURL=zdnet.com%2Farticle%2Fthis-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug&zMoatDev=Desktop&zMoatAType=content_article&zMoatTest=zdnet&zMoatMMV_MAX=na&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fthis-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug%2F&id=1&bo=23605329&bp=23619609&bd=nav&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatFT=Not%20Specified&zMoatSZ=5x5&zMoatSZPS=5x5%20%7C%20nav&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAB=content_article-zdnet&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&gw=cbsdfp5832910442&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A1743%3A1743%3A0%3A1966&iq=na&tt=na&tu=&tp=&fs=178191&na=855702471&cs=0&callback=DOMlessLLDcallback_98766314
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.85.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-85-82.eu-west-1.compute.amazonaws.com
Software
TornadoServer/4.5.3 /
Resource Hash
8d3dda42e071f8d25d6c35cadbdeecd5d3fa99a1bbdb58783df1c2215ad4ad54

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:21 GMT
server
TornadoServer/4.5.3
etag
"a14b294cb3a6a9753da1ce91ea7726cacb63b55c"
content-type
text/html; charset=UTF-8
status
200
cache-control
max-age=900
timing-allow-origin
*
content-length
112
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 74D9 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: www.zdnet.com
URL: https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Origin
https://www.zdnet.com

Response headers

date
Wed, 15 Apr 2020 00:22:14 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
1173247
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
11020
x-xss-protection
0
expires
Thu, 15 Apr 2021 00:22:14 GMT
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 74D9 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
Requested by
Host: www.zdnet.com
URL: https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Origin
https://www.zdnet.com

Response headers

date
Mon, 13 Apr 2020 13:00:06 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:52 GMT
server
sffe
age
1300575
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
11180
x-xss-protection
0
expires
Tue, 13 Apr 2021 13:00:06 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame 453A 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: rev.cbsi.com
URL: https://rev.cbsi.com/common/js/adKit.min.js?198819011
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fca7a257ee588da1ee9515bc728c67830e1d664bca2a3bf22786b96dbe520ac3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"499 / 182 of 1000 / last-modified: 1588026265"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
14515
x-xss-protection
0
expires
Tue, 28 Apr 2020 14:16:21 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 74D9 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zdnet.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 27 Apr 2020 23:33:53 GMT
x-content-type-options
nosniff
server
cafe
age
52949
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Tue, 28 Apr 2020 23:33:53 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 74D9 		295 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zdnet.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 27 Apr 2020 21:53:20 GMT
x-content-type-options
nosniff
server
cafe
age
58982
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Tue, 28 Apr 2020 21:53:20 GMT
integrator.js
adservice.google.de/adsid/ Frame 453A 		109 B
839 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.zdnet.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 28 Apr 2020 14:16:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 453A 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.zdnet.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 28 Apr 2020 14:16:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
104
x-xss-protection
0
pubads_impl_2020042302.js
securepubads.g.doubleclick.net/gpt/ Frame 453A 		237 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
sffe /
Resource Hash
0b3678d81937a06cba82b9b8d1b69a6e60c1133246d9798e681bf3908aa390bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 23 Apr 2020 17:07:14 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
87243
x-xss-protection
0
expires
Tue, 28 Apr 2020 14:16:22 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 453A 		33 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=328485721941848&correlator=1691711519747455&output=ldjh&impl=fifs&adsid=NT&vrg=2020042302&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200428&iu_parts=8264%2Cuk-zdnet%2Csecurity&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=372x142%2C372x142&prev_scp=env%3Dprod%26session%3Dc%26subses%3D4%26ptype%3Darticle%26vguid%3D843688c6-7bdd-434a-b2b6-07986a50fe2e%7Cenv%3Dprod%26session%3Dc%26subses%3D4%26ptype%3Darticle%26vguid%3D843688c6-7bdd-434a-b2b6-07986a50fe2e&cookie_enabled=1&cdm=www.zdnet.com&bc=31&abxe=1&lmt=1588083383&dt=1588083383181&dlt=1588083380623&idt=2532&frm=23&biw=1585&bih=1200&isw=371&ish=771&oid=3&adxs=-12245933%2C-12245933&adys=-12245933%2C-12245933&adks=3261246841%2C3261246840&ucis=lyj4nm9feqp%7C5xf3ygnufeuq&ifi=1&ifk=2969735566&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fthis-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug%2F&top=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fthis-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug%2F&dssz=15&icsg=10888&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0%7C0x0&msz=0x0%7C0x0&ga_vid=1589708828.1588083383&ga_sid=1588083383&ga_hid=421377918&fws=256%2C256&ohw=0%2C0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
cafe /
Resource Hash
100a52d61c50f58a52c69c029c21bad78ffe50810560bf5d769aae00d8dfe244
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:23 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
7892
x-xss-protection
0
google-lineitem-id
4746066197,4746066197
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138239479696,138239375540
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.zdnet.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 453A 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/getconfig/ 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020042302&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a8d35b51c33f1e44c5b2a93b9f184e2b8254e3ba31c279158c3e664c7d20d0b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 28 Apr 2020 14:16:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
5486
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 51ED 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvnLtTA3CdWssqXIxp0o2zttPhCB-Ez-aniEnloTFxHkZDOHym7IJHAMocoX5ToxvQ7WytAsFhDONDBwm8uBiakyvraSrPSy3Om63KbYcmj7DdQkb1B0ZUD3_sATNogLBBLzEWKbsErD_rLs1r9oc2m1b0rnL4a-Wsl9SrA8Royy2nEruvY-H-Ak1moIWCfki07JAb_WsZDR4BkIH9kW-v4aKj85aJXkU6RISUDKu0MDJ3aZ2k1c299YSkK8CPx30HhsMGQnnmp&sai=AMfl-YSGpfsrKq4iRIH1QS_g8ECPLRBFZro5FXytLfY5mTaJlJPQ-dGaep_azV2qYxGX7LfK9Bt_tYlWeM0RBPzpQE-dofuJ0CwqowGnwNRa&sig=Cg0ArKJSzKSvpv2vp4hWEAE&urlfix=1&adurl=
Requested by
Host: www.zdnet.com
URL: https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 28 Apr 2020 14:16:23 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 28 Apr 2020 14:16:23 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 51ED 		75 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: www.zdnet.com
URL: https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7bee3a5ad33b029f119b2245f33ba68b6e3aff305c17379b180545b4e50ad178
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1587986955147099"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
28776
x-xss-protection
0
expires
Tue, 28 Apr 2020 14:16:23 GMT
moatad.js
z.moatads.com/cbsdfp5832910442/ Frame 51ED 		314 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-226-64.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
de538a62257057626ff3689528e255f7a67482f33987fea0e0085da48281d016

