urlscan.io logo urlscan.io
SecurityTrails logo

www.upstreamsystems.com Open in urlscan Pro
52.212.219.53  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
Submission: On October 28 via api from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 6 countries across 12 domains to perform 61 HTTP transactions. The main IP is 52.212.219.53, located in Dublin, Ireland and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is www.upstreamsystems.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on May 24th 2019. Valid for: 2 years.
This is the only time www.upstreamsystems.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 46 52.212.219.53 16509 (AMAZON-02)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 151.101.12.157 54113 (FASTLY)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 2a05:f500:10:... 14413 (LINKEDIN)
1 1 2a05:f500:11:... 14413 (LINKEDIN)
1 104.244.42.197 13414 (TWITTER)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 104.244.42.131 13414 (TWITTER)
61 12
46    52.212.219.53 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-212-219-53.eu-west-1.compute.amazonaws.com
www.upstreamsystems.com
1    2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
netdna.bootstrapcdn.com
1    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
3    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    2a02:26f0:6c00:293::3adf (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
sjs.bizographics.com
1    151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
static.ads-twitter.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
2    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
2    2a05:f500:10:101::b93f:9105 (Ireland)

ASN14413 (LINKEDIN - LinkedIn Corporation, US)
px.ads.linkedin.com
1    2a05:f500:11:101::b93f:9001 (Ireland)

ASN14413 (LINKEDIN - LinkedIn Corporation, US)
www.linkedin.com
1    104.244.42.197 (United States)

ASN13414 (TWITTER - Twitter Inc., US)
t.co
2    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
1    104.244.42.131 (United States)

ASN13414 (TWITTER - Twitter Inc., US)
analytics.twitter.com
Domain Requested by
46 www.upstreamsystems.com 1 redirects www.upstreamsystems.com
3 www.google-analytics.com www.googletagmanager.com
www.upstreamsystems.com
2 www.facebook.com www.upstreamsystems.com
2 px.ads.linkedin.com 1 redirects www.upstreamsystems.com
2 stats.g.doubleclick.net www.upstreamsystems.com
2 connect.facebook.net www.upstreamsystems.com
connect.facebook.net
1 analytics.twitter.com static.ads-twitter.com
1 t.co www.upstreamsystems.com
1 www.linkedin.com 1 redirects
1 static.ads-twitter.com www.googletagmanager.com
1 sjs.bizographics.com www.googletagmanager.com
1 www.googletagmanager.com www.upstreamsystems.com
1 netdna.bootstrapcdn.com www.upstreamsystems.com
61 13

This site contains links to these domains. Also see Links.

Domain
www.secure-d.io
index.secure-d.io
www.linkedin.com
www.facebook.com
twitter.com
www.youtube.com
Subject Issuer Validity Valid
*.upstreamsystems.com
DigiCert SHA2 Secure Server CA		 2019-05-24 -
2021-05-28		 2 years crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-14 -
2020-10-13		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-10-10 -
2020-01-02		 3 months crt.sh
js.bizographics.com
DigiCert SHA2 Secure Server CA		 2018-04-13 -
2020-04-17		 2 years crt.sh
ads-twitter.com
DigiCert SHA2 High Assurance Server CA		 2019-08-14 -
2020-08-18		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-09-22 -
2019-12-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2019-10-10 -
2020-01-02		 3 months crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2019-05-29 -
2021-06-29		 2 years crt.sh
t.co
DigiCert SHA2 High Assurance Server CA		 2019-04-09 -
2020-04-01		 a year crt.sh
*.twitter.com
DigiCert SHA2 High Assurance Server CA		 2019-04-09 -
2020-04-01		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
Frame ID: AA2E9E226D6BD362812361F67D659DF9
Requests: 61 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud HTTP 301
    https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+foundation[^>"]+css/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • html /<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css/i
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

61
Requests

100 %
HTTPS

69 %
IPv6

12
Domains

13
Subdomains

12
IPs

6
Countries

1596 kB
Transfer

1972 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud HTTP 301
    https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=417626&url=https%3A%2F%2Fwww.upstreamsystems.com%2Freturning-rogue-weather-app-continues-mobile-ad-fraud%2F&time=1572295612951 HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D417626%26url%3Dhttps%253A%252F%252Fwww.upstreamsystems.com%252Freturning-rogue-weather-app-continues-mobile-ad-fraud%252F%26time%3D1572295612951%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=417626&url=https%3A%2F%2Fwww.upstreamsystems.com%2Freturning-rogue-weather-app-continues-mobile-ad-fraud%2F&time=1572295612951&liSync=true

