urlscan.io logo urlscan.io
SecurityTrails logo

windowsreport.com Open in urlscan Pro
148.251.186.217  Public Scan

Go To Rescan Add Verdict Report
URL: https://windowsreport.com/msmpeng-exe-high-cpu-usage/
Submission: On December 20 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 4 countries across 16 domains to perform 100 HTTP transactions. The main IP is 148.251.186.217, located in Germany and belongs to HETZNER-AS, DE. The main domain is windowsreport.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on November 4th 2018. Valid for: 3 months.
This is the only time windowsreport.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 148.251.186.217 24940 (HETZNER-AS)
7 2a00:1450:400... 15169 (GOOGLE)
7 2.18.232.15 16625 (AKAMAI-AS)
1 143.204.99.120 16509 (AMAZON-02)
11 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
9 172.217.18.98 15169 (GOOGLE)
1 4 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
4 4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 199.115.114.66 30633 (LEASEWEB-...)
2 52.94.232.33 16509 (AMAZON-02)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 151.101.192.84 54113 (FASTLY)
2 2620:109:c002... 14413 (LINKEDIN)
1 151.101.0.84 54113 (FASTLY)
13 2a00:1450:400... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 52.46.128.194 16509 (AMAZON-02)
1 52.94.233.131 16509 (AMAZON-02)
100 23
13    148.251.186.217 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: edge.presslabs.net
windowsreport.com
cdn.windowsreport.com
7    2a00:1450:4001:81f::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
7    2.18.232.15 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-232-15.deploy.static.akamaitechnologies.com
s7.addthis.com
m.addthisedge.com
api-public.addthis.com
1    143.204.99.120 (Wilmington, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-99-120.fra50.r.cloudfront.net
z-na.amazon-adsystem.com
11    2a00:1450:4001:821::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
1    2a00:1450:4001:81f::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.de
1    2a00:1450:4001:815::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.com
9    172.217.18.98 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: zrh04s05-in-f98.1e100.net
securepubads.g.doubleclick.net
4    2a00:1450:4001:81c::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    2a00:1450:400c:c08::9b (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
4    2a00:1450:4001:806::2004 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    2a00:1450:4001:81f::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
2    199.115.114.66 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC-01 - Leaseweb USA, Inc., US)
PTR: edge.presslabs.net
staging.windowsreport.com
cdn.staging.windowsreport.com
2    52.94.232.33 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
aax-us-east.amazon-adsystem.com
2    2a03:2880:f02d:e:face:b00c:0:2 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
graph.facebook.com
1    151.101.192.84 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
widgets.pinterest.com
2    2620:109:c002::6cae:a0a (United States)

ASN14413 (LINKEDIN - LinkedIn Corporation, US)
www.linkedin.com
1    151.101.0.84 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
widgets.pinterest.com
13    2a00:1450:4001:825::2001 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
tpc.googlesyndication.com
13    2a00:1450:4001:820::2001 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
cdn.ampproject.org
6    2a00:1450:4001:825::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
3    2a00:1450:4001:81b::2014 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
amp-error-reporting.appspot.com
1    52.46.128.194 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
ir-na.amazon-adsystem.com
1    52.94.233.131 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
fls-na.amazon-adsystem.com
Domain Requested by
13 cdn.ampproject.org securepubads.g.doubleclick.net
13 tpc.googlesyndication.com securepubads.g.doubleclick.net
windowsreport.com
11 fonts.gstatic.com windowsreport.com
securepubads.g.doubleclick.net
cdn.ampproject.org
10 cdn.windowsreport.com windowsreport.com
cdn.windowsreport.com
9 securepubads.g.doubleclick.net cdn.windowsreport.com
securepubads.g.doubleclick.net
windowsreport.com
7 fonts.googleapis.com windowsreport.com
securepubads.g.doubleclick.net
4 www.google.com 4 redirects
4 www.google-analytics.com 1 redirects windowsreport.com
4 s7.addthis.com windowsreport.com
s7.addthis.com
3 amp-error-reporting.appspot.com cdn.ampproject.org
3 googleads.g.doubleclick.net windowsreport.com
3 pagead2.googlesyndication.com securepubads.g.doubleclick.net
windowsreport.com
3 windowsreport.com cdn.windowsreport.com
windowsreport.com
2 api-public.addthis.com s7.addthis.com
2 www.linkedin.com s7.addthis.com
2 widgets.pinterest.com s7.addthis.com
2 graph.facebook.com s7.addthis.com
2 aax-us-east.amazon-adsystem.com z-na.amazon-adsystem.com
windowsreport.com
1 fls-na.amazon-adsystem.com windowsreport.com
1 ir-na.amazon-adsystem.com windowsreport.com
1 m.addthisedge.com s7.addthis.com
1 cdn.staging.windowsreport.com windowsreport.com
1 staging.windowsreport.com 1 redirects
1 www.google.de windowsreport.com
1 stats.g.doubleclick.net 1 redirects
1 adservice.google.com cdn.windowsreport.com
1 adservice.google.de cdn.windowsreport.com
1 z-na.amazon-adsystem.com windowsreport.com
100 28

This site contains links to these domains. Also see Links.

Domain
www.reimageplus.com
cdn.windowsreport.com
toolslib.net
store.malwarebytes.com
www.addthis.com
Subject Issuer Validity Valid
windowsreport.com
Let's Encrypt Authority X3		 2018-11-04 -
2019-02-02		 3 months crt.sh
*.googleapis.com
Google Internet Authority G3		 2018-11-27 -
2019-02-19		 3 months crt.sh
odc-prod-01.oracle.com
DigiCert ECC Secure Server CA		 2018-05-06 -
2019-08-05		 a year crt.sh
z-na.amazon-adsystem.com
Amazon		 2018-06-25 -
2019-06-25		 a year crt.sh
*.google.com
Google Internet Authority G3		 2018-11-27 -
2019-02-19		 3 months crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2018-12-04 -
2019-02-26		 3 months crt.sh
www.google.de
Google Internet Authority G3		 2018-11-27 -
2019-02-19		 3 months crt.sh
staging.windowsreport.com
Let's Encrypt Authority X3		 2018-11-04 -
2019-02-02		 3 months crt.sh
aax-us-east.amazon-adsystem.com
Amazon		 2018-03-12 -
2019-03-12		 a year crt.sh
*.google-analytics.com
Google Internet Authority G3		 2018-11-27 -
2019-02-19		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2017-12-15 -
2019-03-22		 a year crt.sh
*.pinterest.com
DigiCert SHA2 High Assurance Server CA		 2018-10-23 -
2019-06-26		 8 months crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2018-05-30 -
2020-09-01		 2 years crt.sh
tpc.googlesyndication.com
Google Internet Authority G3		 2018-11-27 -
2019-02-19		 3 months crt.sh
misc-sni.google.com
Google Internet Authority G3		 2018-12-04 -
2019-02-26		 3 months crt.sh
*.appspot.com
Google Internet Authority G3		 2018-12-04 -
2019-02-26		 3 months crt.sh
www.assoc-amazon.com
Amazon		 2018-06-06 -
2019-06-06		 a year crt.sh
fls-na.amazon-adsystem.com
Amazon		 2018-05-10 -
2019-05-10		 a year crt.sh

This page contains 4 frames:

Primary Page: https://windowsreport.com/msmpeng-exe-high-cpu-usage/
Frame ID: A4A78B18E203E8B4FC65B11C389CE284
Requests: 55 HTTP requests in this frame

Frame: https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Frame ID: 59949C624DC3EB641D2C386EAF6132E8
Requests: 19 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011812051624460/amp4ads-v0.js
Frame ID: 03E157BF16D0DB3D2FF29CAE214BA42A
Requests: 16 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011812051624460/amp4ads-v0.js
Frame ID: 6FD326B3064ED0EBF4701EEBCC8C854F
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • env /^addthis/i
Overall confidence: 100%
Detected patterns
  • env /^DISQUS/i
Overall confidence: 100%
Detected patterns
  • env /^__google_ad_/i
  • env /^Goog_AdSense_/i
Overall confidence: 100%
Detected patterns
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • env /^googletag$/i
Overall confidence: 100%
Detected patterns
  • env /^Modernizr$/i
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i

Page Statistics

100
Requests

100 %
HTTPS

58 %
IPv6

16
Domains

28
Subdomains

23
IPs

4
Countries

1106 kB
Transfer

3581 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 HTTP 0
  • https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 HTTP 0
  • https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 HTTP 0
  • https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Request Chain 22
  • https://www.google-analytics.com/r/collect?v=1&_v=j72&a=2009420948&t=pageview&_s=1&dl=https%3A%2F%2Fwindowsreport.com%2Fmsmpeng-exe-high-cpu-usage%2F&ul=en-us&de=UTF-8&dt=Fix%3A%20MsMpEng.exe%20causes%20high%20CPU%20usage%20on%20Windows%2010%2C%20Windows%207&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=1256225357&gjid=1744995497&cid=743812715.1545331253&tid=UA-47204784-3&_gid=300071285.1545331253&_r=1&z=1830579612 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-47204784-3&cid=743812715.1545331253&jid=1256225357&_gid=300071285.1545331253&gjid=1744995497&_v=j72&z=1830579612 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-47204784-3&cid=743812715.1545331253&jid=1256225357&_v=j72&z=1830579612 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-47204784-3&cid=743812715.1545331253&jid=1256225357&_v=j72&z=1830579612&slf_rd=1&random=3519351585
Request Chain 23
  • https://staging.windowsreport.com/wp-content/uploads/2018/05/5-stars-trustpilot-orange.png HTTP 302
  • https://cdn.staging.windowsreport.com/wp-content/uploads/2018/05/5-stars-trustpilot-orange.png
Request Chain 65
  • https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 HTTP 0
  • https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 HTTP 0
  • https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 HTTP 0
  • https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Request Chain 66
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 81
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 96
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si

100 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
windowsreport.com/msmpeng-exe-high-cpu-usage/ 		106 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.251.186.217 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
edge.presslabs.net
Software
nginx /
Resource Hash
00a7dd60bc7fab7904f41946947c1d248e5dee22fa9d29ab282367f79b2de293

Request headers

:method
GET
:authority
windowsreport.com
:scheme
https
:path
/msmpeng-exe-high-cpu-usage/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
nginx
date
Thu, 20 Dec 2018 18:40:52 GMT
content-type
text/html; charset=UTF-8
link
<https://windowsreport.com/wp-json/>; rel="https://api.w.org/" <https://windowsreport.com/?p=42063>; rel=shortlink
vary
Accept-Encoding, Cookie
last-modified
Thu, 20 Dec 2018 16:20:09 GMT
x-presslabs-stats
EXPIRED; 0.246s; 35 queries; desktop; ttl 86400s; refresh in 77957s
content-encoding
gzip
x-request-id
bf1e89799bdcba34191e6f3dccd1030e
6de16fc130041c19f4d7877e77980334.css
cdn.windowsreport.com/wp-content/cache/min/1/ 		284 KB
77 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.windowsreport.com/wp-content/cache/min/1/6de16fc130041c19f4d7877e77980334.css
Requested by
Host: windowsreport.com
URL: https://windowsreport.com/msmpeng-exe-high-cpu-usage/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.251.186.217 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
edge.presslabs.net
Software
nginx /
Resource Hash
afff4cc38ce2ada34c1fb3d1083c57e2890241fa43f2ca344d01e668731e8d7c

Request headers

:path
/wp-content/cache/min/1/6de16fc130041c19f4d7877e77980334.css
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
cdn.windowsreport.com
referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
:scheme
https
:method
GET
Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 20 Dec 2018 18:40:52 GMT
content-encoding
gzip
last-modified
Tue, 18 Dec 2018 15:02:57 GMT
server
nginx
etag
W/"5c190c21-4703b"
x-presslabs-cache
HIT
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age = 315360000
x-cache-groups
assets
x-request-id
0153866b8fd2808c4ca36e9516c187d1
expires
Thu, 31 Dec 2037 23:55:55 GMT
css
fonts.googleapis.com/ 		17 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C400i%7CDroid+Serif%3A700%7CRoboto+Slab%3A400%2C700%7COpen+Sans%3A400%2C700&ver=1.0.4
Requested by
Host: windowsreport.com
URL: https://windowsreport.com/msmpeng-exe-high-cpu-usage/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81f::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
5d4bfda2066d6ca971ebb8364b5d27d3f3bcfd8311ec1103465aa8010109b954
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
Origin
https://windowsreport.com