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:23 GMT
content-encoding
gzip
last-modified
Wed, 11 Mar 2020 16:53:28 GMT
server
AmazonS3
x-amz-request-id
AA8AA328A7209807
etag
"2615d14012bc2e6c09dcdff2dd6bcd8e"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=56254
accept-ranges
bytes
content-length
107119
x-amz-id-2
uUMye47Mq9Hw+oOhYH5qDYvySc2wNOx8wi41H3cHqg3VAGGq2jOFUyn1dwO4Qw3VCTWS/goPqF4=
osd.js
www.googletagservices.com/activeview/js/current/ Frame 453A 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
51c56935854bed13b06e04dd8a756cb635edca2f98d1f55b3608ecc200162426
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1587986955147099"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
28343
x-xss-protection
0
expires
Tue, 28 Apr 2020 14:16:23 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 8D27 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvlyTNG75fI3t_zT9pxOrQaCeBANITF-WAX3B0LxDx3OwSnb7Wu0j7qnvRifTfIl5m2QVAOltQ4lqn_X0LDsqaGGHpOh0tJ4Ba6mFNCPlUaSA_iJphLilNOn0R1piuSWTXLCHogQj4p5hNP-G4SXhKnsoprxN2MyX5s76Y1wzMfUSofqr5O-XbQIQ5uy8MBPeeZMP8DiSVNFAU-yWzBireyIeO_FRzLK_6PDvVzTTgoY3ce99lwF99nxHkEY5-psXyKJQKnHHIS&sai=AMfl-YRG7Bl_TOXusFS_K9nRdSVZW5GApD0302TXOKuAS8c-PwbmpniwzhkMamOErm_BK87IfgPC6aW8ZTGko4-QSf79NOltDCsG4UFgD-9U&sig=Cg0ArKJSzJUmewlR6aQHEAE&urlfix=1&adurl=
Requested by
Host: www.zdnet.com
URL: https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 28 Apr 2020 14:16:23 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 28 Apr 2020 14:16:23 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 8D27 		75 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: www.zdnet.com
URL: https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7bee3a5ad33b029f119b2245f33ba68b6e3aff305c17379b180545b4e50ad178
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1587986955147099"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
28776
x-xss-protection
0
expires
Tue, 28 Apr 2020 14:16:23 GMT
moatad.js
z.moatads.com/cbsdfp5832910442/ Frame 8D27 		314 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-226-64.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
de538a62257057626ff3689528e255f7a67482f33987fea0e0085da48281d016