61 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
Redirect Chain
  • https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud
  • https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
28 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.219.53 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-212-219-53.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
cfd93c21f7a79a291e17ae0351dd1d4a4bb5acaa6a1f71da53e8088ebe63d8fc

Request headers

Host
www.upstreamsystems.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

Content-Type
text/html; charset=UTF-8
Date
Mon, 28 Oct 2019 20:46:50 GMT
Link
<https://www.upstreamsystems.com/wp-json/>; rel="https://api.w.org/" <https://www.upstreamsystems.com/?p=4127>; rel=shortlink
Server
Apache
transfer-encoding
chunked
Connection
keep-alive

Redirect headers

Content-Type
text/html; charset=UTF-8
Date
Mon, 28 Oct 2019 20:46:49 GMT
Location
https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
Server
Apache
Content-Length
0
Connection
keep-alive
foundation.css
www.upstreamsystems.com/wp-content/themes/upstream/css/ 		12 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.upstreamsystems.com/wp-content/themes/upstream/css/foundation.css?ver=4.7.15
Requested by
Host: www.upstreamsystems.com
URL: https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.219.53 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-212-219-53.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
798cd40f817461594df9d33cb10283eba0d48743168405c6d18738600cf36426

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Mon, 28 Oct 2019 20:46:51 GMT
Last-Modified
Thu, 17 Nov 2016 14:12:49 GMT
Server
Apache
ETag
"1e099c-30c5-5417fc8cbba40"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12485
font-awesome.css
netdna.bootstrapcdn.com/font-awesome/4.0.3/css/ 		21 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css?ver=4.7.15
Requested by
Host: www.upstreamsystems.com
URL: https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
/
Resource Hash
3083e8d3b21ddc3f0e6d65ec3580aa6edfaadca5d9737d9caa27e6a233e1ccf3

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Mon, 28 Oct 2019 20:46:51 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:35:19 GMT
status
200
etag
"1544639719"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
4292
settings.css
www.upstreamsystems.com/wp-content/themes/upstream/css/ 		34 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.upstreamsystems.com/wp-content/themes/upstream/css/settings.css?ver=4.7.15
Requested by
Host: www.upstreamsystems.com
URL: https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.219.53 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-212-219-53.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
c26da0fbac2e11afd246aae906b63e82f5b115b3ab35888eaac65361581552a7

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Mon, 28 Oct 2019 20:46:51 GMT
Last-Modified
Thu, 17 Nov 2016 14:12:49 GMT
Server
Apache
ETag
"1e099a-8888-5417fc8cbba40"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
34952
style.css
www.upstreamsystems.com/wp-content/themes/upstream/ 		79 KB
79 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.upstreamsystems.com/wp-content/themes/upstream/style.css?ver=2.1.0
Requested by
Host: www.upstreamsystems.com
URL: https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.219.53 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-212-219-53.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
aadd8d40946805c01a7364cd8ffbe8326ce0ca1747f9f53f9d5efd6952dfe8a7

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Mon, 28 Oct 2019 20:46:51 GMT
Last-Modified
Wed, 04 Jul 2018 11:59:43 GMT
Server
Apache
ETag
"1e0010-13abb-5702b2a87c9c0"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
80571
owl.carousel.min.css
www.upstreamsystems.com/wp-content/plugins/showcase-visual-composer-addon/assets/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.upstreamsystems.com/wp-content/plugins/showcase-visual-composer-addon/assets/css/owl.carousel.min.css?ver=1.3.3
Requested by
Host: www.upstreamsystems.com
URL: https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.219.53 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-212-219-53.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e2278593554d4a530542ce1af5727d6e50130a21fb38d15850b6f67090936ea5