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 20 Dec 2018 18:40:52 GMT
server
ESF
access-control-allow-origin
*
date
Thu, 20 Dec 2018 18:40:52 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
1; mode=block
expires
Thu, 20 Dec 2018 18:40:52 GMT
Logo_win1.svg
cdn.windowsreport.com/wp-content/uploads/2015/11/ 		12 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.windowsreport.com/wp-content/uploads/2015/11/Logo_win1.svg
Requested by
Host: windowsreport.com
URL: https://windowsreport.com/msmpeng-exe-high-cpu-usage/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.251.186.217 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
edge.presslabs.net
Software
nginx /
Resource Hash
57fb8ace898d66c58be20f4529f92726da6017021a7b7597be461986874fec09

Request headers

:path
/wp-content/uploads/2015/11/Logo_win1.svg
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
cdn.windowsreport.com
referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
:scheme
https
:method
GET
Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 20 Dec 2018 18:40:52 GMT
content-encoding
gzip
last-modified
Thu, 05 Nov 2015 08:37:37 GMT
server
nginx
etag
W/"563b1551-2ef2"
x-presslabs-cache
HIT
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
max-age = 315360000
x-request-id
1db9091bc159ab09eb05962269d07a6a
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo-wr-desktop.png
cdn.windowsreport.com/wp-content/themes/windowsbuzz/assets/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.windowsreport.com/wp-content/themes/windowsbuzz/assets/images/logo-wr-desktop.png
Requested by
Host: windowsreport.com
URL: https://windowsreport.com/msmpeng-exe-high-cpu-usage/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.251.186.217 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
edge.presslabs.net
Software
nginx /
Resource Hash
993478951f95680f656b9ae25533a4e8ce165c207eee99be97e1fb9853f4255e

Request headers

:path
/wp-content/themes/windowsbuzz/assets/images/logo-wr-desktop.png
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
cdn.windowsreport.com
referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
:scheme
https
:method
GET
Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 20 Dec 2018 18:40:52 GMT
content-encoding
gzip
last-modified
Thu, 13 Dec 2018 16:18:12 GMT
server
nginx
etag
W/"5c128644-1649"
x-presslabs-cache
HIT
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age = 315360000
x-cache-groups
assets
x-request-id
1db9091bc159ab09eb05962269d07a6a
expires
Thu, 31 Dec 2037 23:55:55 GMT
addthis_widget.js
s7.addthis.com/js/300/ 		350 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: windowsreport.com
URL: https://windowsreport.com/msmpeng-exe-high-cpu-usage/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.18.232.15 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-15.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
360b1613f5f53960ba8480a0eca10c4ecb4904fcd2afe6c61f754282e5a8c889

Request headers

Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 20 Dec 2018 18:40:52 GMT
content-encoding
gzip
surrogate-key
client_dist
last-modified
Fri, 07 Dec 2018 15:34:47 GMT
etag
"5c0a9317-5762f"
vary
Accept-Encoding
x-distribution
99
cache-tag
client_dist
status
200
cache-control
public, max-age=600
x-host
s7.addthis.com
accept-ranges
bytes
timing-allow-origin
*
content-type
application/javascript
bundle.js
cdn.windowsreport.com/wp-content/plugins/wordlift/js/dist/ 		1 KB
1002 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.windowsreport.com/wp-content/plugins/wordlift/js/dist/bundle.js?ver=3.19.5
Requested by
Host: windowsreport.com
URL: https://windowsreport.com/msmpeng-exe-high-cpu-usage/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.251.186.217 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
edge.presslabs.net
Software
nginx /
Resource Hash
8d9da0061165446289cbe0c502137799056d1af3f80c063e8d7b219d38ce3ed2

Request headers

:path
/wp-content/plugins/wordlift/js/dist/bundle.js?ver=3.19.5
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
cdn.windowsreport.com
referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
:scheme
https
:method
GET
Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 20 Dec 2018 18:40:52 GMT
content-encoding
gzip
last-modified
Thu, 13 Dec 2018 16:18:12 GMT
server
nginx
etag
W/"5c128644-5be"
x-presslabs-cache
HIT
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age = 315360000
x-cache-groups
assets
x-request-id
1ca36346a046d458abbedbd3c60a25ea
expires
Thu, 31 Dec 2037 23:55:55 GMT
onejs
z-na.amazon-adsystem.com/widgets/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=76994584-a99a-42c9-b3d3-03987f89c368
Requested by
Host: windowsreport.com
URL: https://windowsreport.com/msmpeng-exe-high-cpu-usage/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.99.120 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-99-120.fra50.r.cloudfront.net
Software
Server /
Resource Hash
9adb8d668a191b1b2434af82cf7c0ea59ff981993b4fcdbaf1ca1efd336c9aed

Request headers

Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 19 Dec 2018 20:23:24 GMT
content-encoding
gzip
age
80248
x-cache
Hit from cloudfront
status
200
cneonction
close
content-length
7302
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
pragma
Public
server
Server
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
charset
UTF-8
cache-control
public,max-age=300,s-maxage=300,no-transform
x-amz-cf-id
ETqZAkL3zgIxuWFhSruocDjFgOIoM0c7YjFbbp4bWOI4t_V9oqqpRQ==
expires
Wed, 19 Dec 2018 20:28:24 GMT
dfdf7f6d4193439e0813a17366c7a74a.js
cdn.windowsreport.com/wp-content/cache/min/1/ 		274 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.windowsreport.com/wp-content/cache/min/1/dfdf7f6d4193439e0813a17366c7a74a.js
Requested by
Host: windowsreport.com
URL: https://windowsreport.com/msmpeng-exe-high-cpu-usage/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.251.186.217 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
edge.presslabs.net
Software
nginx /
Resource Hash
7e3536b473a693c28310d049b997a52bb4b2a78dc79aaafc7ec86e93154dd3d1

Request headers

:path
/wp-content/cache/min/1/dfdf7f6d4193439e0813a17366c7a74a.js
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
cdn.windowsreport.com
referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
:scheme
https
:method
GET
Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 20 Dec 2018 18:40:52 GMT
content-encoding
gzip
last-modified
Thu, 20 Dec 2018 15:42:20 GMT
server
nginx
etag
W/"5c1bb85c-44706"
x-presslabs-cache
MISS
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age = 315360000
x-cache-groups
assets
x-request-id
623ce29835e6ad950bc7de7682d452cf
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a3479b45d477eb8429f4be8a396050d90f894559a72068ec3593ec43f586d138

Request headers

Response headers

Content-Type
image/gif
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v15/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: windowsreport.com
URL: https://windowsreport.com/msmpeng-exe-high-cpu-usage/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C400i%7CDroid+Serif%3A700%7CRoboto+Slab%3A400%2C700%7COpen+Sans%3A400%2C700&ver=1.0.4
Origin
https://windowsreport.com

Response headers

date
Wed, 12 Dec 2018 18:35:53 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 21:49:46 GMT
server
sffe
age
691499
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
8892
x-xss-protection
1; mode=block
expires
Thu, 12 Dec 2019 18:35:53 GMT
search.png
cdn.windowsreport.com/wp-content/themes/windowsbuzz/assets/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.windowsreport.com/wp-content/themes/windowsbuzz/assets/images/search.png
Requested by
Host: windowsreport.com
URL: https://windowsreport.com/msmpeng-exe-high-cpu-usage/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.251.186.217 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
edge.presslabs.net
Software
nginx /
Resource Hash
3c459ed7d4f570bbe550d52d7410954041052617a3258d17796049f126502b8d

Request headers

:path
/wp-content/themes/windowsbuzz/assets/images/search.png
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
cdn.windowsreport.com
referer
https://cdn.windowsreport.com/wp-content/cache/min/1/6de16fc130041c19f4d7877e77980334.css
:scheme
https
:method
GET
Referer
https://cdn.windowsreport.com/wp-content/cache/min/1/6de16fc130041c19f4d7877e77980334.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 20 Dec 2018 18:40:52 GMT
content-encoding
gzip
last-modified
Thu, 13 Dec 2018 16:18:12 GMT
server
nginx
etag
W/"5c128644-b48"
x-presslabs-cache
HIT
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age = 315360000
x-cache-groups
assets
x-request-id
5cd3c67f9ac888f2cd8fba4ff5d352d6
expires
Thu, 31 Dec 2037 23:55:55 GMT
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v15/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
Requested by
Host: windowsreport.com
URL: https://windowsreport.com/msmpeng-exe-high-cpu-usage/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
fe32c9921874b35b87acb0a3b558784ca7b9fed91ed34c1d2a68b6566c9d09be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C400i%7CDroid+Serif%3A700%7CRoboto+Slab%3A400%2C700%7COpen+Sans%3A400%2C700&ver=1.0.4
Origin
https://windowsreport.com

Response headers

date
Tue, 18 Dec 2018 13:12:34 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 21:49:39 GMT
server
sffe
age
192498
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
8800
x-xss-protection
1; mode=block
expires
Wed, 18 Dec 2019 13:12:34 GMT
tDbV2oqRg1oM3QBjjcaDkOJGiRD7OwGtT0rU.woff2
fonts.gstatic.com/s/droidserif/v8/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/droidserif/v8/tDbV2oqRg1oM3QBjjcaDkOJGiRD7OwGtT0rU.woff2
Requested by
Host: windowsreport.com
URL: https://windowsreport.com/msmpeng-exe-high-cpu-usage/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
c0d9118bc9fe475ca6cf7f36715a68424a8cdfa2af81cf6c9f363f093d65a899
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C400i%7CDroid+Serif%3A700%7CRoboto+Slab%3A400%2C700%7COpen+Sans%3A400%2C700&ver=1.0.4
Origin
https://windowsreport.com

Response headers

date
Tue, 18 Dec 2018 13:33:43 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 18:25:00 GMT
server
sffe
age
191229
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13136
x-xss-protection
1; mode=block
expires
Wed, 18 Dec 2019 13:33:43 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5994
Redirect Chain
  • https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
  • https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
  • https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
  • https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
42 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Response headers

date
Fri, 07 Dec 2018 21:39:01 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:51 GMT
server
sffe
age
1112511
content-type
font/woff2
status
200
cache-control
public, max-age=31536000
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
10748
x-xss-protection
1; mode=block
expires
Sat, 07 Dec 2019 21:39:01 GMT
truncated
/ 		26 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
20fabfa803d080cde34001dc0371473d089cb619e20ea2e1d99c16832af9ed1f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin
https://windowsreport.com

Response headers

Content-Type
application/font-woff;charset=utf-8
KFOkCnqEu92Fr1Mu51xIIzIXKMny.woff2
fonts.gstatic.com/s/roboto/v18/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOkCnqEu92Fr1Mu51xIIzIXKMny.woff2
Requested by
Host: windowsreport.com
URL: https://windowsreport.com/msmpeng-exe-high-cpu-usage/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
64565561ddb338a11ffce5b84aa53fa6e8fd203c34208e61eb5602cd08bf527f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C400i%7CDroid+Serif%3A700%7CRoboto+Slab%3A400%2C700%7COpen+Sans%3A400%2C700&ver=1.0.4
Origin
https://windowsreport.com

Response headers

date
Sat, 08 Dec 2018 16:23:33 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:48 GMT
server
sffe
age
1045039
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
12352
x-xss-protection
1; mode=block
expires
Sun, 08 Dec 2019 16:23:33 GMT
lazyload-10.17.min.js
cdn.windowsreport.com/wp-content/plugins/wp-rocket/inc/front/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.windowsreport.com/wp-content/plugins/wp-rocket/inc/front/js/lazyload-10.17.min.js
Requested by
Host: windowsreport.com
URL: https://windowsreport.com/msmpeng-exe-high-cpu-usage/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.251.186.217 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
edge.presslabs.net
Software
nginx /
Resource Hash
312e71f4f53cd28a50eaa9cdfffc02a6056e7e888d5774163159be56f50920e3

Request headers

:path
/wp-content/plugins/wp-rocket/inc/front/js/lazyload-10.17.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
cdn.windowsreport.com
referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
:scheme
https
:method
GET
Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 20 Dec 2018 18:40:52 GMT
content-encoding
gzip
last-modified
Tue, 18 Dec 2018 14:38:07 GMT
server
nginx
etag
W/"5c19064f-140a"
x-presslabs-cache
HIT
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age = 315360000
x-cache-groups
assets
x-request-id
f5d95ae571e66bdacd5addc615307866
expires
Thu, 31 Dec 2037 23:55:55 GMT
N4I6g9KqHozN.js
windowsreport.com/ 		1 KB
941 B 		Script
General
Check archive.org
Download Go to
Full URL
https://windowsreport.com/N4I6g9KqHozN.js?ts=8914
Requested by
Host: cdn.windowsreport.com
URL: https://cdn.windowsreport.com/wp-content/cache/min/1/dfdf7f6d4193439e0813a17366c7a74a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.251.186.217 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
edge.presslabs.net
Software
nginx /
Resource Hash
3fa473d6b3c64226cfee6729a9c111dcef10b1312b1f5806036e7ea8348b2f7d