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:23 GMT
content-encoding
gzip
last-modified
Wed, 11 Mar 2020 16:53:28 GMT
server
AmazonS3
x-amz-request-id
AA8AA328A7209807
etag
"2615d14012bc2e6c09dcdff2dd6bcd8e"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=56254
accept-ranges
bytes
content-length
107119
x-amz-id-2
uUMye47Mq9Hw+oOhYH5qDYvySc2wNOx8wi41H3cHqg3VAGGq2jOFUyn1dwO4Qw3VCTWS/goPqF4=
sodar
pagead2.googlesyndication.com/getconfig/ Frame 453A 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020042302&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ccd2ec6a430ba09d1cb7bb66290d0edb5ee04ca6c99dad6149a94bf1c6114e9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 28 Apr 2020 14:16:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
5484
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1582746470043195"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
5456
x-xss-protection
0
expires
Tue, 28 Apr 2020 14:16:23 GMT
/
www.zdnet.com/components/breaking-news/xhr/ 		1 KB
654 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.zdnet.com/components/breaking-news/xhr/?slug=breaking-news-banner
Requested by
Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/2060-fly/js/main.default.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2dc3b7f46c98580d65d4b7b99ce2ca9d1084a853b2d787836c343e9c12bc5650
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.zdnet.com *.ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' *.zdnet.com *.ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
content-encoding
gzip
x-content-type-options
nosniff
status
200
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
499
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 28 Apr 2020 14:02:27 GMT
x-frame-options
SAMEORIGIN
date
Tue, 28 Apr 2020 14:16:23 GMT
expect-ct
max-age=0, report-uri="https://7a8f8748a40805618a61b617481a6ebc.report-uri.com/r/d/ct/reportOnly"
vary
Accept-Encoding, User-Agent
x-tx-id
5b8b3372-72fd-4f3a-8a66-5fb4c771e9c0
content-type
application/json
access-control-allow-origin
https://www.zdnet.com
cache-control
max-age=5400, private
accept-ranges
bytes
expires
Tue, 28 Apr 2020 15:32:27 GMT
screenshot-2020-04-26-at-14-39-06.png
zdnet3.cbsistatic.com/hub/i/2020/04/26/96b82079-3e46-42be-8a39-962c05fe2bd0/ 		183 KB
180 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zdnet3.cbsistatic.com/hub/i/2020/04/26/96b82079-3e46-42be-8a39-962c05fe2bd0/screenshot-2020-04-26-at-14-39-06.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
ContentServer /
Resource Hash
d44f047968ad7ddf63b8ced21ccadc5b55b8800c0984467e7c96b44367327050
Security Headers
Name Value
Content-Security-Policy default-src https://*.zdnet.com:*
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
121215
status
200
content-transfer-encoding
binary
x-image-exists
1
vary
Accept-Image-Webp,Accept-Image-Webv
content-length
183584
x-xss-protection
1; mode=block
server
ContentServer
x-frame-options
SAMEORIGIN
etag
W/"ce88c0dc73f8cf6cf70c942eecb8fecb"
strict-transport-security
max-age=31536000
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
gcstest
false
content-security-policy
default-src https://*.zdnet.com:*
accept-ranges
bytes
timing-allow-origin
*
image-gallery-modal-426b98fe1d-rev.js
zdnet1.cbsistatic.com/fly/js/components/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zdnet1.cbsistatic.com/fly/js/components/image-gallery-modal-426b98fe1d-rev.js
Requested by
Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/js/libs/require-2.1.2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
ContentServer /
Resource Hash
744ae87db00be85a6a482a3e8036f81aafaa7754be29b05a2330d0fbc8fea803
Security Headers
Name Value
Content-Security-Policy default-src https://*.zdnet.com:*
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
415076
status
200
vary
Accept-Encoding
content-length
1866
x-xss-protection
1; mode=block
last-modified
Thu, 23 Apr 2020 17:52:09 GMT
server
ContentServer
x-frame-options
SAMEORIGIN
etag
W/"5ea1d5c9-1328"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
gcstest
false
content-security-policy
default-src https://*.zdnet.com:*
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Apr 2020 18:58:26 GMT
screen-shot-2017-05-07-at-16-51-12.jpg
zdnet3.cbsistatic.com/hub/i/r/2017/05/07/38a565e1-8306-4c99-afca-6932c127b0b2/thumbnail/170x128/3dcc2428b7e3274d2a6e7085f998f9ec/ 		7 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zdnet3.cbsistatic.com/hub/i/r/2017/05/07/38a565e1-8306-4c99-afca-6932c127b0b2/thumbnail/170x128/3dcc2428b7e3274d2a6e7085f998f9ec/screen-shot-2017-05-07-at-16-51-12.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
ContentServer /
Resource Hash
a72f1869aa4dc24fe8258bec325e640b13e3a350b090adc8488aa1329388bf2e
Security Headers
Name Value
Content-Security-Policy default-src https://*.zdnet.com:*
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1142431
status
200
content-transfer-encoding
binary
x-image-exists
1
vary
Accept-Image-Webp,Accept-Image-Webv
content-length
6461
x-xss-protection
1; mode=block
server
ContentServer
x-frame-options
SAMEORIGIN
etag
W/"cd7c230fc5deb01ff5f7b1be1acef9cf"
strict-transport-security
max-age=31536000
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
gcstest
false
content-security-policy
default-src https://*.zdnet.com:*
accept-ranges
bytes
timing-allow-origin
*
screen-shot-2017-05-07-at-16-46-44.jpg
zdnet4.cbsistatic.com/hub/i/r/2017/05/07/e1895c49-8fa1-4de4-b29c-3b46e56940bd/thumbnail/170x128/f38cd5479c1f67b362540bb1aed8c262/ 		8 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zdnet4.cbsistatic.com/hub/i/r/2017/05/07/e1895c49-8fa1-4de4-b29c-3b46e56940bd/thumbnail/170x128/f38cd5479c1f67b362540bb1aed8c262/screen-shot-2017-05-07-at-16-46-44.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
ContentServer /
Resource Hash
b9ebb06a28308cb8705ad9dad0987135ad843bca01940e2df960190d24216f3b
Security Headers
Name Value
Content-Security-Policy default-src https://*.zdnet.com:*
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1847769
status
200
content-transfer-encoding
binary
x-image-exists
1
vary
Accept-Image-Webp,Accept-Image-Webv
content-length
7406
x-xss-protection
1; mode=block
server
ContentServer
x-frame-options
SAMEORIGIN
etag
W/"f4beeba0dd6c190c6ac02f85e7b3691c"
strict-transport-security
max-age=31536000
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
gcstest
false
content-security-policy
default-src https://*.zdnet.com:*
accept-ranges
bytes
timing-allow-origin
*
screen-shot-2017-05-07-at-16-54-08.jpg
zdnet2.cbsistatic.com/hub/i/r/2017/05/07/6a705c06-e28b-4481-850e-1512c101ec9c/thumbnail/170x128/194fef315511b07288755097d810aa91/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zdnet2.cbsistatic.com/hub/i/r/2017/05/07/6a705c06-e28b-4481-850e-1512c101ec9c/thumbnail/170x128/194fef315511b07288755097d810aa91/screen-shot-2017-05-07-at-16-54-08.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
ContentServer /
Resource Hash
f1dd157efcd5268ee43053eca75800f0a57b1ff3ddc87e84788bb4d47cd35346
Security Headers
Name Value
Content-Security-Policy default-src https://*.zdnet.com:*
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1849314
status
200
content-transfer-encoding
binary
x-image-exists
1
vary
Accept-Image-Webp,Accept-Image-Webv
content-length
7798
x-xss-protection
1; mode=block
server
ContentServer
x-frame-options
SAMEORIGIN
etag
W/"aa495e18c7e3a21a4e48923b92048a61"
strict-transport-security
max-age=31536000
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
gcstest
false
content-security-policy
default-src https://*.zdnet.com:*
accept-ranges
bytes
timing-allow-origin
*
screen-shot-2017-05-07-at-16-58-32.jpg
zdnet3.cbsistatic.com/hub/i/r/2017/05/07/5917ccde-28dc-4d8f-9577-bee7dbf3386d/thumbnail/170x128/7755d21d9c277d6da4f11143099e5018/ 		8 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zdnet3.cbsistatic.com/hub/i/r/2017/05/07/5917ccde-28dc-4d8f-9577-bee7dbf3386d/thumbnail/170x128/7755d21d9c277d6da4f11143099e5018/screen-shot-2017-05-07-at-16-58-32.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
ContentServer /
Resource Hash
9a425d82767cc1b37e3121a91a99490205e108df00e2c5002c235b8a64397a88
Security Headers
Name Value
Content-Security-Policy default-src https://*.zdnet.com:*
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1844934
status
200
content-transfer-encoding
binary
x-image-exists
1
vary
Accept-Image-Webp,Accept-Image-Webv
content-length
7335
x-xss-protection
1; mode=block
server
ContentServer
x-frame-options
SAMEORIGIN
etag
W/"77ae1a5da3b68dc65a9d1648242a29a7"
strict-transport-security
max-age=31536000
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
gcstest
false
content-security-policy
default-src https://*.zdnet.com:*
accept-ranges
bytes
timing-allow-origin
*
screen-shot-2017-05-07-at-16-59-23.jpg
zdnet4.cbsistatic.com/hub/i/r/2017/05/07/17ef8233-5c40-4ffd-ac94-0cd4e5d4b90e/thumbnail/170x128/46bd1bf60e023915b099950edb81132a/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zdnet4.cbsistatic.com/hub/i/r/2017/05/07/17ef8233-5c40-4ffd-ac94-0cd4e5d4b90e/thumbnail/170x128/46bd1bf60e023915b099950edb81132a/screen-shot-2017-05-07-at-16-59-23.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
ContentServer /
Resource Hash
a9c81c1a5654ce0d49a251da3cb0b70969419619b071f9c2ab004fa8f0cda57b
Security Headers
Name Value
Content-Security-Policy default-src https://*.zdnet.com:*
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:23 GMT
x-content-type-options
nosniff
age
1499180
status
200
content-transfer-encoding
binary
x-image-exists
1
vary
Accept-Image-Webp,Accept-Image-Webv
content-length
8341
x-xss-protection
1; mode=block
server
ContentServer
x-frame-options
SAMEORIGIN
etag
"e70981fd305170c41a5632b2a24bbcaa"