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Mon, 28 Oct 2019 20:46:51 GMT
Last-Modified
Thu, 17 Nov 2016 14:12:49 GMT
Server
Apache
ETag
"200297-45e-5417fc8cbba40"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1118
owl.theme.min.css
www.upstreamsystems.com/wp-content/plugins/showcase-visual-composer-addon/assets/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.upstreamsystems.com/wp-content/plugins/showcase-visual-composer-addon/assets/css/owl.theme.min.css?ver=1.3.3
Requested by
Host: www.upstreamsystems.com
URL: https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.219.53 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-212-219-53.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
b4413b76b47c14296ee4560269b45f22502f57542ac111d27dba693c7beca634

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Mon, 28 Oct 2019 20:46:51 GMT
Last-Modified
Thu, 17 Nov 2016 14:12:49 GMT
Server
Apache
ETag
"200298-46d-5417fc8cbba40"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1133
style.min.css
www.upstreamsystems.com/wp-content/plugins/showcase-visual-composer-addon/assets/css/ 		2 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.upstreamsystems.com/wp-content/plugins/showcase-visual-composer-addon/assets/css/style.min.css?ver=1.0.4
Requested by
Host: www.upstreamsystems.com
URL: https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.219.53 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-212-219-53.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
4a54a50c1e9109d8ae67c2649885b98d294a7c96efa44b8bd2007e3b70c53ef1

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Mon, 28 Oct 2019 20:46:51 GMT
Last-Modified
Thu, 17 Nov 2016 14:12:49 GMT
Server
Apache
ETag
"200299-9ef-5417fc8cbba40"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2543
sdm_wp_styles.css
www.upstreamsystems.com/wp-content/plugins/simple-download-monitor/css/ 		13 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.upstreamsystems.com/wp-content/plugins/simple-download-monitor/css/sdm_wp_styles.css?ver=4.7.15
Requested by
Host: www.upstreamsystems.com
URL: https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.219.53 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-212-219-53.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
962f3514c25ab850354df1446c6e76bd45df130d0c53a8fab38357a5a38b750c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Mon, 28 Oct 2019 20:46:51 GMT
Last-Modified
Tue, 30 May 2017 06:49:27 GMT
Server
Apache
ETag
"200479-3579-550b834682bc0"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13689
mediaqueries.css
www.upstreamsystems.com/wp-content/themes/upstream/css/ 		12 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.upstreamsystems.com/wp-content/themes/upstream/css/mediaqueries.css?ver=4.7.15
Requested by
Host: www.upstreamsystems.com
URL: https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.219.53 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-212-219-53.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ce2d9410d66fbc7afa4685024a9ac9721357fb127e513a446ed2313f004c5187

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Mon, 28 Oct 2019 20:46:51 GMT
Last-Modified
Wed, 04 Jul 2018 14:42:21 GMT
Server
Apache
ETag
"1e099b-2f4c-5702d70270d40"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12108
style.min.css
www.upstreamsystems.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/ 		9 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.upstreamsystems.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/style.min.css?ver=3.13.1
Requested by
Host: www.upstreamsystems.com
URL: https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.219.53 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-212-219-53.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
6a8e262abdf8959a372433c41aec9ac57f848dc1c6ed1d0bd4852fee3d32695f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Mon, 28 Oct 2019 20:46:51 GMT
Last-Modified
Thu, 17 Nov 2016 14:12:49 GMT
Server
Apache
ETag
"1e0eae-2370-5417fc8cbba40"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9072
Defaults.css
www.upstreamsystems.com/wp-content/uploads/smile_fonts/Defaults/ 		27 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.upstreamsystems.com/wp-content/uploads/smile_fonts/Defaults/Defaults.css?ver=4.7.15
Requested by
Host: www.upstreamsystems.com
URL: https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.219.53 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-212-219-53.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
4354449ab7a164ef5486d12020f3bc403b8ff104a8da73e9f9332106b86b061c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Mon, 28 Oct 2019 20:46:51 GMT
Last-Modified
Thu, 17 Nov 2016 14:12:49 GMT
Server
Apache
ETag
"1e08c4-6bf7-5417fc8cbba40"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27639
/
www.upstreamsystems.com/ 		41 B
181 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.upstreamsystems.com/?sccss=1&ver=4.7.15
Requested by
Host: www.upstreamsystems.com
URL: https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.219.53 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-212-219-53.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
7b31e694a4f197bb901a44a2a6727b45d7eef7fe1d1fa3c2234575563a5e2e94