Request headers

:path
/N4I6g9KqHozN.js?ts=8914
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
windowsreport.com
referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
:scheme
https
:method
GET
Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 20 Dec 2018 18:40:52 GMT
content-encoding
gzip
last-modified
Tue, 24 Apr 2018 10:03:37 GMT
server
nginx
etag
W/"5adf00f9-5c4"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
no-cache
x-request-id
892478e2b2c3654b8e74d07b1a535fb0
expires
Thu, 01 Jan 1970 00:00:01 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=windowsreport.com
Requested by
Host: cdn.windowsreport.com
URL: https://cdn.windowsreport.com/wp-content/cache/min/1/dfdf7f6d4193439e0813a17366c7a74a.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81f::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 20 Dec 2018 18:40:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
104
x-xss-protection
1; mode=block
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=windowsreport.com
Requested by
Host: cdn.windowsreport.com
URL: https://cdn.windowsreport.com/wp-content/cache/min/1/dfdf7f6d4193439e0813a17366c7a74a.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:815::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 20 Dec 2018 18:40:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
104
x-xss-protection
1; mode=block
pubads_impl_285.js
securepubads.g.doubleclick.net/gpt/ 		185 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_285.js
Requested by
Host: cdn.windowsreport.com
URL: https://cdn.windowsreport.com/wp-content/cache/min/1/dfdf7f6d4193439e0813a17366c7a74a.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
sffe /
Resource Hash
1ac9fa9872f44a78a1ce3148d2e3b1c108514e8b3d27ab078463be54a1a5506f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 20 Dec 2018 18:40:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 10 Dec 2018 19:48:19 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
64605
x-xss-protection
1; mode=block
expires
Thu, 20 Dec 2018 18:40:54 GMT
overlay.png
cdn.windowsreport.com/wp-content/plugins/cookie-law-info-modified/images/ 		135 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.windowsreport.com/wp-content/plugins/cookie-law-info-modified/images/overlay.png
Requested by
Host: cdn.windowsreport.com
URL: https://cdn.windowsreport.com/wp-content/cache/min/1/dfdf7f6d4193439e0813a17366c7a74a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.251.186.217 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
edge.presslabs.net
Software
nginx /
Resource Hash
4b456e49e6c017d53be594d467c4508368dbe32ea0fd52a4b0718d5dc1862d51

Request headers

:path
/wp-content/plugins/cookie-law-info-modified/images/overlay.png
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
cdn.windowsreport.com
referer
https://cdn.windowsreport.com/wp-content/cache/min/1/6de16fc130041c19f4d7877e77980334.css
:scheme
https
:method
GET
Referer
https://cdn.windowsreport.com/wp-content/cache/min/1/6de16fc130041c19f4d7877e77980334.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 20 Dec 2018 18:40:52 GMT
last-modified
Thu, 13 Dec 2018 16:18:11 GMT
server
nginx
etag
"5c128643-87"
x-presslabs-cache
HIT
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age = 315360000
accept-ranges
bytes
x-cache-groups
assets
content-length
135
x-request-id
15fae16bab4404aa083afcc64640c697
expires
Thu, 31 Dec 2037 23:55:55 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j72&a=2009420948&t=pageview&_s=1&dl=https%3A%2F%2Fwindowsreport.com%2Fmsmpeng-exe-high-cpu-usage%2F&ul=en-us&de=UTF-8&dt=Fix%3A%20MsMpEng.exe%20cau...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-47204784-3&cid=743812715.1545331253&jid=1256225357&_gid=300071285.1545331253&gjid=1744995497&_v=j72&z=1830579612
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-47204784-3&cid=743812715.1545331253&jid=1256225357&_v=j72&z=1830579612
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-47204784-3&cid=743812715.1545331253&jid=1256225357&_v=j72&z=1830579612&slf_rd=1&random=3519351585
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-47204784-3&cid=743812715.1545331253&jid=1256225357&_v=j72&z=1830579612&slf_rd=1&random=3519351585
Requested by
Host: windowsreport.com
URL: https://windowsreport.com/msmpeng-exe-high-cpu-usage/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81f::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Dec 2018 18:40:53 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 20 Dec 2018 18:40:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-47204784-3&cid=743812715.1545331253&jid=1256225357&_v=j72&z=1830579612&slf_rd=1&random=3519351585
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
5-stars-trustpilot-orange.png
cdn.staging.windowsreport.com/wp-content/uploads/2018/05/
Redirect Chain
  • https://staging.windowsreport.com/wp-content/uploads/2018/05/5-stars-trustpilot-orange.png
  • https://cdn.staging.windowsreport.com/wp-content/uploads/2018/05/5-stars-trustpilot-orange.png
1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.staging.windowsreport.com/wp-content/uploads/2018/05/5-stars-trustpilot-orange.png
Requested by
Host: windowsreport.com
URL: https://windowsreport.com/msmpeng-exe-high-cpu-usage/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.115.114.66 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC-01 - Leaseweb USA, Inc., US),
Reverse DNS
edge.presslabs.net
Software
nginx /
Resource Hash
ee8352cf2610fd6c436cefe16b8ed07bd4a7c8da888465ed0c6b2f2058efefa8

Request headers

:path
/wp-content/uploads/2018/05/5-stars-trustpilot-orange.png
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
cdn.staging.windowsreport.com
referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
:scheme
https
:method
GET
Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 20 Dec 2018 18:41:00 GMT
content-encoding
gzip
last-modified
Fri, 26 Oct 2018 12:39:53 GMT
server
nginx
etag
W/"5bd30b19-589"
x-presslabs-cache
HIT
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age = 315360000
x-request-id
8f799e1c715aca5225d678ae034c6ba4
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date
Thu, 20 Dec 2018 18:41:00 GMT
server
nginx
status
302
vary
Accept-Encoding
content-type
text/html
location
https://cdn.staging.windowsreport.com/wp-content/uploads/2018/05/5-stars-trustpilot-orange.png
cache-control
max-age = 315360000
x-robots-tag
noindex, nofollow
content-length
154
x-request-id
4514247dd0b060a7ec591c886fb19263
expires
Thu, 31 Dec 2037 23:55:55 GMT
_ate.track.config_resp
m.addthisedge.com/live/boost/ra-56b7288c46ce7c2e/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.addthisedge.com/live/boost/ra-56b7288c46ce7c2e/_ate.track.config_resp
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.18.232.15 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-15.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.8.v20180619) /
Resource Hash
06530131fa33701a5841c404996a8cbce7730113f4b91c071a15c69e2c922d7c

Request headers

Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 20 Dec 2018 18:40:53 GMT
content-encoding
gzip
surrogate-key
ra-56b7288c46ce7c2e
server
Jetty(9.4.8.v20180619)
etag
-468587581--gzip
vary
Accept-Encoding
cache-tag
ra-56b7288c46ce7c2e
status
200
cache-control
public, max-age=57, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-type
application/javascript;charset=utf-8
content-length
836
getad
aax-us-east.amazon-adsystem.com/x/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aax-us-east.amazon-adsystem.com/x/getad?src=330&c=100&sz=1x1&apiVersion=2.0&pj=%7B%22overwrite%22%3A%22false%22%2C%22div_name%22%3A%22amzn-assoc-ad-76994584-a99a-42c9-b3d3-03987f89c368%22%2C%22tracking_id%22%3A%22growmedia-20%22%2C%22ad_type%22%3A%22one_tag%22%2C%22marketplace%22%3A%22amazon%22%2C%22enable_geo_redirection%22%3A%22true%22%2C%22enable_auto_tagging%22%3A%22false%22%2C%22region%22%3A%22US%22%2C%22placement%22%3A%22adunit%22%2C%22viewerCountry%22%3A%22DE%22%2C%22textlinks%22%3A%22%22%2C%22debug%22%3A%22false%22%2C%22acap_publisherId%22%3A%22growmedia-20%22%2C%22slotNum%22%3A0%7D&u=https%3A%2F%2Fwindowsreport.com%2Fmsmpeng-exe-high-cpu-usage%2F&jscb=amzn_assoc_jsonp_callback_adunit_0
Requested by
Host: z-na.amazon-adsystem.com
URL: https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=76994584-a99a-42c9-b3d3-03987f89c368
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.232.33 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Server /
Resource Hash
9958778c9ef7b0a8c6ac06f5949a2f9e02b747139ae79dd573229e0edb828267

Request headers

Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 20 Dec 2018 18:40:56 GMT
Content-Encoding
gzip
Vary
Accept-Encoding,User-Agent
Server
Server
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
collect
www.google-analytics.com/ 		35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j72&a=2009420948&t=event&_s=2&dl=https%3A%2F%2Fwindowsreport.com%2Fmsmpeng-exe-high-cpu-usage%2F&ul=en-us&de=UTF-8&dt=Fix%3A%20MsMpEng.exe%20causes%20high%20CPU%20usage%20on%20Windows%2010%2C%20Windows%207&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=ads&ea=view&_u=KEBAAEAB~&jid=&gjid=&cid=743812715.1545331253&tid=UA-47204784-3&_gid=300071285.1545331253&z=1631116000
Requested by
Host: windowsreport.com
URL: https://windowsreport.com/msmpeng-exe-high-cpu-usage/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81c::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Dec 2018 07:30:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
126614
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j72&a=2009420948&t=event&_s=3&dl=https%3A%2F%2Fwindowsreport.com%2Fmsmpeng-exe-high-cpu-usage%2F&ul=en-us&de=UTF-8&dt=Fix%3A%20MsMpEng.exe%20causes%20high%20CPU%20usage%20on%20Windows%2010%2C%20Windows%207&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=ads&ea=view&_u=KEBAAEAB~&jid=&gjid=&cid=743812715.1545331253&tid=UA-47204784-3&_gid=300071285.1545331253&z=2039140625
Requested by
Host: windowsreport.com
URL: https://windowsreport.com/msmpeng-exe-high-cpu-usage/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81c::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Dec 2018 07:30:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
126614
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j72&a=2009420948&t=event&_s=4&dl=https%3A%2F%2Fwindowsreport.com%2Fmsmpeng-exe-high-cpu-usage%2F&ul=en-us&de=UTF-8&dt=Fix%3A%20MsMpEng.exe%20causes%20high%20CPU%20usage%20on%20Windows%2010%2C%20Windows%207&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=ads&ea=view&_u=KEBAAEAB~&jid=&gjid=&cid=743812715.1545331253&tid=UA-47204784-3&_gid=300071285.1545331253&z=2049469011
Requested by
Host: windowsreport.com
URL: https://windowsreport.com/msmpeng-exe-high-cpu-usage/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81c::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Dec 2018 07:30:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
126614
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
madeleine-dean-3-64x64.jpg
cdn.windowsreport.com/wp-content/uploads/2018/02/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.windowsreport.com/wp-content/uploads/2018/02/madeleine-dean-3-64x64.jpg
Requested by
Host: windowsreport.com
URL: https://windowsreport.com/msmpeng-exe-high-cpu-usage/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.251.186.217 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
edge.presslabs.net
Software
nginx /
Resource Hash
1c04a8931a29afef114cb7a70965a364383ad6c4152931fe80e8afb744bfb671

Request headers

:path
/wp-content/uploads/2018/02/madeleine-dean-3-64x64.jpg
pragma
no-cache
cookie
_ga=GA1.2.743812715.1545331253; _gid=GA1.2.300071285.1545331253; _gat=1
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
cdn.windowsreport.com
referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
:scheme
https
:method
GET
Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 20 Dec 2018 18:40:52 GMT
last-modified
Tue, 30 Oct 2018 11:16:39 GMT
server
nginx
etag
"5bd83d97-62f"
x-presslabs-cache
HIT
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age = 315360000
accept-ranges
bytes
content-length
1583
x-request-id
fa17a8477127d8c7693f902f6cfa3e40
expires
Thu, 31 Dec 2037 23:55:55 GMT
msmpeng-exe-high-cpu-usage.jpg
cdn.windowsreport.com/wp-content/uploads/2016/07/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.windowsreport.com/wp-content/uploads/2016/07/msmpeng-exe-high-cpu-usage.jpg
Requested by
Host: windowsreport.com
URL: https://windowsreport.com/msmpeng-exe-high-cpu-usage/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.251.186.217 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
edge.presslabs.net
Software
nginx /
Resource Hash
2ed77b0c4df1a95818e4b8896dac3cb46117b02e391b59f45e0d05c774884dd7