strict-transport-security
max-age=31536000
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
gcstest
false
content-security-policy
default-src https://*.zdnet.com:*
accept-ranges
bytes
timing-allow-origin
*
disqus-loader-ba8cc73646-rev.js
zdnet3.cbsistatic.com/fly/js/components/ 		1 KB
785 B 		Script
General
Check archive.org
Download Go to
Full URL
https://zdnet3.cbsistatic.com/fly/js/components/disqus-loader-ba8cc73646-rev.js
Requested by
Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/js/libs/require-2.1.2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
ContentServer /
Resource Hash
824e2ec0553bc582c02673a30139ac8fe4a6485943d64d32dfb7ae5a83efbe92
Security Headers
Name Value
Content-Security-Policy default-src https://*.zdnet.com:*
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
456246
status
200
vary
Accept-Encoding
content-length
640
x-xss-protection
1; mode=block
last-modified
Wed, 22 Apr 2020 15:29:26 GMT
server
ContentServer
x-frame-options
SAMEORIGIN
etag
W/"5ea062d6-57e"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
gcstest
false
content-security-policy
default-src https://*.zdnet.com:*
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Apr 2020 07:32:18 GMT
vid.jpg
zdnet1.cbsistatic.com/hub/i/r/2020/04/27/04455dd7-a726-40ba-aebd-42520527ea94/thumbnail/170x128/3e9d528be490452afc928e834e688459/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zdnet1.cbsistatic.com/hub/i/r/2020/04/27/04455dd7-a726-40ba-aebd-42520527ea94/thumbnail/170x128/3e9d528be490452afc928e834e688459/vid.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
ContentServer /
Resource Hash
9dd31e7b5f0f1107d430181f88054da5b7df768909164bfea47e0f63b193b12c
Security Headers
Name Value
Content-Security-Policy default-src https://*.zdnet.com:*
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:23 GMT
x-content-type-options
nosniff
age
36856
status
200
content-transfer-encoding
binary
x-image-exists
1
vary
Accept-Image-Webp,Accept-Image-Webv
content-length
9217
x-xss-protection
1; mode=block
server
ContentServer
x-frame-options
SAMEORIGIN
etag
"f4db8537e9d75da46c4efc36a2d70956"
strict-transport-security
max-age=31536000
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
gcstest
false
content-security-policy
default-src https://*.zdnet.com:*
accept-ranges
bytes
timing-allow-origin
*
amz.jpg
zdnet1.cbsistatic.com/hub/i/r/2020/04/27/df8d9613-038d-4528-a66b-bae22fe98377/thumbnail/170x128/f11597019636fd56fd986e8a94730bde/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zdnet1.cbsistatic.com/hub/i/r/2020/04/27/df8d9613-038d-4528-a66b-bae22fe98377/thumbnail/170x128/f11597019636fd56fd986e8a94730bde/amz.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
ContentServer /
Resource Hash
ce188c1f33a2dd2c686f5e844f8bb1a07f27bb4c5dc4c5e75195bf9c040f01e8
Security Headers
Name Value
Content-Security-Policy default-src https://*.zdnet.com:*
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
96076
status
200
content-transfer-encoding
binary
x-image-exists
1
vary
Accept-Image-Webp,Accept-Image-Webv
content-length
4036
x-xss-protection
1; mode=block
server
ContentServer
x-frame-options
SAMEORIGIN
etag
W/"597c7b407a02cc0a92167e7a371eca25"
strict-transport-security
max-age=31536000
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
gcstest
false
content-security-policy
default-src https://*.zdnet.com:*
accept-ranges
bytes
timing-allow-origin
*
mt.jpg
zdnet2.cbsistatic.com/hub/i/r/2020/04/27/8bff4ec2-8a6f-4d49-ba8e-7ff6e33dedc9/thumbnail/170x128/f13f79ebfdf395e162712f7fe49e16e2/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zdnet2.cbsistatic.com/hub/i/r/2020/04/27/8bff4ec2-8a6f-4d49-ba8e-7ff6e33dedc9/thumbnail/170x128/f13f79ebfdf395e162712f7fe49e16e2/mt.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
ContentServer /
Resource Hash
92e23c140b4a63cceb9dafd065f75246968ed7e7f9b37f16bed71401873af885
Security Headers
Name Value
Content-Security-Policy default-src https://*.zdnet.com:*
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:23 GMT
x-content-type-options
nosniff
age
99326
status
200
content-transfer-encoding
binary
x-image-exists
1
vary
Accept-Image-Webp,Accept-Image-Webv
content-length
7516
x-xss-protection
1; mode=block
server
ContentServer
x-frame-options
SAMEORIGIN
etag
"bb836c01cdc9120a9c984c525e4b1a4a"
strict-transport-security
max-age=31536000
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
gcstest
false
content-security-policy
default-src https://*.zdnet.com:*
accept-ranges
bytes
timing-allow-origin
*
screenshot-2020-04-24-at-06-33-40.png
zdnet4.cbsistatic.com/hub/i/r/2020/04/24/2a9feda9-f2d4-46ca-b659-b36696513d51/thumbnail/170x128/f7dfc96d1f1ce7d41dcfd264e7dc3d17/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zdnet4.cbsistatic.com/hub/i/r/2020/04/24/2a9feda9-f2d4-46ca-b659-b36696513d51/thumbnail/170x128/f7dfc96d1f1ce7d41dcfd264e7dc3d17/screenshot-2020-04-24-at-06-33-40.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
ContentServer /
Resource Hash
c247193602e63cf6aa0236b1eb2346af9084d1983885f86810de2517c8aab037
Security Headers
Name Value
Content-Security-Policy default-src https://*.zdnet.com:*
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:23 GMT
x-content-type-options
nosniff
age
366872
status
200
content-transfer-encoding
binary
x-image-exists
1
vary
Accept-Image-Webp,Accept-Image-Webv
content-length
37889
x-xss-protection
1; mode=block
server
ContentServer
x-frame-options
SAMEORIGIN
etag
"98f242e5ddc10fd4d0eaf738ee59407a"
strict-transport-security
max-age=31536000
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
gcstest
false
content-security-policy
default-src https://*.zdnet.com:*
accept-ranges
bytes
timing-allow-origin
*
/
www.zdnet.com/newsletter/xhr/widget-login/ 		2 KB
921 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.zdnet.com/newsletter/xhr/widget-login/?topic=security
Requested by
Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/2060-fly/js/main.default.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3234f5f9fa01e35fc27a6db352dfab9f49e1fad2a845ef5a1bf2ff313cdce1bb
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.zdnet.com *.ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' *.zdnet.com *.ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
content-encoding
gzip
x-content-type-options
nosniff
status
200
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
756
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
x-frame-options
SAMEORIGIN
date
Tue, 28 Apr 2020 14:16:24 GMT
expect-ct
max-age=0, report-uri="https://7a8f8748a40805618a61b617481a6ebc.report-uri.com/r/d/ct/reportOnly"
vary
Accept-Encoding, User-Agent
x-tx-id
4c423913-117e-4bfb-b99b-8cfbdc89f4e7
content-type
application/json
access-control-allow-origin
https://www.zdnet.com
cache-control
no-cache
accept-ranges
bytes
front-door-carousel-d989216481-rev.js
zdnet1.cbsistatic.com/fly/js/components/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zdnet1.cbsistatic.com/fly/js/components/front-door-carousel-d989216481-rev.js
Requested by
Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/js/libs/require-2.1.2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
ContentServer /
Resource Hash
a0aa48808ddef7604ba969db62e4af3a2ba001b7a8751823cf0ab2d430308ea5
Security Headers
Name Value
Content-Security-Policy default-src https://*.zdnet.com:*
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
415078
status
200
vary
Accept-Encoding
content-length
1552
x-xss-protection
1; mode=block
last-modified
Thu, 23 Apr 2020 17:52:09 GMT
server
ContentServer
x-frame-options
SAMEORIGIN
etag
W/"5ea1d5c9-1251"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
gcstest
false
content-security-policy
default-src https://*.zdnet.com:*
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Apr 2020 18:58:24 GMT
istock-1162476125-2.jpg
zdnet3.cbsistatic.com/hub/i/r/2020/04/28/b8d7a5b1-ac51-4b74-b84b-5495603d7e4a/thumbnail/170x128/87414fc419d24ca8d1368e37716d2f61/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zdnet3.cbsistatic.com/hub/i/r/2020/04/28/b8d7a5b1-ac51-4b74-b84b-5495603d7e4a/thumbnail/170x128/87414fc419d24ca8d1368e37716d2f61/istock-1162476125-2.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
ContentServer /
Resource Hash
d01dffb006385755156cc8ed8135e026b89472f0bc9249789944ae3b0991311a
Security Headers
Name Value
Content-Security-Policy default-src https://*.zdnet.com:*
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:23 GMT
x-content-type-options
nosniff
age
8397
status
200
content-transfer-encoding
binary
x-image-exists
1
vary
Accept-Image-Webp,Accept-Image-Webv
content-length
8881
x-xss-protection
1; mode=block
server
ContentServer
x-frame-options
SAMEORIGIN
etag
"76bba5ee241042431796c97a92e64f5d"
strict-transport-security
max-age=31536000
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
gcstest
false
content-security-policy
default-src https://*.zdnet.com:*
accept-ranges
bytes
timing-allow-origin
*
results.txt
kjtbhcaccbvduxvihk3q-pubyz2-34b0c58ef-clientnsv4-s.akamaihd.net/eum/ Frame 1D34
Redirect Chain
  • https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pubyz2i33
  • https://kjtbhcaccbvduxvihk3q-pubyz2-34b0c58ef-clientnsv4-s.akamaihd.net/eum/results.txt
8 B
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kjtbhcaccbvduxvihk3q-pubyz2-34b0c58ef-clientnsv4-s.akamaihd.net/eum/results.txt
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.106.58 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-106-58.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 28 Apr 2020 14:16:25 GMT
Last-Modified
Wed, 08 May 2013 07:51:12 GMT
Server
Apache
ETag
"402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type
text/plain
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8