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Mon, 28 Oct 2019 20:46:51 GMT
Server
Apache
Connection
keep-alive
Content-Length
41
Content-Type
text/css
jquery.js
www.upstreamsystems.com/wp-includes/js/jquery/ 		95 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.upstreamsystems.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by
Host: www.upstreamsystems.com
URL: https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.219.53 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-212-219-53.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Mon, 28 Oct 2019 20:46:51 GMT
Last-Modified
Thu, 05 Sep 2019 04:24:23 GMT
Server
Apache
ETag
"1a019f-17a6a-591c6b240ea46"
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
96874
jquery-migrate.min.js
www.upstreamsystems.com/wp-includes/js/jquery/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.upstreamsystems.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: www.upstreamsystems.com
URL: https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.219.53 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-212-219-53.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Mon, 28 Oct 2019 20:46:52 GMT
Last-Modified
Tue, 30 May 2017 06:47:03 GMT
Server
Apache
ETag
"1a01a6-2748-550b82bd2e7c0"
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10056
sdm_wp_scripts.js
www.upstreamsystems.com/wp-content/plugins/simple-download-monitor/js/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.upstreamsystems.com/wp-content/plugins/simple-download-monitor/js/sdm_wp_scripts.js?ver=4.7.15
Requested by
Host: www.upstreamsystems.com
URL: https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.219.53 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-212-219-53.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
d4aa2407a4de5818730beef1d2167d90631c8a31139c61f4909e27597e9ecb07

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Mon, 28 Oct 2019 20:46:52 GMT
Last-Modified
Tue, 30 May 2017 06:49:27 GMT
Server
Apache
ETag
"20046b-5c0-550b834682bc0"
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1472
modernizr-2.6.2.js
www.upstreamsystems.com/wp-content/themes/upstream/panel/scripts/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.upstreamsystems.com/wp-content/themes/upstream/panel/scripts/modernizr-2.6.2.js?ver=4.7.15
Requested by
Host: www.upstreamsystems.com
URL: https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.219.53 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-212-219-53.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
044d12b8bafd404c60fc17d525f6f89fc2acfa278dae63c686731dab15592578

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Mon, 28 Oct 2019 20:46:52 GMT
Last-Modified
Thu, 17 Nov 2016 14:12:49 GMT
Server
Apache
ETag
"1e09e3-2448-5417fc8cbba40"
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9288
logo_textual_new.png
www.upstreamsystems.com/wp-content/uploads/2016/02/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.upstreamsystems.com/wp-content/uploads/2016/02/logo_textual_new.png
Requested by
Host: www.upstreamsystems.com
URL: https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.219.53 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-212-219-53.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
3086e0cf9a1559961dce815f1476c31f0aa5eaccc09725645f9eb8d4afb98600

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Mon, 28 Oct 2019 20:46:52 GMT
Last-Modified
Thu, 17 Nov 2016 14:12:49 GMT
Server
Apache
ETag
"1e04be-1007-5417fc8cbba40"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4103
logo.png
www.upstreamsystems.com/wp-content/uploads/2013/06/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.upstreamsystems.com/wp-content/uploads/2013/06/logo.png
Requested by
Host: www.upstreamsystems.com
URL: https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.219.53 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-212-219-53.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
3086e0cf9a1559961dce815f1476c31f0aa5eaccc09725645f9eb8d4afb98600

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Mon, 28 Oct 2019 20:46:52 GMT
Last-Modified
Thu, 17 Nov 2016 14:12:49 GMT
Server
Apache
ETag
"1e066f-1007-5417fc8cbba40"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4103
Weather-TCL-Activity-v1.png
www.upstreamsystems.com/wp-content/uploads/2019/09/ 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.upstreamsystems.com/wp-content/uploads/2019/09/Weather-TCL-Activity-v1.png
Requested by
Host: www.upstreamsystems.com
URL: https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.219.53 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-212-219-53.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ac697bb1b64610f093d527c879ce2b782a62277fa328c9373c8c288aa7c3d1b3