Request headers

:path
/wp-content/uploads/2016/07/msmpeng-exe-high-cpu-usage.jpg
pragma
no-cache
cookie
_ga=GA1.2.743812715.1545331253; _gid=GA1.2.300071285.1545331253; _gat=1
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
cdn.windowsreport.com
referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
:scheme
https
:method
GET
Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 20 Dec 2018 18:40:52 GMT
last-modified
Tue, 31 Oct 2017 10:42:05 GMT
server
nginx
etag
"59f8537d-6052"
x-presslabs-cache
HIT
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age = 315360000
accept-ranges
bytes
content-length
24658
x-request-id
fa17a8477127d8c7693f902f6cfa3e40
expires
Thu, 31 Dec 2037 23:55:55 GMT
layers.c387ea0d8ef6d16b44e4.js
s7.addthis.com/static/ 		261 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/layers.c387ea0d8ef6d16b44e4.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.18.232.15 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-15.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
be5d411b5193346b9e9b033e7f8dba791d8150c114758e75aac7ab1f6523301b

Request headers

Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 20 Dec 2018 18:40:53 GMT
content-encoding
gzip
last-modified
Thu, 29 Nov 2018 19:12:06 GMT
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=86313600
x-host
s7.addthis.com
accept-ranges
bytes
timing-allow-origin
*
ads-beacon.js
windowsreport.com/ 		81 B
280 B 		Script
General
Check archive.org
Download Go to
Full URL
https://windowsreport.com/ads-beacon.js?ts=7034
Requested by
Host: windowsreport.com
URL: https://windowsreport.com/N4I6g9KqHozN.js?ts=8914
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.251.186.217 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
edge.presslabs.net
Software
nginx /
Resource Hash
06dd7353ee23b5fe89ab19d1c01a0a8b8cacd3bdb755f7e2281acecc6ea37114

Request headers

:path
/ads-beacon.js?ts=7034
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
windowsreport.com
referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
:scheme
https
:method
GET
Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 20 Dec 2018 18:40:53 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
no-cache
x-request-id
e80f58e36df53f9f5babc49c56073f4b
expires
Thu, 01 Jan 1970 00:00:01 GMT
14.e24bd776b1b9bc9a49f7.js
s7.addthis.com/static/ 		397 B
567 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/14.e24bd776b1b9bc9a49f7.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.18.232.15 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-15.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
996420c6fbcdb1e9a21ecb91ddef2fb49c7a0a968e420cd2aa14424e84123288

Request headers

Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 20 Dec 2018 18:40:53 GMT
last-modified
Thu, 04 Oct 2018 14:45:17 GMT
content-type
application/javascript
status
200
cache-control
public, max-age=86313600
x-host
s7.addthis.com
accept-ranges
bytes
timing-allow-origin
*
content-length
397
126.84e45ace391f9e75d402.js
s7.addthis.com/static/ 		418 B
588 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/126.84e45ace391f9e75d402.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.18.232.15 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-15.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f935331ff81984f9961a2068163dcf109ce4578d14877cb21cda3771773686b4

Request headers

Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 20 Dec 2018 18:40:53 GMT
last-modified
Thu, 29 Nov 2018 19:12:06 GMT
content-type
application/javascript
status
200
cache-control
public, max-age=86313600
x-host
s7.addthis.com
accept-ranges
bytes
timing-allow-origin
*
content-length
418
/
graph.facebook.com/ 		163 B
560 B 		Script
General
Check archive.org
Download Go to
Full URL
https://graph.facebook.com/?id=https%3A%2F%2Fwindowsreport.com%2Fmsmpeng-exe-high-cpu-usage%2F&callback=_ate.cbs.rcb_8pqx0
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f02d:e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
e41a0e6e3635607f4de54907128f5022334fedab601dbdf3cb022bb522787e99
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
x-fb-debug
VHxertAdzKSmEkDQo9X1U0MLLfk1ZB8TEDvPoL8xq8egTZM9l8+2FLz8LjoBgL3mSxNIiV2+ZMZiYRyUuaN4EQ==
x-fb-trace-id
CE2KeiC/oYp
x-app-usage
{"call_count":0,"total_cputime":0,"total_time":0}
access-control-allow-origin
*
etag
"5436a86196c871b94a5fd397491fb56cfd9438e0"
strict-transport-security
max-age=15552000; preload
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, no-cache, no-store, must-revalidate
date
Thu, 20 Dec 2018 18:40:54 GMT
x-fb-rev
4651380
facebook-api-version
v2.8
content-length
163
expires
Sat, 01 Jan 2000 00:00:00 GMT
count.json
widgets.pinterest.com/v1/urls/ 		100 B
548 B 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fwindowsreport.com%2Fmsmpeng-exe-high-cpu-usage%2F&callback=window._ate.cbs.rcb_2dnr0
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.192.84 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
3a369aadde81f32378e9a55c978c2cc385b521a57d6e52b2f0a1459485ad40d2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-pinterest-host
widgets.pinterest.com
Date
Thu, 20 Dec 2018 18:41:01 GMT
x-content-type-options
nosniff
x-compress-hint
on
Age
7
Transfer-Encoding
chunked
content-type
application/javascript
access-control-allow-origin
*
cache-control
must-revalidate, max-age=887
x-envoy-upstream-service-time
0
Connection
keep-alive
x-pinterest-rid
562766584881
expires
Thu, 20 Dec 2018 18:55:54 GMT
share
www.linkedin.com/countserv/count/ 		125 B
366 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.linkedin.com/countserv/count/share?url=https%3A%2F%2Fwindowsreport.com%2Fmsmpeng-exe-high-cpu-usage%2F&callback=atajsshctcbSOlMn
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:109:c002::6cae:a0a , United States, ASN14413 (LINKEDIN - LinkedIn Corporation, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
6978ace6ad07aeec8b5f8fdaff14c33f0dfddf9120f655741295a3d038ce6cc0
Security Headers
Name Value
Content-Security-Policy default-src *; connect-src 'self' static.licdn.com media.licdn.com static-exp1.licdn.com static-exp2.licdn.com media-exp1.licdn.com media-exp2.licdn.com https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' platform.linkedin.com spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 20 Dec 2018 18:40:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
x-li-pop
prod-edc2
x-li-uuid
zJPLhpYechUAIi/QGysAAA==
pragma
no-cache
server
Apache-Coyote/1.1
x-frame-options
sameorigin
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
vary
Accept-Encoding
strict-transport-security
max-age=2592000
content-type
text/javascript;charset=UTF-8
x-xss-protection
1; mode=block
cache-control
no-cache, no-store
content-security-policy
default-src *; connect-src 'self' static.licdn.com media.licdn.com static-exp1.licdn.com static-exp2.licdn.com media-exp1.licdn.com media-exp2.licdn.com https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' platform.linkedin.com spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-li-proto
http/2
x-li-fabric
prod-lva1
expires
Thu, 01 Jan 1970 00:00:00 GMT
shares.json
api-public.addthis.com/url/ 		33 B
286 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fwindowsreport.com%2Fmsmpeng-exe-high-cpu-usage%2F&callback=_ate.cbs.rcb_8kgf0
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.18.232.15 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-15.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3c0c7e88fb621d08fb29031f27d1d80566c0811dde6ad3d493e97eb21f34b44d

Request headers

Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 20 Dec 2018 18:40:54 GMT
content-encoding
gzip
surrogate-key
windowsreport.com/msmpeng-exe-high-cpu-usage/
last-modified
Thu, 20 Dec 2018 18:40:54 GMT
vary
Accept-Encoding
x-varnish
2414525993
status
200
cache-control
no-transform, must-revalidate, max-age=0, s-maxage=3600
accept-ranges
bytes
content-type
application/json
content-length
53
/
graph.facebook.com/ 		548 B
486 B 		Script
General
Check archive.org
Download Go to
Full URL
https://graph.facebook.com/?id=http%3A%2F%2Fwindowsreport.com%2Fmsmpeng-exe-high-cpu-usage%2F&callback=_ate.cbs.rcb_9oow0
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f02d:e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
6b5f136a4b15dd23118180ca54af5b9ecb20f19799b44a5ed86993d58d6303d2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-app-usage
{"call_count":0,"total_cputime":0,"total_time":0}
status
200
date
Thu, 20 Dec 2018 18:40:54 GMT
x-fb-rev
4651380
content-length
306
pragma
no-cache
x-fb-debug
U9idPHLJGiN3zi7WaPny7Ct8WMfkADt4WTm7hZO0n2GLAWuaPujvEDar+cUASXhMHBwP+UST6F8H2t5Sb1LlRA==
x-fb-trace-id
AgCsEbbDaXh
etag
"ea6da5920ca327118a816da9533a11c304d54f6b"
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
facebook-api-version
v2.8
expires
Sat, 01 Jan 2000 00:00:00 GMT
count.json
widgets.pinterest.com/v1/urls/ 		99 B
547 B 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fwindowsreport.com%2Fmsmpeng-exe-high-cpu-usage%2F&callback=window._ate.cbs.rcb_26t10
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.84 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
70a903f22a4c30accb036af7399ba29cae74d185d08fbb2ddae6b2e4ca9f600c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-pinterest-host
widgets.pinterest.com
Date
Thu, 20 Dec 2018 18:41:02 GMT
x-content-type-options
nosniff
x-compress-hint
on
Age
0
Transfer-Encoding
chunked
content-type
application/javascript
access-control-allow-origin
*
cache-control
must-revalidate, max-age=887
x-envoy-upstream-service-time
1
Connection
keep-alive
x-pinterest-rid
558085737577
expires
Thu, 20 Dec 2018 18:56:02 GMT
share
www.linkedin.com/countserv/count/ 		124 B
187 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.linkedin.com/countserv/count/share?url=http%3A%2F%2Fwindowsreport.com%2Fmsmpeng-exe-high-cpu-usage%2F&callback=atajsshctcbpZCfn
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:109:c002::6cae:a0a , United States, ASN14413 (LINKEDIN - LinkedIn Corporation, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
f584b85d50c501bae1837082a43eadac741057468421991f824b424c70b90665
Security Headers
Name Value
Content-Security-Policy default-src *; connect-src 'self' static.licdn.com media.licdn.com static-exp1.licdn.com static-exp2.licdn.com media-exp1.licdn.com media-exp2.licdn.com https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' platform.linkedin.com spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 20 Dec 2018 18:40:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
x-li-pop
prod-edc2
x-li-uuid
7D9Mh5YechUgjE1SGisAAA==
pragma
no-cache
server
Apache-Coyote/1.1
x-frame-options
sameorigin
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
vary
Accept-Encoding
strict-transport-security
max-age=2592000
content-type
text/javascript;charset=UTF-8
x-xss-protection
1; mode=block
cache-control
no-cache, no-store
content-security-policy
default-src *; connect-src 'self' static.licdn.com media.licdn.com static-exp1.licdn.com static-exp2.licdn.com media-exp1.licdn.com media-exp2.licdn.com https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' platform.linkedin.com spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-li-proto
http/2
x-li-fabric
prod-lva1
expires
Thu, 01 Jan 1970 00:00:00 GMT
shares.json
api-public.addthis.com/url/ 		33 B
286 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fwindowsreport.com%2Fmsmpeng-exe-high-cpu-usage%2F&callback=_ate.cbs.rcb_gvdz0
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.18.232.15 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-15.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
932e4adf60fc1acf90f5bdf50ea3a3b41e2b421e68432a3e139cdff882424520

Request headers

Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 20 Dec 2018 18:40:54 GMT
content-encoding
gzip
surrogate-key
windowsreport.com/msmpeng-exe-high-cpu-usage/
last-modified
Thu, 20 Dec 2018 18:40:54 GMT
vary
Accept-Encoding
x-varnish
2658273186
status
200
cache-control
no-transform, must-revalidate, max-age=0, s-maxage=3600
accept-ranges
bytes
content-type
application/json
content-length
53
truncated
/ 		443 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

Response headers

Content-Type
image/png
ads
securepubads.g.doubleclick.net/gampad/ 		513 B
854 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2928325066268892&correlator=76048881319629&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fif&adsid=NT&eid=21062287&vrg=285&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776&sc=1&sfv=1-0-31&iu=%2F52555387%2Fwindowsreport.com_300x250&sz=300x250&scp=yb_ab%3Db%26yb_dc%3Dd%26yb_mx%3Dm140%26yb_tt%3Dtt6%26yb_ff%3D0%26yb_th%3D10%26yb_tm%3D40%26yb_wd%3D4&cookie_enabled=1&bc=15&abxe=1&lmt=1545322809&dt=1545331254281&dlt=1545331252595&idt=1660&frm=20&biw=1585&bih=1200&oid=3&adx=1036&ady=108&adk=1554723562&uci=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwindowsreport.com%2Fmsmpeng-exe-high-cpu-usage%2F&dssz=38&icsg=820641792&std=0&vis=1&stss=1&dmc=8&scr_x=0&scr_y=0&psz=305x250&msz=305x250&ga_vid=1553637549.1545331254&ga_sid=1545331254&ga_hid=2009420948&fws=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_285.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
f975012d57c9c0ae0b4a4a66effc81f4f466edeee78ba580131dd2a984235a5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
Origin
https://windowsreport.com