Redirect headers

Location
https://kjtbhcaccbvduxvihk3q-pubyz2-34b0c58ef-clientnsv4-s.akamaihd.net/eum/results.txt
Date
Tue, 28 Apr 2020 14:16:23 GMT
Server
AkamaiGHost
Connection
keep-alive
Access-Control-Allow-Origin
*
Content-Length
0
results.txt
fiaqj6absjkbikqce3ygyaaaabpkqovx-pubyz2-974849f39-clienttons-s.akamaihd.net/eum/ Frame 1D34
Redirect Chain
  • https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pubyz2i33
  • https://fiaqj6absjkbikqce3ygyaaaabpkqovx-pubyz2-974849f39-clienttons-s.akamaihd.net/eum/results.txt
8 B
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fiaqj6absjkbikqce3ygyaaaabpkqovx-pubyz2-974849f39-clienttons-s.akamaihd.net/eum/results.txt
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00::210:ba13 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Apache /
Resource Hash
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 28 Apr 2020 14:16:24 GMT
Last-Modified
Wed, 08 May 2013 07:51:12 GMT
Server
Apache
ETag
"402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type
text/plain
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8

Redirect headers

Location
https://fiaqj6absjkbikqce3ygyaaaabpkqovx-pubyz2-974849f39-clienttons-s.akamaihd.net/eum/results.txt
Date
Tue, 28 Apr 2020 14:16:23 GMT
Server
AkamaiGHost
Connection
keep-alive
Access-Control-Allow-Origin
*
Content-Length
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 453A 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1582746470043195"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
5456
x-xss-protection
0
expires
Tue, 28 Apr 2020 14:16:23 GMT
vid.jpg
zdnet1.cbsistatic.com/hub/i/r/2020/04/27/04455dd7-a726-40ba-aebd-42520527ea94/thumbnail/170x128/3e9d528be490452afc928e834e688459/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zdnet1.cbsistatic.com/hub/i/r/2020/04/27/04455dd7-a726-40ba-aebd-42520527ea94/thumbnail/170x128/3e9d528be490452afc928e834e688459/vid.jpg
Requested by
Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/2060-fly/js/main.default.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
ContentServer /
Resource Hash
9dd31e7b5f0f1107d430181f88054da5b7df768909164bfea47e0f63b193b12c
Security Headers
Name Value
Content-Security-Policy default-src https://*.zdnet.com:*
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:24 GMT
x-content-type-options
nosniff
age
36857
status
200
content-transfer-encoding
binary
x-image-exists
1
vary
Accept-Image-Webp,Accept-Image-Webv
content-length
9217
x-xss-protection
1; mode=block
server
ContentServer
x-frame-options
SAMEORIGIN
etag
"f4db8537e9d75da46c4efc36a2d70956"
strict-transport-security
max-age=31536000
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
gcstest
false
content-security-policy
default-src https://*.zdnet.com:*
accept-ranges
bytes
timing-allow-origin
*
amz.jpg
zdnet1.cbsistatic.com/hub/i/r/2020/04/27/df8d9613-038d-4528-a66b-bae22fe98377/thumbnail/170x128/f11597019636fd56fd986e8a94730bde/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zdnet1.cbsistatic.com/hub/i/r/2020/04/27/df8d9613-038d-4528-a66b-bae22fe98377/thumbnail/170x128/f11597019636fd56fd986e8a94730bde/amz.jpg
Requested by
Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/2060-fly/js/main.default.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
ContentServer /
Resource Hash
ce188c1f33a2dd2c686f5e844f8bb1a07f27bb4c5dc4c5e75195bf9c040f01e8
Security Headers
Name Value
Content-Security-Policy default-src https://*.zdnet.com:*
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
96076
status
200
content-transfer-encoding
binary
x-image-exists
1
vary
Accept-Image-Webp,Accept-Image-Webv
content-length
4036
x-xss-protection
1; mode=block
server
ContentServer
x-frame-options
SAMEORIGIN
etag
W/"597c7b407a02cc0a92167e7a371eca25"
strict-transport-security
max-age=31536000
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
gcstest
false
content-security-policy
default-src https://*.zdnet.com:*
accept-ranges
bytes
timing-allow-origin
*
mt.jpg
zdnet2.cbsistatic.com/hub/i/r/2020/04/27/8bff4ec2-8a6f-4d49-ba8e-7ff6e33dedc9/thumbnail/170x128/f13f79ebfdf395e162712f7fe49e16e2/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zdnet2.cbsistatic.com/hub/i/r/2020/04/27/8bff4ec2-8a6f-4d49-ba8e-7ff6e33dedc9/thumbnail/170x128/f13f79ebfdf395e162712f7fe49e16e2/mt.jpg
Requested by
Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/2060-fly/js/main.default.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
ContentServer /
Resource Hash
92e23c140b4a63cceb9dafd065f75246968ed7e7f9b37f16bed71401873af885
Security Headers
Name Value
Content-Security-Policy default-src https://*.zdnet.com:*
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:24 GMT
x-content-type-options
nosniff
age
99327
status
200
content-transfer-encoding
binary
x-image-exists
1
vary
Accept-Image-Webp,Accept-Image-Webv
content-length
7516
x-xss-protection
1; mode=block
server
ContentServer
x-frame-options
SAMEORIGIN
etag
"bb836c01cdc9120a9c984c525e4b1a4a"
strict-transport-security
max-age=31536000
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
gcstest
false
content-security-policy
default-src https://*.zdnet.com:*
accept-ranges
bytes
timing-allow-origin
*
screenshot-2020-04-24-at-06-33-40.png
zdnet4.cbsistatic.com/hub/i/r/2020/04/24/2a9feda9-f2d4-46ca-b659-b36696513d51/thumbnail/170x128/f7dfc96d1f1ce7d41dcfd264e7dc3d17/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zdnet4.cbsistatic.com/hub/i/r/2020/04/24/2a9feda9-f2d4-46ca-b659-b36696513d51/thumbnail/170x128/f7dfc96d1f1ce7d41dcfd264e7dc3d17/screenshot-2020-04-24-at-06-33-40.png
Requested by
Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/2060-fly/js/main.default.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
ContentServer /
Resource Hash
c247193602e63cf6aa0236b1eb2346af9084d1983885f86810de2517c8aab037
Security Headers
Name Value
Content-Security-Policy default-src https://*.zdnet.com:*
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:24 GMT
x-content-type-options
nosniff
age
366872
status
200
content-transfer-encoding
binary
x-image-exists
1
vary
Accept-Image-Webp,Accept-Image-Webv
content-length
37889
x-xss-protection
1; mode=block
server
ContentServer
x-frame-options
SAMEORIGIN
etag
"98f242e5ddc10fd4d0eaf738ee59407a"
strict-transport-security
max-age=31536000
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
gcstest
false
content-security-policy
default-src https://*.zdnet.com:*
accept-ranges
bytes
timing-allow-origin
*
istock-1162476125-2.jpg
zdnet3.cbsistatic.com/hub/i/r/2020/04/28/b8d7a5b1-ac51-4b74-b84b-5495603d7e4a/thumbnail/170x128/87414fc419d24ca8d1368e37716d2f61/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zdnet3.cbsistatic.com/hub/i/r/2020/04/28/b8d7a5b1-ac51-4b74-b84b-5495603d7e4a/thumbnail/170x128/87414fc419d24ca8d1368e37716d2f61/istock-1162476125-2.jpg
Requested by
Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/2060-fly/js/main.default.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
ContentServer /
Resource Hash
d01dffb006385755156cc8ed8135e026b89472f0bc9249789944ae3b0991311a
Security Headers
Name Value
Content-Security-Policy default-src https://*.zdnet.com:*
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:24 GMT
x-content-type-options
nosniff
age
8397
status
200
content-transfer-encoding
binary
x-image-exists
1
vary
Accept-Image-Webp,Accept-Image-Webv
content-length
8881
x-xss-protection
1; mode=block
server
ContentServer
x-frame-options
SAMEORIGIN
etag
"76bba5ee241042431796c97a92e64f5d"
strict-transport-security
max-age=31536000
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
gcstest
false
content-security-policy
default-src https://*.zdnet.com:*
accept-ranges
bytes
timing-allow-origin
*
runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 530B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/209/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
5727
date
Tue, 28 Apr 2020 14:09:04 GMT
expires
Wed, 28 Apr 2021 14:09:04 GMT
last-modified
Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
440
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
screenshot-2020-04-26-at-14-39-06.png
zdnet3.cbsistatic.com/hub/i/2020/04/26/96b82079-3e46-42be-8a39-962c05fe2bd0/ 		183 KB
179 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zdnet3.cbsistatic.com/hub/i/2020/04/26/96b82079-3e46-42be-8a39-962c05fe2bd0/screenshot-2020-04-26-at-14-39-06.png
Requested by
Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/2060-fly/js/main.default.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
ContentServer /
Resource Hash
d44f047968ad7ddf63b8ced21ccadc5b55b8800c0984467e7c96b44367327050
Security Headers
Name Value
Content-Security-Policy default-src https://*.zdnet.com:*
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
121216
status
200
content-transfer-encoding
binary
x-image-exists
1
vary
Accept-Image-Webp,Accept-Image-Webv
content-length
183584
x-xss-protection
1; mode=block
server
ContentServer
x-frame-options
SAMEORIGIN
etag
W/"ce88c0dc73f8cf6cf70c942eecb8fecb"
strict-transport-security
max-age=31536000
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
gcstest
false
content-security-policy
default-src https://*.zdnet.com:*
accept-ranges
bytes
timing-allow-origin
*
/
684dd30a.akstat.io/ 		0
354 B 		Other
General
Check archive.org
Download Go to
Full URL
https://684dd30a.akstat.io/
Requested by
Host: c.go-mpulse.net
URL: https://c.go-mpulse.net/boomerang/YZ2TK-PC7PJ-K64DL-L53CR-P2G4E
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:192::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Tue, 28 Apr 2020 14:16:25 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.zdnet.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
X-XSS-Protection
0
Expires
Tue, 28 Apr 2020 14:16:25 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame A6A0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/209/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
5727
date
Tue, 28 Apr 2020 14:09:04 GMT
expires
Wed, 28 Apr 2021 14:09:04 GMT
last-modified
Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
440
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
show-hide-1.0-7bf562809f-rev.js
zdnet3.cbsistatic.com/fly/js/components/ 		2 KB
749 B 		Script
General
Check archive.org
Download Go to
Full URL
https://zdnet3.cbsistatic.com/fly/js/components/show-hide-1.0-7bf562809f-rev.js
Requested by
Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/js/libs/require-2.1.2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
ContentServer /
Resource Hash
cd715c0fa7d69e85432e8b08d0a02b9613edf40212cca2040bde31670167638e
Security Headers
Name Value
Content-Security-Policy default-src https://*.zdnet.com:*
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 14:16:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
415080
status
200
vary
Accept-Encoding
content-length
673
x-xss-protection
1; mode=block
last-modified
Thu, 23 Apr 2020 17:52:09 GMT
server
ContentServer
x-frame-options
SAMEORIGIN
etag
W/"5ea1d5c9-71c"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
gcstest
false
content-security-policy
default-src https://*.zdnet.com:*
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Apr 2020 18:58:24 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020042302&jk=1370617840948837&bg=!s7ClsKhYcy0F3OynRGECAAAA4VIAAAAimQF1-oSTi4vBCscuw9-VpMzazcNEdQK-iq5cklmT_TZah6lpH44JyIruCC_uKyKcRyZxKvte7futuW-YPWEcRuXkYol3WWqaFsbBFNCAw5-vMJ1NGPDUXZRyd8K5mpB2sdUIB3HkxIbYFrOiq5YsMCdpCG_Bdt4kOQ1-ax3sf9MXwp_JVc__hGzrVe_oaqpM48vGylEZBBFL4skqP0WlNz0hwABwcmZg9DE6rXohv7kWYOKNbwn5nGQw6dc2iLIHV6ZeUmaBuF2YS3ZSTa_0sez-R8E729y0EkQWQPMapOGEIwCjKcyadBzy_sbF1f2g4J9Nr2zyqzd30SrKiCODs0-aPFlqWc3jdlRCy2XIis2CNU40x0CcoVPC3rXloBtlHlNNmsvcEaiu5rxgkKVbEYx_gTNcRjyC1lPE1yCSR9cVZ6BCuR_5r9FVgaWJ0eaTHbeQ0VJAACV8CHvwuAdtwP2vRCE2x8SgVdu0HPB7t8SKvWm0L3sHqg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Apr 2020 14:16:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 453A 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020042302&jk=328485721941848&bg=!YWKlYnpYsbIZYpVTwGQCAAAAvVIAAAA1mQF703gJrWeg03d_M3SUusXpyyP5WC9GsziD1wIIU8w5W5q6NTLER97D5j90msjn1Q5_bggJZFRGyLHAFcta6tT0KFrZhZCvAyjukaEJKE66Hog8ZPQIBebzVMqO0r_pP_PxcaeYgN36NoPIJgLNKebjMFKrY5UUewe9LtqTGvadcdQxLjC9-FVC06dmv0PT4G2mAkdY4HEEaTTK5tDET9sGmRFaZKfXkf_OtGLyVejhBzeyiYOvhW0aUIJhkll_eboXSXwljPOYBA9a02ZqO5G7iypNJYqluHh5zbANzb40dGUYuuNl1U4BYdQb5PZP94rCmL93WeQCbB-gbpc1_R5Mhms1Eso7rd3ogP8CxGAMYqNRnjLLtNJj7VdkOJd6FZKey4V7qMWYXk9-51W_ZSqASMH_n9VBy_B4OwleeKb_r__qm1f9yTSAdWqjnbte7-nD10k_FlWQ4DcjvT5V4zeARRuAZ4tLslz98jmBsEN_xr-qr9yedNmoHn0aaw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Apr 2020 14:16:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=11&i=CBS_PREBID_HEADER1&hp=1&wf=1&vb=7&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&k=&bq=11&f=0&j=&t=1588083379386&de=961150341498&rx=362775047630&m=0&ar=6ba875f-clean&iw=2ec19fd&q=41&cb=0&cu=1588083379386&ll=2&lm=0&ln=0&em=0&en=0&d=25365849%3A465723849%3A4676441751%3A138290752599&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fthis-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug%2F&id=1&bo=uk-zdnet&bd=security&gw=cbsprebidheader506831276743&fd=1&ac=1&it=500&pe=1%3A1743%3A1743%3A0%3A1966&fs=178191&na=1268755946&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-226-64.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Apr 2020 14:16:32 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
status
200
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 28 Apr 2020 14:16:32 GMT