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Mon, 28 Oct 2019 20:46:54 GMT
Last-Modified
Mon, 23 Sep 2019 09:26:31 GMT
Server
Apache
ETag
"20118b-18f82-5933503ea67ef"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
102274
owl.carousel.min.js
www.upstreamsystems.com/wp-content/plugins/showcase-visual-composer-addon/assets/js/ 		23 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.upstreamsystems.com/wp-content/plugins/showcase-visual-composer-addon/assets/js/owl.carousel.min.js?ver=1.3.3
Requested by
Host: www.upstreamsystems.com
URL: https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.219.53 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-212-219-53.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e0e2bc4e1d3ee5024c4e1aa58a6cad9aa42fc63a8c89ce18013a1c8f2b94875c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Mon, 28 Oct 2019 20:46:52 GMT
Last-Modified
Thu, 17 Nov 2016 14:12:49 GMT
Server
Apache
ETag
"200295-5d52-5417fc8cbba40"
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23890
comment-reply.min.js
www.upstreamsystems.com/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.upstreamsystems.com/wp-includes/js/comment-reply.min.js?ver=4.7.15
Requested by
Host: www.upstreamsystems.com
URL: https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.219.53 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-212-219-53.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
1b1ca0f15010e0124bd4ca481404643c88f7eda1b276e9554d0ed83fb45b7e30

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Mon, 28 Oct 2019 20:46:52 GMT
Last-Modified
Tue, 30 May 2017 06:47:03 GMT
Server
Apache
ETag
"1a00ad-436-550b82bd2e7c0"
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1078
jquery.hoverIntent.r7.min.js
www.upstreamsystems.com/wp-content/themes/upstream/panel/scripts/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.upstreamsystems.com/wp-content/themes/upstream/panel/scripts/jquery.hoverIntent.r7.min.js?ver=r7
Requested by
Host: www.upstreamsystems.com
URL: https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.219.53 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-212-219-53.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
7f684467e10dd39656c5e46ff48cc6a8cc248089a3ac26583f48f629975e48ed

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Mon, 28 Oct 2019 20:46:52 GMT
Last-Modified
Thu, 17 Nov 2016 14:12:49 GMT
Server
Apache
ETag
"1e09ce-56e-5417fc8cbba40"
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1390
superfish-1.7.2.js
www.upstreamsystems.com/wp-content/themes/upstream/panel/scripts/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.upstreamsystems.com/wp-content/themes/upstream/panel/scripts/superfish-1.7.2.js?ver=1.7.2
Requested by
Host: www.upstreamsystems.com
URL: https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.219.53 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-212-219-53.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
b84377d61e288165217a124bcd59924c19924389ddef00bec655fed5e87f6996

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Mon, 28 Oct 2019 20:46:52 GMT
Last-Modified
Thu, 17 Nov 2016 14:12:49 GMT
Server
Apache
ETag
"1e09fb-1a48-5417fc8cbba40"
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6728
jRespond.min.js
www.upstreamsystems.com/wp-content/themes/upstream/js/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.upstreamsystems.com/wp-content/themes/upstream/js/jRespond.min.js?ver=4.7.15
Requested by
Host: www.upstreamsystems.com
URL: https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.219.53 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-212-219-53.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
651fcce847d0d1628af702c528ee97bd09ddcf45566d69c26b4a0a257d0cd530

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Mon, 28 Oct 2019 20:46:52 GMT
Last-Modified
Thu, 17 Nov 2016 14:12:49 GMT
Server
Apache
ETag
"1e0966-59b-5417fc8cbba40"
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1435
jquery.jpanelmenu.min.js
www.upstreamsystems.com/wp-content/themes/upstream/js/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.upstreamsystems.com/wp-content/themes/upstream/js/jquery.jpanelmenu.min.js?ver=4.7.15
Requested by
Host: www.upstreamsystems.com
URL: https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.219.53 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-212-219-53.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
424b8d1a69e5a6f7315d125f7733baf9298f08ada3b460d6a992bf850560f81b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Mon, 28 Oct 2019 20:46:52 GMT
Last-Modified
Thu, 17 Nov 2016 14:12:49 GMT
Server
Apache
ETag
"1e0963-28b4-5417fc8cbba40"
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10420
jquery.themepunch.plugins.min.js
www.upstreamsystems.com/wp-content/themes/upstream/js/ 		32 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.upstreamsystems.com/wp-content/themes/upstream/js/jquery.themepunch.plugins.min.js?ver=4.7.15
Requested by
Host: www.upstreamsystems.com
URL: https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.219.53 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-212-219-53.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
101e4281bb8dd5a0ae29fe6369318c032bc27cd2c5366a339d003663ecf1a596