Response headers

date
Thu, 20 Dec 2018 18:40:54 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
333
x-xss-protection
1; mode=block
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://windowsreport.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_285.js
securepubads.g.doubleclick.net/gpt/ 		57 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_285.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
sffe /
Resource Hash
c2e9508b71bc29948a47456789b208fccc0acfc27f105410d13f31967a1e15c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 20 Dec 2018 18:40:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 10 Dec 2018 19:48:19 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
21933
x-xss-protection
1; mode=block
expires
Thu, 20 Dec 2018 18:40:54 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-31/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-31/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_285.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:825::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Purpose
prefetch
Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers
ads
securepubads.g.doubleclick.net/gampad/ 		46 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2928325066268892&correlator=76048881319629&output=json_html&callback=googletag.impl.pubads.callbackProxy2&impl=fif&adsid=NT&eid=21062287&vrg=285&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776&sc=1&sfv=1-0-31&iu=%2F52555387%2Fwindowsreport.com_300x250&sz=300x250&scp=yb_ab%3Db%26yb_dc%3Dd%26yb_mx%3Dm136%26yb_tt%3Dtt9%26yb_ff%3D1%26yb_th%3D10%26yb_tm%3D40%26yb_wd%3D4&cookie_enabled=1&bc=15&abxe=1&lmt=1545322809&dt=1545331254296&dlt=1545331252595&idt=1660&frm=20&biw=1585&bih=1200&oid=3&adx=1036&ady=366&adk=2401883873&uci=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwindowsreport.com%2Fmsmpeng-exe-high-cpu-usage%2F&dssz=39&icsg=140738308997120&std=0&vis=1&stss=1&dmc=8&scr_x=0&scr_y=0&psz=305x250&msz=305x250&ga_vid=1553637549.1545331254&ga_sid=1545331254&ga_hid=2009420948&fws=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_285.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
993f7a0991d663dce7c8701da73b2a4794fe8a21bf6c08a9a6db57c74852f4a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
Origin
https://windowsreport.com

Response headers

date
Thu, 20 Dec 2018 18:40:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
9639
x-xss-protection
1; mode=block
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://windowsreport.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		48 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2928325066268892&correlator=76048881319629&output=json_html&callback=googletag.impl.pubads.callbackProxy3&impl=fif&adsid=NT&eid=21062287&vrg=285&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776&sc=1&sfv=1-0-31&iu=%2F52555387%2Fwindowsreport.com_300x600_1&sz=300x600&scp=yb_ab%3Db%26yb_dc%3Dd%26yb_mx%3Dm81%26yb_tt%3Dtt8%26yb_ff%3D1%26yb_th%3D10%26yb_tm%3D40%26yb_wd%3D4&cookie_enabled=1&bc=15&abxe=1&lmt=1545322809&dt=1545331254304&dlt=1545331252595&idt=1660&frm=20&biw=1585&bih=1200&oid=3&adx=1036&ady=5573&adk=379014135&uci=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwindowsreport.com%2Fmsmpeng-exe-high-cpu-usage%2F&dssz=39&icsg=140738308997120&std=0&vis=1&stss=1&dmc=8&scr_x=0&scr_y=0&psz=305x600&msz=305x600&ga_vid=1553637549.1545331254&ga_sid=1545331254&ga_hid=2009420948&fws=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_285.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
9bc80277fedc90e068ec9d2cf1f46e5c03f2d3e8ce8b1a7893829c997fc73d1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
Origin
https://windowsreport.com

Response headers

date
Thu, 20 Dec 2018 18:40:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
9775
x-xss-protection
1; mode=block
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://windowsreport.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		45 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2928325066268892&correlator=76048881319629&output=json_html&callback=googletag.impl.pubads.callbackProxy6&impl=fif&adsid=NT&eid=21062287&vrg=285&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776&sc=1&sfv=1-0-31&iu=%2F52555387%2Fwindowsreport.com_728x90&sz=728x90&scp=yb_ab%3Db%26yb_dc%3Dd%26yb_mx%3Dm72%26yb_tt%3Dtt9%26yb_ff%3D0%26yb_th%3D10%26yb_tm%3D40%26yb_wd%3D4&cookie_enabled=1&bc=15&abxe=1&lmt=1545322809&dt=1545331254325&dlt=1545331252595&idt=1660&frm=20&biw=1585&bih=1200&oid=3&adx=242&ady=417&adk=3510700742&uci=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwindowsreport.com%2Fmsmpeng-exe-high-cpu-usage%2F&dssz=39&icsg=140738308997120&std=0&vis=1&stss=1&dmc=8&scr_x=0&scr_y=0&psz=738x90&msz=738x90&ga_vid=1553637549.1545331254&ga_sid=1545331254&ga_hid=2009420948&fws=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_285.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
a27b256745aae3be0abc918f1aa1f4acb0d88b44ac78f2cafe322dcdcffbf68c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
Origin
https://windowsreport.com

Response headers

date
Thu, 20 Dec 2018 18:40:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
9546
x-xss-protection
1; mode=block
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://windowsreport.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
amp4ads-host-v0.js
cdn.ampproject.org/rtv/011812051624460/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011812051624460/amp4ads-host-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_285.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:820::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
d7f5a1ce1e8d7115ab62a8270aa6c91276761d22291ac6d3a90b282c9888d87b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
gzip
x-content-type-options
nosniff
age
204512
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
7754
x-xss-protection
1; mode=block
server
sffe
date
Tue, 18 Dec 2018 09:52:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"858d6f79c108609a"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Dec 2019 09:52:22 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/011812051624460/ Frame 03E1 		268 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011812051624460/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:820::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b9a309f5de96b3cef007a44cd3ebaeaaea10c4a50ee22de42784ad0dac67ed14
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
gzip
x-content-type-options
nosniff
age
685907
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
86897
x-xss-protection
1; mode=block
server
sffe
date
Wed, 12 Dec 2018 20:09:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"492d4f08a6978e21"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 12 Dec 2019 20:09:07 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/011812051624460/v0/ Frame 03E1 		129 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011812051624460/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:820::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5667ccb0d2c277279846ba00a5bf6ddf6f16f7f160e79530edf38836a40d72c1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
gzip
x-content-type-options
nosniff
age
126440
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
41338
x-xss-protection
1; mode=block
server
sffe
date
Wed, 19 Dec 2018 07:33:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"87cac6d139ce71e0"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Dec 2019 07:33:34 GMT
amp-fit-text-0.1.js
cdn.ampproject.org/rtv/011812051624460/v0/ Frame 03E1 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011812051624460/v0/amp-fit-text-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:820::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
fe5c1ece3f5f5d3712659358ae1014a1927327a3698bbd6756bda91d84dd3e11
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
gzip
x-content-type-options
nosniff
age
137321
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
1602
x-xss-protection
1; mode=block
server
sffe
date
Wed, 19 Dec 2018 04:32:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"08ba1591bee48831"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Dec 2019 04:32:13 GMT
amp-form-0.1.js
cdn.ampproject.org/rtv/011812051624460/v0/ Frame 03E1 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011812051624460/v0/amp-form-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:820::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
9aee492f3a2d4d2bd0140588c738370e5805a3d23b94e1205cd9860c3b1d388b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
gzip
x-content-type-options
nosniff
age
165309
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
12653
x-xss-protection
1; mode=block
server
sffe
date
Tue, 18 Dec 2018 20:45:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"c6931f03758769d2"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Dec 2019 20:45:45 GMT
css
fonts.googleapis.com/ Frame 03E1 		7 KB
734 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=en
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81f::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
35c990f5530deb7d2f640743aeb26a9e5d5c3bf1838542d9237f29fd93bec8a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 20 Dec 2018 18:40:54 GMT
server
ESF
access-control-allow-origin
*
date
Thu, 20 Dec 2018 18:40:54 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
1; mode=block
expires
Thu, 20 Dec 2018 18:40:54 GMT
css
fonts.googleapis.com/ Frame 03E1 		4 KB
640 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500&text=
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81f::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
b2d821701db1212a6143bb0de1714bc0989a2639ce5c42062f9ec755784680f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 20 Dec 2018 18:40:54 GMT
server
ESF
access-control-allow-origin
*
date
Thu, 20 Dec 2018 18:40:54 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
1; mode=block
expires
Thu, 20 Dec 2018 18:40:54 GMT
osd.js
pagead2.googlesyndication.com/pagead/ 		71 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_285.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0dc9542b043f4622f82261f8d3ca79bb0c29bcbdacf2056a2fc633a488922dd4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 20 Dec 2018 18:38:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
124
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
26696
x-xss-protection
1; mode=block
server
cafe
etag
10366987592970477111
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Thu, 20 Dec 2018 19:38:50 GMT
16990697308791947147
tpc.googlesyndication.com/daca_images/simgad/ Frame 03E1 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/16990697308791947147?sqp=-oaymwEOCNgEELoCIAFISFABWAE&rs=AOga4qlzboXhCWiQzkvcL8tVsYUpXO-IlA
Requested by
Host: windowsreport.com
URL: https://windowsreport.com/msmpeng-exe-high-cpu-usage/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:825::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
e70e54ab00480bb92bd007a7509f120c78180d99de5dc452b3841597945689e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 18 Dec 2018 07:39:57 GMT
x-content-type-options
nosniff
last-modified
Thu, 25 Oct 2018 05:49:19 GMT
server
sffe
age
212457
content-type
image/jpeg
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
cache-control
public, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
33285
x-xss-protection
1; mode=block
expires
Tue, 25 Dec 2018 07:39:57 GMT
10039072475505396402
tpc.googlesyndication.com/daca_images/simgad/ Frame 03E1 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/10039072475505396402?sqp=-oaymwEOCNgEENgEIAFISFABWAE&rs=AOga4qlIpVVh9r-h_BZqoektLvKEQyEu7w
Requested by
Host: windowsreport.com
URL: https://windowsreport.com/msmpeng-exe-high-cpu-usage/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:825::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
4be00115fa3cdafc8cb80d817119f2b6b0b9e191d4084f2643d70e66cd47c08a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 20 Dec 2018 09:51:55 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 May 2018 14:14:31 GMT
server
sffe
age
31739
content-type
image/jpeg
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
cache-control
public, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13586
x-xss-protection
1; mode=block
expires
Thu, 27 Dec 2018 09:51:55 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 03E1 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CKKuANuIbXJqGIbKx1fAPhp64-A-GgJq_VMGgurjcCGQQASCb3IkiYJWCgICUB6ABjfC5yQPIAQapAqgNrMYMM7U-4AIAqAMByAMKqgTuAU_QoqC82Byah2n-iD-CEfiduEoVV-XRXkFfy-hFHqOegroU323suV7IH9GPOz9nYJoJEuM8UkSs3W6yPIEVivda2N5kJQ0KRthiYXdzjGVwb_MR9BxWdeYq4Xsa5Xd8Tfjm5geyc3Oez2UMXPimBV8NaOmK30T8twcmewMdVAlk-cThnA9tpV_bqQpTsMecDR7ooYQDAcRomQKdahxxD30KpeZ_9MBTwJXf8eQd8wWeR8pddbcSJBY0p-hRogaq8zanVF8uWB3ZxFXbumb3--33zumtcQIsv88iTn0C22j5filhkMB1RD3fOHavUIjABPL9jqTxAeAEAZIFBAgEGAGSBQQIBRgEoAY3gAfbj8Y2qAeOzhuoB9XJG6gHqAaoB9nLG6gHz8wbqAemvhvYBwHyBwQQwLQT0ggJCIDhgBAQARgB8ggbYWR4LXN1YnN5bi0zNjc3MTM5NDk4MTA2Mjg4gAoD2BMM&sigh=7eV9Xd_TTi8&template_id=492&tpd=AGWhJmtEee8GHICr93BqTEeY-2-ri-46Mazx-fXN01yGepeAiA
Requested by
Host: windowsreport.com
URL: https://windowsreport.com/msmpeng-exe-high-cpu-usage/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 03E1 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: windowsreport.com
URL: https://windowsreport.com/msmpeng-exe-high-cpu-usage/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:825::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 20 Dec 2018 13:18:39 GMT
x-content-type-options
nosniff
content-type
image/png
server
cafe
age
19335
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
2502
x-xss-protection
1; mode=block
expires
Fri, 21 Dec 2018 13:18:39 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 03E1 		295 B
521 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: windowsreport.com
URL: https://windowsreport.com/msmpeng-exe-high-cpu-usage/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:825::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 20 Dec 2018 18:11:39 GMT
x-content-type-options
nosniff
content-type
image/png
server
cafe
age
1755
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
295
x-xss-protection
1; mode=block
expires
Fri, 21 Dec 2018 18:11:39 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 03E1 		10 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: windowsreport.com
URL: https://windowsreport.com/msmpeng-exe-high-cpu-usage/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Response headers

date
Fri, 07 Dec 2018 21:39:01 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:51 GMT
server
sffe
age
1112511
content-type
font/woff2
status
200
cache-control
public, max-age=31536000
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
10748
x-xss-protection
1; mode=block
expires
Sat, 07 Dec 2019 21:39:01 GMT
truncated
/ Frame 03E1 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
15be26526c1eebe750e1651e516e0c3a150d0c737004e86d2adea16b0183915c