Verdicts & Comments Add Verdict or Comment

124 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| cbsoptanon object| soastaTracking object| ZdnetPageVars object| ZdnetFunctions number| BOOMR_lstart object| _sf_async_config number| _sf_startpt object| _cbq object| knownServiceWorkers object| BidBarrel function| UUIDv4 string| __tealium_data_guid object| utag_data object| __core-js_shared__ function| setImmediate function| clearImmediate object| pbjs object| _pbjsGlobals object| adFlow object| googletag string| _cbsotstate object| BOOMR object| BOOMR_mq function| requirejs function| require function| define object| OneTrustStub string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer function| $ function| jQuery object| Modernizr number| BOOMR_configt object| _bmrEvents number| _sf_endpt function| VideoStrategy object| _cbv_strategies function| blankAdCallback function| CbsMoatListener function| moatYieldReady function| setMoatPrebidData object| jQuery18309367633441140475 object| ggeac object| closure_memoize_cache_ object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleToken function| jsonFeed number| google_srt function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| CryptoJS object| mPulseApp object| otStubData object| Optanon object| OneTrust object| adsbygoogle number| __google_ad_urls_id number| google_unique_id object| gaGlobal undefined| easyXDM object| AudEng object| URS undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| pxSrc undefined| px object| Moat#G26 object| MoatSuperV26 object| MoatNadoAllJsonpRequest_58825200 object| Moat#PML#26#1.2 boolean| Moat#EVA object| MoatDataJsonpRequest_58825200 object| moatPrebidApi object| ampInaboxIframes object| ampInaboxPendingMessages object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired undefined| ad function| Waypoint object| DOMlessLLDcallback_98766314 function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| debug object| __AMP_LOG object| __AMP_ERRORS boolean| ampInaboxInitialized object| __AMP_MODE function| __AMP_REPORT_ERROR object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| AMP undefined| _ function| Hls undefined| uuid function| addResizeListener function| removeResizeListener object| cvui object| uvpjs function| Class object| mpulseUserTiming number| BOOMR_onload string| adBlockCookieValue object| $tealium object| GoogleGcLKhOms boolean| searchOpen object| $lastFocusedInput string| pageType string| waypointContextKey object| google_image_requests

7 Cookies

Domain/Path Name / Value
.zdnet.com/ Name: fly_preferred_edition
Value: eu
.zdnet.com/ Name: fly_default_edition
Value: eu
.zdnet.com/ Name: __gads
Value: ID=237a4c0322d079fe:T=1588083383:S=ALNI_Mb09Q8fQlE_mdmeTGb4oq8mIJFMsw
.zdnet.com/ Name: fly_device
Value: desktop
.zdnet.com/ Name: fly_geo
Value: {"countryCode": "de"}
.zdnet.com/ Name: RT
Value: "z=1&dm=zdnet.com&si=9bc54829-d6a6-4c5c-9b04-95b5a736574f&ss=k9jzu64i&sl=1&tt=6rs&bcn=%2F%2F684dd30a.akstat.io%2F&ld=6s9"
www.zdnet.com/ Name: viewGuid
Value: 843688c6-7bdd-434a-b2b6-07986a50fe2e

24 Console Messages

Source Level URL
Text
console-api log URL: https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/(Line 298)
Message:
Found registered service worker: [object ServiceWorkerRegistration]
console-api info URL: https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/(Line 283)
Message:
Registration of service worker /service-worker.js successful with scope:https://www.zdnet.com/
console-api log URL: https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/(Line 167)
Message:
%c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: _injectQueryStringGCP functional
console-api log URL: https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/(Line 167)
Message:
%c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_chartbeat_video performance
console-api log URL: https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/(Line 167)
Message:
%c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_tealium functional
console-api log URL: https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/(Line 30)
Message:
Loading iframes
console-api log (Line 71)
Message:
blank creative loaded: 138245072116 (5 x 5, pos=nav, slot=nav-ad)
console-api log (Line 71)
Message:
blank creative loaded: 138239338542 (970 x 66, pos=top, slot=leader-plus-top)
console-api log (Line 71)
Message:
blank creative loaded: 138248164873 (300 x 250, pos=top, slot=mpu-plus-top)
console-api log (Line 71)
Message:
blank creative loaded: 138239450932 (300 x 250, pos=middle, slot=mpu-middle)
console-api log (Line 71)
Message:
blank creative loaded: 138239338269 (970 x 66, pos=bottom, slot=leader-plus-bottom)
console-api log URL: https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/(Line 164)
Message:
Dynamic Showcase Center container ::: creative id = 138247024569
console-api info URL: https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js(Line 407)
Message:
Powered by AMP ⚡ HTML – Version 2003262059300 https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/
console-api log URL: https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/(Line 167)
Message:
%c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_urban_airship targeting
console-api log (Line 71)
Message:
blank creative loaded: 138239479696 (372 x 142, pos=, slot=dynamic_showcase__0)
console-api log (Line 71)
Message:
blank creative loaded: 138239375540 (372 x 142, pos=, slot=dynamic_showcase__1)
console-api log URL: https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/(Line 167)
Message:
%c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_medusa_recommendation targeting
console-api log URL: https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/(Line 167)
Message:
%c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_sharebar social
console-api log URL: https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/(Line 167)
Message:
%c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_medusa_recommendation targeting
console-api log URL: https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/(Line 167)
Message:
%c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_sharebar social
console-api log URL: https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/(Line 167)
Message:
%c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_medusa_recommendation targeting
console-api log URL: https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/(Line 167)
Message:
%c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_medusa_recommendation targeting
console-api log URL: https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/(Line 167)
Message:
%c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_medusa_recommendation targeting
console-api log URL: https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/(Line 167)
Message:
%c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_medusa_recommendation targeting

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' *.zdnet.com *.ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