Request headers

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5994
Redirect Chain
  • https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
  • https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
  • https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
  • https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
42 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b79781efede37903be212fcdf63955e41c8649e678b6b83adf824459d240a188
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Response headers

date
Thu, 20 Dec 2018 10:07:51 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
age
30783
content-type
font/woff2
status
200
cache-control
public, max-age=31536000
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
10788
x-xss-protection
1; mode=block
expires
Fri, 20 Dec 2019 10:07:51 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 03E1
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
170 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: windowsreport.com
URL: https://windowsreport.com/msmpeng-exe-high-cpu-usage/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Redirect headers

date
Thu, 20 Dec 2018 18:40:55 GMT
x-content-type-options
nosniff
server
safe
location
https://googleads.g.doubleclick.net/pagead/drt/si
content-type
text/html; charset=UTF-8
status
302
cache-control
private
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
246
x-xss-protection
1; mode=block
amp4ads-v0.js
cdn.ampproject.org/rtv/011812051624460/ Frame 6FD3 		268 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011812051624460/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:820::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b9a309f5de96b3cef007a44cd3ebaeaaea10c4a50ee22de42784ad0dac67ed14
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
gzip
x-content-type-options
nosniff
age
685907
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
86897
x-xss-protection
1; mode=block
server
sffe
date
Wed, 12 Dec 2018 20:09:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"492d4f08a6978e21"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 12 Dec 2019 20:09:07 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/011812051624460/v0/ Frame 6FD3 		129 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011812051624460/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:820::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5667ccb0d2c277279846ba00a5bf6ddf6f16f7f160e79530edf38836a40d72c1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
gzip
x-content-type-options
nosniff
age
126440
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
41338
x-xss-protection
1; mode=block
server
sffe
date
Wed, 19 Dec 2018 07:33:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"87cac6d139ce71e0"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Dec 2019 07:33:34 GMT
amp-fit-text-0.1.js
cdn.ampproject.org/rtv/011812051624460/v0/ Frame 6FD3 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011812051624460/v0/amp-fit-text-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:820::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
fe5c1ece3f5f5d3712659358ae1014a1927327a3698bbd6756bda91d84dd3e11
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
gzip
x-content-type-options
nosniff
age
137321
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
1602
x-xss-protection
1; mode=block
server
sffe
date
Wed, 19 Dec 2018 04:32:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"08ba1591bee48831"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Dec 2019 04:32:13 GMT
amp-form-0.1.js
cdn.ampproject.org/rtv/011812051624460/v0/ Frame 6FD3 		35 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011812051624460/v0/amp-form-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:820::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
9aee492f3a2d4d2bd0140588c738370e5805a3d23b94e1205cd9860c3b1d388b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
gzip
x-content-type-options
nosniff
age
165309
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
12653
x-xss-protection
1; mode=block
server
sffe
date
Tue, 18 Dec 2018 20:45:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"c6931f03758769d2"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Dec 2019 20:45:45 GMT
css
fonts.googleapis.com/ Frame 6FD3 		7 KB
735 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=de
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81f::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
35c990f5530deb7d2f640743aeb26a9e5d5c3bf1838542d9237f29fd93bec8a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 20 Dec 2018 18:40:55 GMT
server
ESF
access-control-allow-origin
*
date
Thu, 20 Dec 2018 18:40:55 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
1; mode=block
expires
Thu, 20 Dec 2018 18:40:55 GMT
css
fonts.googleapis.com/ Frame 6FD3 		4 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500&text=
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81f::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
b2d821701db1212a6143bb0de1714bc0989a2639ce5c42062f9ec755784680f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 20 Dec 2018 18:40:54 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Thu, 20 Dec 2018 18:40:54 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
x-xss-protection
1; mode=block
expires
Thu, 20 Dec 2018 18:40:54 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6FD3 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:825::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Response headers

date
Thu, 20 Dec 2018 13:18:39 GMT
x-content-type-options
nosniff
server
cafe
age
19335
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
2502
x-xss-protection
1; mode=block
expires
Fri, 21 Dec 2018 13:18:39 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6FD3 		295 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:825::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Response headers

date
Thu, 20 Dec 2018 18:11:39 GMT
x-content-type-options
nosniff
server
cafe
age
1755
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
295
x-xss-protection
1; mode=block
expires
Fri, 21 Dec 2018 18:11:39 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/5747822190314332238/ Frame 6FD3 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5747822190314332238/downsize_200k_v1?sqp=-oaymwEOCNgEENgEIAFISFABWAE&rs=AOga4qlrqil25BawzeWXqwZfaEFjUBxDiQ
Requested by
Host: windowsreport.com
URL: https://windowsreport.com/msmpeng-exe-high-cpu-usage/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:825::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ab94419de96b9694fe05c2aa1811434ba094f94b292c0a0fa694c033bcd0776c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 10 Dec 2018 15:34:28 GMT
x-content-type-options
nosniff
last-modified
Tue, 13 Nov 2018 12:30:08 GMT
server
sffe
age
875187
content-type
image/jpeg
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
43074
x-xss-protection
1; mode=block
expires
Tue, 10 Dec 2019 15:34:28 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/4065884591389630697/ Frame 6FD3 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4065884591389630697/downsize_200k_v1?sqp=-oaymwEOCNgEENgEIAFISFABWAE&rs=AOga4ql0OVOdgAxia0u7J2GzAEzniXfTwg
Requested by
Host: windowsreport.com
URL: https://windowsreport.com/msmpeng-exe-high-cpu-usage/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:825::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
1a3bf4d7ead905d2d7bf460cee16f77817ecd3b391b90c627c565aecfbfd4b92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 20 Dec 2018 18:36:13 GMT
x-content-type-options
nosniff
last-modified
Thu, 01 Nov 2018 15:59:11 GMT
server
sffe
age
282
content-type
image/png
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
30780
x-xss-protection
1; mode=block
expires
Fri, 20 Dec 2019 18:36:13 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 6FD3 		0
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Ca4Q9NuIbXNLLMIjItwewjbbQBbD6l9JUvr35wLsIwI23ARABIJvciSJglYKAgJQHoAGcutPeA8gBBuACAKgDAcgDCqoEzwFP0Bjn9B3k_wExYdrhTrLm7aRw_YPHvh_mY-xaQpQ432R5WRBr9Wr0j2yhbGgvXM4oaNvB1k7bfO1eM1WEodKL18lCpBDjuRkuBvRcVXt5cQF9pQxRttufl0CIynuktjNUEM_tdhCc1y50kIZhPS9aZmFbNCH80QWlQ47JDewy-I0p9XhQKenxkkye5cltyfSVipawx9RR_KskJYxVJ7kIiEiiW1eo140SxClUjaICNmRVgrWihjU4wZ28e7DL4mjDeykSbwiaCf0O7w7kAhrABLOYgs7uAeAEAZIFBAgEGAGSBQQIBRgEoAY3gAfMxawhqAeOzhuoB9XJG6gHqAaoB9nLG6gHz8wbqAemvhvYBwHyBwQQvpFd0ggJCIDhgBAQARgB8ggbYWR4LXN1YnN5bi0zNjc3MTM5NDk4MTA2Mjg4gAoD2BMMiBQB&sigh=PiR-tV-CLMM&template_id=492&tpd=AGWhJmvA8lhwNWSkK4sTKOR7FJMkkt9JA05G14vJ5mdRdmqqUg
Requested by
Host: windowsreport.com
URL: https://windowsreport.com/msmpeng-exe-high-cpu-usage/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers
truncated
/ Frame 6FD3 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c806b7a69f02bb497a042ec3c59cb4638a7931e5b24e50e5132147043da3e87f

Request headers

Response headers

Content-Type
image/png
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6FD3 		10 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: windowsreport.com
URL: https://windowsreport.com/msmpeng-exe-high-cpu-usage/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Response headers

date
Fri, 07 Dec 2018 21:39:01 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:51 GMT
server
sffe
age
1112511
content-type
font/woff2
status
200
cache-control
public, max-age=31536000
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
10748
x-xss-protection
1; mode=block
expires
Sat, 07 Dec 2019 21:39:01 GMT
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6FD3 		11 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: windowsreport.com
URL: https://windowsreport.com/msmpeng-exe-high-cpu-usage/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b79781efede37903be212fcdf63955e41c8649e678b6b83adf824459d240a188
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Response headers

date
Thu, 20 Dec 2018 10:07:51 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
age
30783
content-type
font/woff2
status
200
cache-control
public, max-age=31536000
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
10788
x-xss-protection
1; mode=block
expires
Fri, 20 Dec 2019 10:07:51 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 6FD3
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
137 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: windowsreport.com
URL: https://windowsreport.com/msmpeng-exe-high-cpu-usage/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Redirect headers

date
Thu, 20 Dec 2018 18:40:55 GMT
x-content-type-options
nosniff
server
safe
location
https://googleads.g.doubleclick.net/pagead/drt/si
content-type
text/html; charset=UTF-8
status
302
cache-control
private
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
246
x-xss-protection
1; mode=block
amp4ads-v0.js
cdn.ampproject.org/rtv/011812051624460/ Frame 5994 		268 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011812051624460/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:820::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b9a309f5de96b3cef007a44cd3ebaeaaea10c4a50ee22de42784ad0dac67ed14
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
gzip
x-content-type-options
nosniff
age
685908
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
86897
x-xss-protection
1; mode=block
server
sffe
date
Wed, 12 Dec 2018 20:09:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"492d4f08a6978e21"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 12 Dec 2019 20:09:07 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/011812051624460/v0/ Frame 5994 		129 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011812051624460/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:820::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5667ccb0d2c277279846ba00a5bf6ddf6f16f7f160e79530edf38836a40d72c1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
gzip
x-content-type-options
nosniff
age
126441
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
41338
x-xss-protection
1; mode=block
server
sffe
date
Wed, 19 Dec 2018 07:33:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"87cac6d139ce71e0"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Dec 2019 07:33:34 GMT
amp-fit-text-0.1.js
cdn.ampproject.org/rtv/011812051624460/v0/ Frame 5994 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011812051624460/v0/amp-fit-text-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:820::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
fe5c1ece3f5f5d3712659358ae1014a1927327a3698bbd6756bda91d84dd3e11
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
gzip
x-content-type-options
nosniff
age
137322
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
1602
x-xss-protection
1; mode=block
server
sffe
date
Wed, 19 Dec 2018 04:32:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"08ba1591bee48831"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Dec 2019 04:32:13 GMT
amp-form-0.1.js
cdn.ampproject.org/rtv/011812051624460/v0/ Frame 5994 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011812051624460/v0/amp-form-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:820::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
9aee492f3a2d4d2bd0140588c738370e5805a3d23b94e1205cd9860c3b1d388b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
gzip
x-content-type-options
nosniff
age
165310
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
12653
x-xss-protection
1; mode=block
server
sffe
date
Tue, 18 Dec 2018 20:45:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"c6931f03758769d2"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Dec 2019 20:45:45 GMT
css
fonts.googleapis.com/ Frame 5994 		4 KB
641 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500&lang=de
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81f::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
b2d821701db1212a6143bb0de1714bc0989a2639ce5c42062f9ec755784680f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 20 Dec 2018 18:40:55 GMT
server
ESF
access-control-allow-origin
*
date
Thu, 20 Dec 2018 18:40:55 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
1; mode=block
expires
Thu, 20 Dec 2018 18:40:55 GMT
css
fonts.googleapis.com/ Frame 5994 		4 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500&text=
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81f::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
b2d821701db1212a6143bb0de1714bc0989a2639ce5c42062f9ec755784680f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 20 Dec 2018 18:40:54 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Thu, 20 Dec 2018 18:40:54 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
x-xss-protection
1; mode=block
expires
Thu, 20 Dec 2018 18:40:54 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5994 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:825::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Response headers