684dd30a.akstat.io
685d5b19.akstat.io
adservice.google.be
adservice.google.com
adservice.google.de
at.cbsi.com
c.go-mpulse.net
cdn.ampproject.org
cdn.cookielaw.org
fiaqj6absjkbikqce3ygyaaaabpkqovx-pubyz2-974849f39-clienttons-s.akamaihd.net
fonts.googleapis.com
fonts.gstatic.com
geo.moatads.com
geolocation.onetrust.com
kjtbhcaccbvduxvihk3q-pubyz2-34b0c58ef-clientnsv4-s.akamaihd.net
mb.moatads.com
pagead2.googlesyndication.com
production-cmp.isgprivacy.cbsi.com
px.moatads.com
rev.cbsi.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
urs.zdnet.com
vidtech.cbsinteractive.com
www.googletagservices.com
www.zdnet.com
z.moatads.com
zdnet1.cbsistatic.com
zdnet2.cbsistatic.com
zdnet3.cbsistatic.com
zdnet4.cbsistatic.com
151.101.129.188
152.195.132.202
172.217.22.66
2.16.106.58
23.2.219.214
2606:4700:10::6814:b844
2a00:1450:4001:801::2003
2a00:1450:4001:809::2001
2a00:1450:4001:815::2002
2a00:1450:4001:815::200a
2a00:1450:4001:81f::2002
2a00:1450:4001:820::2001
2a02:26f0:6c00:181::11a6
2a02:26f0:6c00:192::11a6
2a02:26f0:6c00::210:ba13
2a02:26f0:6c00::210:ba19
2a04:4e42:1b::444
2a04:4e42:3::444
2a04:4e42:3::645
34.102.213.242
52.215.85.82
63.35.59.66
72.247.226.64
0025565f0cddfceb7ebdbc4b21d2552c894998e443153f97a6e8b353dfd9bebd
0143251fc6233ab3db13575f4e5208ca169f7fc18ac72d5a6f62901d94aa6f22
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
07b69027231d985f5bdcd4d5a539f120d26003feef6e9dc0a6b77a4b43a9b21f
0b3678d81937a06cba82b9b8d1b69a6e60c1133246d9798e681bf3908aa390bc
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
100a52d61c50f58a52c69c029c21bad78ffe50810560bf5d769aae00d8dfe244
142802f684dd3b6d16a2de880165028598598c2438c0d5238032456f3f728556
1724d7fd70903754d6f29172f2ac879dc6dab79df6c4c78ed06f45c0f117e15c
17c871d09578495e31181c653c0366c6de030519cf9668ab2937766784cf8db5
1c0ccb11374e2374cb7a52c792ffe07d9203d28d4ad97623bcf27bc58d2513f9
1c14d3996c13263cfa324a4b2e97649877455eab114547ff5d8b168e10cb2c16
1d93d85e9887c861e43962220f8ae363c16197932c5ffa3620eb42bb3c216a99
1df152c5f79010dd701eceeabbf5fae49f8b375b625f2a5d7f8a8fbe11b92f2b
21c9c7889404394d4e4c780022b56b5fa39e83b19c34eb0508561a115a1dcc6a
25332bd52a16b6053fcee418b1eacc1240ef37b4b94412457fb4b7f19190fea3
2bf78db102c9d6e84c8e86cd2bd6134383688ae866a991028728b62f482358ab
2dc3b7f46c98580d65d4b7b99ce2ca9d1084a853b2d787836c343e9c12bc5650
3234f5f9fa01e35fc27a6db352dfab9f49e1fad2a845ef5a1bf2ff313cdce1bb
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
38b105aaaea628c1b123cc6c484b947929d2465ad1b01ac0c9342ba21f6d5336
3b1fc99009fb66968e4aeef296d850ffebe8644ec24f5ad3cacbb78c9fb5139d
3e197065a7140de42dd208e9d62e19a1dffb7849965296e2c57fa2d12fa692ae
3e739d0fcd6811c6f2c97393b66431eda17c61ebbdd01b88344e90a7a7a90c0b
48b9b9c50fd14ec46d7bafe5857e5aeeb945e25a79f678f31f02d2c2761e5971
4d30ac22ab046870c2859ae90b8598967936e693bf0773ef5e41dae33a04f0a5
51c56935854bed13b06e04dd8a756cb635edca2f98d1f55b3608ecc200162426
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f
69721aa2f1085046c84d1943a1daa0515be8e2f060c21063024ea117789e425c
6b1177d31c8c52d3a67f9eaa334aaeb9bb545fe838b4cfe3af41902ae4f6b727
6c9ba076312d706e7a2c79aa15b2c7a50610191232a333f5504e8d8eded22ed7
7444a4f95aa54b94261f01f7bc26d3fcd45f723643698a54412fc8dea4267179
744ae87db00be85a6a482a3e8036f81aafaa7754be29b05a2330d0fbc8fea803
7527b7f450a686266ec3c5fa39047f6b45769ae8224b9609556302dd8d44e908
757356e3395a14678ad98d34ab39325de29d79752e66ae1748d0015cfd5d007e
7853f30b8d97f4ea1936818b0b01f1757e46fe3f99571a572582d4eec53e6875
7bee3a5ad33b029f119b2245f33ba68b6e3aff305c17379b180545b4e50ad178
7fa1c7b1686f9f116183456c39f7b3ed9cce063cfb428e575fe4a29ae05c4fa6
7fb9d14d93ae5698aa9b8b33ac27bf1fc8fb7e78f151935b5eeb89612cd8bfb6
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
824e2ec0553bc582c02673a30139ac8fe4a6485943d64d32dfb7ae5a83efbe92
83cbc7b54092b1bc2080b2ef7a7096e2c125a21a8b58895fa2cccd7e0a03d89d
8d3dda42e071f8d25d6c35cadbdeecd5d3fa99a1bbdb58783df1c2215ad4ad54
8e00ebebe053ff93e139bab1a80ced2517b33572ab374ae641e0e1cfed58d8e0
91aa8c4c803bc26369b16ca534ba750c333c6dff082a52eda71b85e36eb1bf98
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
92e23c140b4a63cceb9dafd065f75246968ed7e7f9b37f16bed71401873af885
95783bf43b78701a92daf5ec7268db97c7144599c774821126b8cc5396724bfa
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54
9a425d82767cc1b37e3121a91a99490205e108df00e2c5002c235b8a64397a88
9dd31e7b5f0f1107d430181f88054da5b7df768909164bfea47e0f63b193b12c
a0aa48808ddef7604ba969db62e4af3a2ba001b7a8751823cf0ab2d430308ea5
a2deddad8c3b18a05e32ffdbb3e57004f820bf30d3ba341cd529b9156db47f41
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a4dcc566cee67b95f42d788b07c9ea8abc59eaa1b4953aa9b1aa6a7506a4c139
a58db5adf9958450ff7368808e322df972146f6c86546e471b0608af84e93bb3
a70d5b9ad136255942779acf94da5cc72316fde5c10c5e7707d6f1888f43dcb8
a72f1869aa4dc24fe8258bec325e640b13e3a350b090adc8488aa1329388bf2e
a8d35b51c33f1e44c5b2a93b9f184e2b8254e3ba31c279158c3e664c7d20d0b6
a9c81c1a5654ce0d49a251da3cb0b70969419619b071f9c2ab004fa8f0cda57b
ac3a6bcb13bffe2ae82a836011c0a5fdc83b70154ec7a7e86af94948f5131bbd
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b37f511be983e8dbafb0a6ec4ba2710468eb35312e3b28c622e806ed88e1b196
b4b2d45758098ad4513cbcb4b8d2ea58c84f37ab1642b9aefd81818da523e8c6
b9ebb06a28308cb8705ad9dad0987135ad843bca01940e2df960190d24216f3b
c1fe1c7104ecaac33f1e63108206e68e57ebba36ddc1c7019409f0bd7dfeb249
c247193602e63cf6aa0236b1eb2346af9084d1983885f86810de2517c8aab037
ccd2ec6a430ba09d1cb7bb66290d0edb5ee04ca6c99dad6149a94bf1c6114e9d
cd715c0fa7d69e85432e8b08d0a02b9613edf40212cca2040bde31670167638e
ce188c1f33a2dd2c686f5e844f8bb1a07f27bb4c5dc4c5e75195bf9c040f01e8
ceffb891c3e1891757ead2e7e41497adc13abca0d14d7f58d20e3aa8d5aee108
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d01dffb006385755156cc8ed8135e026b89472f0bc9249789944ae3b0991311a
d07d89c78cc9ca10fe0d658aca7fa2328dd936ff1b7f89d9e5bd5c5ca3a9d8fb
d0cbfb1ab0f94123834567e32df7ec74a1c210793f797368d41a4b4c2732d4a0
d2fe67ecc4354b214728e0a7d75b67536a78f6b575080b589d54a1937fc46b41
d30e3d54cc600603a8082cc015057bc68ef07a99879988234c9a8c57f5e397e5
d44f047968ad7ddf63b8ced21ccadc5b55b8800c0984467e7c96b44367327050
d549c4084d312d53cb0eb372bfc5b02b793973c0726a61a9415fd7e5c0c030da
d653cd969067d9b378a11dff27607249108c844f7ae32930f00ea05a13270c50
da8c4bacc841dac6fd247e95d34e81f9896c52f1c9560e1dc300b628c37330d1
de538a62257057626ff3689528e255f7a67482f33987fea0e0085da48281d016
dfd272053c730cd470302af475eb401d9be41c81f0081c20d7910f6c12732c9d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e60d72219eb682a93fea26976d93acbe542afdd65065fd1e05c393d8dd996a30
ea7373d7059ab32d4304249b48a91311f91d2dce5e1ebf10450f33f9a8c5f5ec
f1dd157efcd5268ee43053eca75800f0a57b1ff3ddc87e84788bb4d47cd35346
f3e2e0f12c5badfe408d69bf6c0fa9ce6247f9a45c849851a53b8647637cfcd0
f51847fa7ee7ca77bfddece1bf796d701feb167b1d401eb4cfc35731f218071c
fb7a86f12d2f0ac2f4111c147415ab30f9c7d84c5e15faba3875fce7ce590127
fc9e639cdf31f14d62c1339c6a495811264fbbede9bddd3228ab8c7927bcddc8
fca7a257ee588da1ee9515bc728c67830e1d664bca2a3bf22786b96dbe520ac3
ff2ae991ac0efdb5ae8b4428ba8555a0aeb0fd94b8014ce290c484242c524097