date
Thu, 20 Dec 2018 13:18:39 GMT
x-content-type-options
nosniff
server
cafe
age
19335
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
2502
x-xss-protection
1; mode=block
expires
Fri, 21 Dec 2018 13:18:39 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5994 		295 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:825::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Response headers

date
Thu, 20 Dec 2018 18:11:39 GMT
x-content-type-options
nosniff
server
cafe
age
1755
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
295
x-xss-protection
1; mode=block
expires
Fri, 21 Dec 2018 18:11:39 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/3133012803359057204/ Frame 5994 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3133012803359057204/downsize_200k_v1?sqp=-oaymwEOCNgEELoCIAFISFABWAE&rs=AOga4qknvYDNAg8GLYbLTWMO6meoOuVp-w
Requested by
Host: windowsreport.com
URL: https://windowsreport.com/msmpeng-exe-high-cpu-usage/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:825::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ae93c55b92ee1223051857d61953f0c8859b149f5169e53e262fdacf8682a4f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 20 Dec 2018 18:38:28 GMT
x-content-type-options
nosniff
last-modified
Mon, 17 Dec 2018 14:39:53 GMT
server
sffe
age
147
content-type
image/jpeg
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
50411
x-xss-protection
1; mode=block
expires
Fri, 20 Dec 2019 18:38:28 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/14561242361268952570/ Frame 5994 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14561242361268952570/downsize_200k_v1?sqp=-oaymwEOCNgEENgEIAFISFABWAE&rs=AOga4qndC6YTlB1NejotIP3MJVQiaArFDA
Requested by
Host: windowsreport.com
URL: https://windowsreport.com/msmpeng-exe-high-cpu-usage/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:825::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
191027755d9af9c1a1d4b9bc1383389888a9e10bd11081b3f7621a65925dfb5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 20 Dec 2018 18:16:57 GMT
x-content-type-options
nosniff
last-modified
Mon, 17 Dec 2018 14:39:52 GMT
server
sffe
age
1438
content-type
image/png
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
2276
x-xss-protection
1; mode=block
expires
Fri, 20 Dec 2019 18:16:57 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 5994 		0
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C4l3SN-IbXIOLBIP4xgOD-qIYyqu-uVT-g5L_pQj-gsCQ7QsQASCb3IkiYJWCgICUB6AByo7yzAPIAQapAm3TmnlmNLM-4AIAqAMByAMKqgTXAU_QpQnb0j_cw0-2C2J19eDLCr-1ZDnlxx17e5tqObWudZbxHVA-s4mJI2xEegrO1Aed3eZURMosXGJxZ1M6c-gWdSEQdRv4qcTw19SIyPgflfpEnotVmWiQk95SUDVVxkridnRfaFn2WqjGbN4091FWQnYcS-lBH1ArzG8owcjVL60gAkXpQ4G0rrJggqgi81Owxx8GY2KAdI02OrJp_LQsS2uB_2TWJyil6KINLrJ7sOZWpaEshTIGiBA6E_BB7niYXL07C4XH6T2KgmDqeUD3XO5Z5RycwAS3mPGSuQHgBAGSBQQIBBgBkgUECAUYBKAGN4AHnvGNM6gHjs4bqAfVyRuoB6gGqAfZyxuoB8_MG6gHpr4b2AcB8gcEEP6xDdIICQiA4YAQEAEYAfIIG2FkeC1zdWJzeW4tMzY3NzEzOTQ5ODEwNjI4OIAKA9gTDA&sigh=IH_M00tNTLM&template_id=492&tpd=AGWhJmsMltEkrTC7lTs8YVf0zM-QqVqw_bDNamAUz0OqObuO8A
Requested by
Host: windowsreport.com
URL: https://windowsreport.com/msmpeng-exe-high-cpu-usage/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5994 		10 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011812051624460/amp4ads-v0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Response headers

date
Fri, 07 Dec 2018 21:39:01 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:51 GMT
server
sffe
age
1112511
content-type
font/woff2
status
200
cache-control
public, max-age=31536000
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
10748
x-xss-protection
1; mode=block
expires
Sat, 07 Dec 2019 21:39:01 GMT
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5994 		11 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011812051624460/amp4ads-v0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b79781efede37903be212fcdf63955e41c8649e678b6b83adf824459d240a188
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Response headers

date
Thu, 20 Dec 2018 10:07:51 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
age
30783
content-type
font/woff2
status
200
cache-control
public, max-age=31536000
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
10788
x-xss-protection
1; mode=block
expires
Fri, 20 Dec 2019 10:07:51 GMT
truncated
/ Frame 5994 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cc0301fabb63c6851a9b3f4ae93ab08a784c9c47d9fd3f6f33640a40e3c62f7c

Request headers

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 5994
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
137 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: windowsreport.com
URL: https://windowsreport.com/msmpeng-exe-high-cpu-usage/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Redirect headers

date
Thu, 20 Dec 2018 18:40:55 GMT
x-content-type-options
nosniff
server
safe
location
https://googleads.g.doubleclick.net/pagead/drt/si
content-type
text/html; charset=UTF-8
status
302
cache-control
private
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
246
x-xss-protection
1; mode=block
r
amp-error-reporting.appspot.com/ Frame 03E1 		2 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://amp-error-reporting.appspot.com/r
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011812051624460/amp4ads-v0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81b::2014 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
Origin
https://windowsreport.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 20 Dec 2018 18:40:55 GMT
via
1.1 google
x-powered-by
Express
status
200
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
2
r
amp-error-reporting.appspot.com/ Frame 6FD3 		2 B
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://amp-error-reporting.appspot.com/r
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011812051624460/amp4ads-v0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81b::2014 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
Origin
https://windowsreport.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 20 Dec 2018 18:40:55 GMT
via
1.1 google
x-powered-by
Express
status
200
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
2
activeview
pagead2.googlesyndication.com/pcs/ Frame 03E1 		42 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsto8zT3kNzHpIbsvVdUVAxTJaxK2xwru3IUd4Sd6zKVJdkmIVBZ25Kh-5GPN6Zd-5_G-Df1EzdP5iXZptI8XUHp_JWR2s87hLLFrkSK2_cIMll3CxP4GQ&sai=AMfl-YRBNoAn3y5V0fNeGKb1osFzXfQsjCacggn3pFpds7t1H6zqoxGB91vpF0hDjp0BNw1st7TvI5AfEUK9kR77FWdHUhNL9lJzgJk1tpLi&sig=Cg0ArKJSzEm_9uGRUZETEAE&id=ampim&o=1036,366&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=101&tls=1101&g=100&h=100&pt=42&tt=1102&rpt=42&rst=1545331254292&r=v&adk=2401883873&avms=ampa
Requested by
Host: windowsreport.com
URL: https://windowsreport.com/msmpeng-exe-high-cpu-usage/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Dec 2018 18:40:56 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
aax-us-east.amazon-adsystem.com/x/px/QhXc7miRsioZytqpQX4lMDUAAAFnzOusIQEAAAFKARnkP0Y/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-us-east.amazon-adsystem.com/x/px/QhXc7miRsioZytqpQX4lMDUAAAFnzOusIQEAAAFKARnkP0Y/?assoc_payload=%7B%22totalDocWidth%22%3A1585%2C%22totalDocHeight%22%3A22105%2C%22logType%22%3A%22onetag_pageload%22%2C%22pageTitle%22%3A%22Fix%3A%20MsMpEng.exe%20causes%20high%20CPU%20usage%20on%20Windows%2010%2C%20Windows%207%22%2C%22numLinks%22%3A0%2C%22numAutoTaggedLinks%22%3A0%2C%22autoTaggingEnabled%22%3Afalse%2C%22geoRedirectEnabled%22%3Atrue%2C%22numLinksATF%22%3A0%2C%22numLinksBTF%22%3A0%2C%22shortLinksInLivePool%22%3A%22%22%2C%22shortLinksInPage%22%3A%22%22%2C%22shortLinksInLivePoolCount%22%3A0%2C%22shortLinksInPageCount%22%3A0%2C%22shortLinksMatchCount%22%3A0%2C%22linkCode%22%3A%22w49%22%2C%22trackingId%22%3A%22growmedia-20%22%2C%22refUrl%22%3A%22https%3A%2F%2Fwindowsreport.com%2Fmsmpeng-exe-high-cpu-usage%2F%22%7D
Requested by
Host: windowsreport.com
URL: https://windowsreport.com/msmpeng-exe-high-cpu-usage/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.232.33 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 Dec 2018 18:40:56 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
ir
ir-na.amazon-adsystem.com/e/ 		42 B
159 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ir-na.amazon-adsystem.com/e/ir?l=w49&t=growmedia-20&o=1&cb=1545331256423
Requested by
Host: windowsreport.com
URL: https://windowsreport.com/msmpeng-exe-high-cpu-usage/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.194 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
/
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Cache-Control
no-cache
Connection
close
Content-Length
42
Content-Type
image/gif
cm_:onejs_load_evt@v=412,onejs_exec_time@v=3,aax_load_time@v=3467,aax_load_time_one_tag@v=3467,wdgt_load_time@v=3886,wdgt_load_time_DE@v=3886,wdgt_load_time_one_tag@v=3886,wdgt_load_time_invoke@v=3...
fls-na.amazon-adsystem.com/1/action-impressions/1/OE/associates-adsystems/action/ 		0
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fls-na.amazon-adsystem.com/1/action-impressions/1/OE/associates-adsystems/action/cm_:onejs_load_evt@v=412,onejs_exec_time@v=3,aax_load_time@v=3467,aax_load_time_one_tag@v=3467,wdgt_load_time@v=3886,wdgt_load_time_DE@v=3886,wdgt_load_time_one_tag@v=3886,wdgt_load_time_invoke@v=3474,wdgt_load_time_invoke_one_tag@v=3474,wdgt_load_time_invoke_one_tag_DE@v=3474?marketplace=US&service=AmazonWidgets&method=Widgets_Render_Time&marketplaceId=ATVPDKIKX0DER&requestId=c4ae46c0-a724-4682-9384-7ea930fe682a&session=c38c9fa7-543e-4660-b6c8-0b9d622a9341
Requested by
Host: windowsreport.com
URL: https://windowsreport.com/msmpeng-exe-high-cpu-usage/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
52.94.233.131 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 20 Dec 2018 18:40:56 GMT
x-amzn-RequestId
c9b4f93f-0486-11e9-a393-416883eb0ac9
Content-Type
text/plain
activeview
pagead2.googlesyndication.com/pcs/ Frame 5994 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstHia4k_xCefF6GN9L3E4H-Y0198belw_d-6Jt4a2BuaVEfdZdX9eJzrxFeREJ1ZPDoQWHlvwQ11hKikemaOC-nUVc-LK_6W8UDVIQ_2BWLurA1LJmWmA&sai=AMfl-YT86YVI3uRP2DlBkJMEVSye6CoLJGagrh8zO4LbOM8lB1HqvPXvyYrUjAZmQR8Jv_as2-y0r5MkFEoOrSYXVqcBfrlu10RU4MafmIBo6A&sig=Cg0ArKJSzDUR7W4CKNjKEAE&id=ampim&o=242,417&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=61&tls=1061&g=100&h=100&pt=23&tt=1061&rpt=23&rst=1545331254314&r=v&adk=3510700742&avms=ampa
Requested by
Host: windowsreport.com
URL: https://windowsreport.com/msmpeng-exe-high-cpu-usage/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Dec 2018 18:40:56 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
r
amp-error-reporting.appspot.com/ Frame 5994 		2 B
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://amp-error-reporting.appspot.com/r
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011812051624460/amp4ads-v0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81b::2014 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://windowsreport.com/msmpeng-exe-high-cpu-usage/
Origin
https://windowsreport.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 20 Dec 2018 18:40:56 GMT
via
1.1 google
x-powered-by
Express
status
200
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
2

Verdicts & Comments Add Verdict or Comment

131 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| googletag string| disqus_url string| disqus_identifier string| disqus_container_id string| disqus_domain string| disqus_shortname string| disqus_title function| disqus_config function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto object| wlSettings object| wordlift object| wpr_dev object| q2w3_sidebar_options object| lazyLoadOptions function| ai_insert function| ai_insert_viewport function| b64e function| b64d function| cli_show_cookiebar function| l1hs object| ai_script object| DsqLocal function| q2w3_sidebar_init function| q2w3_exclude_mutations_array function| q2w3_sidebar boolean| ds_loaded function| loadDisqus object| disqus_div_new boolean| divExists string| hash undefined| dcl_loaded function| lazyLoadThumb function| lazyLoadYoutubeIframe undefined| $ function| jQuery boolean| ai_dummy object| closure_memoize_cache_ object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleToken function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| html5 object| Modernizr object| Foundation function| enterView object| jQuery11240992009266115587 object| widget_obj boolean| q2w3Refresh object| addthis_share object| addthis_config function| amazon_assoc_ir_f_call_associates_ads function| amazon_assoc_ir_f_call function| amazon_assoc_ir_call function| amzn_assoc_ad_spec_type object| amzn_assoc_ad_spec object| amzn_assoc_ad_async_spec object| adUnitDeliveryNetwork object| slotCounter function| cmManager object| amzn_assoc_cm boolean| amzn_assoc_enable_abs object| amzn_assoc_internal_params function| assocUtilsMaker object| amzn_assoc_utils object| amzn_assoc_ad function| amzn_assoc_jsonp_callback_adunit_0 function| amzn_assoc_client_cb_0 function| _extends function| _typeof function| LazyLoad function| pb function| beacon object| _atw string| addthis_exclude boolean| addthis_use_personalization string| addthis_options_default string| addthis_options_rank string| addthis_options object| __callbacks number| len function| atajsshctcbSOlMn function| atajsshctcbpZCfn object| GPT_jstiming object| google_reactive_ads_global_state undefined| google_measure_js_timing boolean| google_noFetch boolean| google_DisableInitialLoad number| __google_ad_urls_id number| google_unique_id function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter object| ampInaboxIframes object| ampInaboxPendingMessages object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| AMP_CONFIG object| log object| AMPErrors boolean| ampInaboxInitialized object| AMP_MODE function| reportError object| AMP function| trackingUtils function| elemTracker object| amznAutoTagger

0 Cookies

8 Console Messages

Source Level URL
Text
console-api log URL: https://cdn.windowsreport.com/wp-content/cache/min/1/dfdf7f6d4193439e0813a17366c7a74a.js(Line 1)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1
console-api log URL: https://cdn.windowsreport.com/wp-content/cache/min/1/dfdf7f6d4193439e0813a17366c7a74a.js(Line 43)
Message:
amp-ad,#div-ad-block-1,#div-ad-block-2,#div-ad-block-3,#div-ad-block-4,#div-ad-block-5,#div-ad-block-6,#div-ad-block-7,#div-ad-block-8,#div-ad-block-9,#div-ad-block-10,#div-ad-block-11,#div-ad-block-12,#div-ad-block-13,#div-ad-block-14,#div-ad-block-15,#div-ad-block-16,#div-ad-block-17,#div-ad-block-18,#div-ad-block-19,#div-ad-block-20,#div-ad-block-21,#div-ad-block-22,#div-ad-block-23,#div-ad-block-24,#div-ad-block-25,#div-ad-block-26,#div-ad-block-27,#div-ad-block-28,#div-ad-block-29,#div-ad-block-30,#div-ad-block-31,#div-ad-block-32,#div-ad-block-33,#div-ad-block-34,#div-ad-block-35,#div-ad-block-36,#div-ad-block-37,#div-ad-block-38,#div-ad-block-39,#div-ad-block-40,#div-ad-block-41,#div-ad-block-42,#div-ad-block-43,#div-ad-block-44,#div-ad-block-45,#div-ad-block-46,#div-ad-block-47,#div-ad-block-48,#div-ad-block-49,#div-ad-block-50,#div-ad-block-51,#div-ad-block-52,#div-ad-block-53,#div-ad-block-54,#div-ad-block-55,#div-ad-block-56,#div-ad-block-57,#div-ad-block-58,#div-ad-block-59,#div-ad-block-60,#div-ad-block-61,#div-ad-block-62,#div-ad-block-63,#div-ad-block-64
console-api info URL: https://cdn.ampproject.org/rtv/011812051624460/amp4ads-v0.js(Line 549)
Message:
Powered by AMP ⚡ HTML – Version 1812051624460
console-api error URL: https://cdn.ampproject.org/rtv/011812051624460/amp4ads-v0.js(Line 146)
Message:
localStorage not supported.
console-api info URL: https://cdn.ampproject.org/rtv/011812051624460/amp4ads-v0.js(Line 549)
Message:
Powered by AMP ⚡ HTML – Version 1812051624460
console-api error URL: https://cdn.ampproject.org/rtv/011812051624460/amp4ads-v0.js(Line 146)
Message:
localStorage not supported.
console-api info URL: https://cdn.ampproject.org/rtv/011812051624460/amp4ads-v0.js(Line 549)
Message:
Powered by AMP ⚡ HTML – Version 1812051624460
console-api error URL: https://cdn.ampproject.org/rtv/011812051624460/amp4ads-v0.js(Line 146)
Message:
localStorage not supported.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-us-east.amazon-adsystem.com
adservice.google.com
adservice.google.de
amp-error-reporting.appspot.com
api-public.addthis.com
cdn.ampproject.org
cdn.staging.windowsreport.com
cdn.windowsreport.com
fls-na.amazon-adsystem.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
graph.facebook.com
ir-na.amazon-adsystem.com
m.addthisedge.com
pagead2.googlesyndication.com
s7.addthis.com
securepubads.g.doubleclick.net
staging.windowsreport.com
stats.g.doubleclick.net
tpc.googlesyndication.com
widgets.pinterest.com
windowsreport.com
www.google-analytics.com
www.google.com
www.google.de
www.linkedin.com
z-na.amazon-adsystem.com
143.204.99.120
148.251.186.217
151.101.0.84
151.101.192.84
172.217.18.98
199.115.114.66
2.18.232.15
2620:109:c002::6cae:a0a
2a00:1450:4001:806::2004
2a00:1450:4001:815::2002
2a00:1450:4001:81b::2014
2a00:1450:4001:81c::200e
2a00:1450:4001:81f::2002
2a00:1450:4001:81f::2003
2a00:1450:4001:81f::200a
2a00:1450:4001:820::2001
2a00:1450:4001:821::2003
2a00:1450:4001:825::2001
2a00:1450:4001:825::2002
2a00:1450:400c:c08::9b
2a03:2880:f02d:e:face:b00c:0:2
52.46.128.194
52.94.232.33
52.94.233.131
00a7dd60bc7fab7904f41946947c1d248e5dee22fa9d29ab282367f79b2de293
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
06530131fa33701a5841c404996a8cbce7730113f4b91c071a15c69e2c922d7c
06dd7353ee23b5fe89ab19d1c01a0a8b8cacd3bdb755f7e2281acecc6ea37114
0dc9542b043f4622f82261f8d3ca79bb0c29bcbdacf2056a2fc633a488922dd4
15be26526c1eebe750e1651e516e0c3a150d0c737004e86d2adea16b0183915c
191027755d9af9c1a1d4b9bc1383389888a9e10bd11081b3f7621a65925dfb5d
1a3bf4d7ead905d2d7bf460cee16f77817ecd3b391b90c627c565aecfbfd4b92
1ac9fa9872f44a78a1ce3148d2e3b1c108514e8b3d27ab078463be54a1a5506f
1c04a8931a29afef114cb7a70965a364383ad6c4152931fe80e8afb744bfb671
20fabfa803d080cde34001dc0371473d089cb619e20ea2e1d99c16832af9ed1f
2ed77b0c4df1a95818e4b8896dac3cb46117b02e391b59f45e0d05c774884dd7
312e71f4f53cd28a50eaa9cdfffc02a6056e7e888d5774163159be56f50920e3
35c990f5530deb7d2f640743aeb26a9e5d5c3bf1838542d9237f29fd93bec8a3
360b1613f5f53960ba8480a0eca10c4ecb4904fcd2afe6c61f754282e5a8c889
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3a369aadde81f32378e9a55c978c2cc385b521a57d6e52b2f0a1459485ad40d2
3c0c7e88fb621d08fb29031f27d1d80566c0811dde6ad3d493e97eb21f34b44d
3c459ed7d4f570bbe550d52d7410954041052617a3258d17796049f126502b8d
3fa473d6b3c64226cfee6729a9c111dcef10b1312b1f5806036e7ea8348b2f7d
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4b456e49e6c017d53be594d467c4508368dbe32ea0fd52a4b0718d5dc1862d51
4be00115fa3cdafc8cb80d817119f2b6b0b9e191d4084f2643d70e66cd47c08a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5667ccb0d2c277279846ba00a5bf6ddf6f16f7f160e79530edf38836a40d72c1
57fb8ace898d66c58be20f4529f92726da6017021a7b7597be461986874fec09
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
5d4bfda2066d6ca971ebb8364b5d27d3f3bcfd8311ec1103465aa8010109b954
64565561ddb338a11ffce5b84aa53fa6e8fd203c34208e61eb5602cd08bf527f
6978ace6ad07aeec8b5f8fdaff14c33f0dfddf9120f655741295a3d038ce6cc0
6b5f136a4b15dd23118180ca54af5b9ecb20f19799b44a5ed86993d58d6303d2
70a903f22a4c30accb036af7399ba29cae74d185d08fbb2ddae6b2e4ca9f600c
7e3536b473a693c28310d049b997a52bb4b2a78dc79aaafc7ec86e93154dd3d1
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167
8d9da0061165446289cbe0c502137799056d1af3f80c063e8d7b219d38ce3ed2
932e4adf60fc1acf90f5bdf50ea3a3b41e2b421e68432a3e139cdff882424520
993478951f95680f656b9ae25533a4e8ce165c207eee99be97e1fb9853f4255e
993f7a0991d663dce7c8701da73b2a4794fe8a21bf6c08a9a6db57c74852f4a2
9958778c9ef7b0a8c6ac06f5949a2f9e02b747139ae79dd573229e0edb828267
996420c6fbcdb1e9a21ecb91ddef2fb49c7a0a968e420cd2aa14424e84123288
9adb8d668a191b1b2434af82cf7c0ea59ff981993b4fcdbaf1ca1efd336c9aed
9aee492f3a2d4d2bd0140588c738370e5805a3d23b94e1205cd9860c3b1d388b
9bc80277fedc90e068ec9d2cf1f46e5c03f2d3e8ce8b1a7893829c997fc73d1b
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a27b256745aae3be0abc918f1aa1f4acb0d88b44ac78f2cafe322dcdcffbf68c
a3479b45d477eb8429f4be8a396050d90f894559a72068ec3593ec43f586d138
ab94419de96b9694fe05c2aa1811434ba094f94b292c0a0fa694c033bcd0776c
ae93c55b92ee1223051857d61953f0c8859b149f5169e53e262fdacf8682a4f8
afff4cc38ce2ada34c1fb3d1083c57e2890241fa43f2ca344d01e668731e8d7c
b2d821701db1212a6143bb0de1714bc0989a2639ce5c42062f9ec755784680f1
b79781efede37903be212fcdf63955e41c8649e678b6b83adf824459d240a188
b9a309f5de96b3cef007a44cd3ebaeaaea10c4a50ee22de42784ad0dac67ed14
be5d411b5193346b9e9b033e7f8dba791d8150c114758e75aac7ab1f6523301b
c0d9118bc9fe475ca6cf7f36715a68424a8cdfa2af81cf6c9f363f093d65a899
c2e9508b71bc29948a47456789b208fccc0acfc27f105410d13f31967a1e15c9
c806b7a69f02bb497a042ec3c59cb4638a7931e5b24e50e5132147043da3e87f
cc0301fabb63c6851a9b3f4ae93ab08a784c9c47d9fd3f6f33640a40e3c62f7c
d7f5a1ce1e8d7115ab62a8270aa6c91276761d22291ac6d3a90b282c9888d87b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41a0e6e3635607f4de54907128f5022334fedab601dbdf3cb022bb522787e99
e70e54ab00480bb92bd007a7509f120c78180d99de5dc452b3841597945689e9
ee8352cf2610fd6c436cefe16b8ed07bd4a7c8da888465ed0c6b2f2058efefa8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f584b85d50c501bae1837082a43eadac741057468421991f824b424c70b90665
f935331ff81984f9961a2068163dcf109ce4578d14877cb21cda3771773686b4
f975012d57c9c0ae0b4a4a66effc81f4f466edeee78ba580131dd2a984235a5e
fe32c9921874b35b87acb0a3b558784ca7b9fed91ed34c1d2a68b6566c9d09be
fe5c1ece3f5f5d3712659358ae1014a1927327a3698bbd6756bda91d84dd3e11