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Mon, 28 Oct 2019 20:46:53 GMT
Last-Modified
Thu, 17 Nov 2016 14:12:49 GMT
Server
Apache
ETag
"1e095e-7ff4-5417fc8cbba40"
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
32756
jquery.themepunch.revolution.min.js
www.upstreamsystems.com/wp-content/themes/upstream/js/ 		80 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.upstreamsystems.com/wp-content/themes/upstream/js/jquery.themepunch.revolution.min.js?ver=4.7.15
Requested by
Host: www.upstreamsystems.com
URL: https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.219.53 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-212-219-53.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
a736d964299c82f23d3914debaa00c821b18b80217158adbc8e34974f18126bb

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Mon, 28 Oct 2019 20:46:53 GMT
Last-Modified
Thu, 17 Nov 2016 14:12:49 GMT
Server
Apache
ETag
"1e096b-1415a-5417fc8cbba40"
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
82266
jquery.scrolltofixed-min.js
www.upstreamsystems.com/wp-content/themes/upstream/js/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.upstreamsystems.com/wp-content/themes/upstream/js/jquery.scrolltofixed-min.js?ver=4.7.15
Requested by
Host: www.upstreamsystems.com
URL: https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.219.53 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-212-219-53.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ecef7cbb8d410b03fff6198d1916ae822091acee0aa457e45e437528bb133f47

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Mon, 28 Oct 2019 20:46:53 GMT
Last-Modified
Thu, 17 Nov 2016 14:12:49 GMT
Server
Apache
ETag
"1e0960-14d7-5417fc8cbba40"
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5335
jquery.pagescroller.js
www.upstreamsystems.com/wp-content/themes/upstream/js/ 		11 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.upstreamsystems.com/wp-content/themes/upstream/js/jquery.pagescroller.js?ver=4.7.15
Requested by
Host: www.upstreamsystems.com
URL: https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.219.53 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-212-219-53.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
50ff8df40d74b4c9f526d46aa69414b34a8a2166140dfd31be691709cd52ae46

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Mon, 28 Oct 2019 20:46:53 GMT
Last-Modified
Thu, 17 Nov 2016 14:12:49 GMT
Server
Apache
ETag
"1e095c-2d4b-5417fc8cbba40"
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11595
jquery.fitvids.min.js
www.upstreamsystems.com/wp-content/themes/upstream/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.upstreamsystems.com/wp-content/themes/upstream/js/jquery.fitvids.min.js?ver=4.7.15
Requested by
Host: www.upstreamsystems.com
URL: https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.219.53 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-212-219-53.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e0ec5aad534ba75347c59e33ddcf0bfc20a66572e2aa595b079343875cc5a109

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Mon, 28 Oct 2019 20:46:53 GMT
Last-Modified
Thu, 17 Nov 2016 14:12:49 GMT
Server
Apache
ETag
"1e0968-748-5417fc8cbba40"
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1864
jquery.mousewheel.js
www.upstreamsystems.com/wp-content/themes/upstream/js/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.upstreamsystems.com/wp-content/themes/upstream/js/jquery.mousewheel.js?ver=4.7.15
Requested by
Host: www.upstreamsystems.com
URL: https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.219.53 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-212-219-53.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
db304bdc4ca554cb1618e281739ae11e3911c05b461ea521eaeb102d7c2f93a6

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Mon, 28 Oct 2019 20:46:53 GMT
Last-Modified
Thu, 17 Nov 2016 14:12:49 GMT
Server
Apache
ETag
"1e0962-961-5417fc8cbba40"
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2401
ilightbox.packed.js
www.upstreamsystems.com/wp-content/themes/upstream/js/ 		48 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.upstreamsystems.com/wp-content/themes/upstream/js/ilightbox.packed.js?ver=4.7.15
Requested by
Host: www.upstreamsystems.com
URL: https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.219.53 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-212-219-53.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
9b175c7a46e589efc0715b0e629f1ada753c34a98aae2a7cb29578040f7b57c1

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Mon, 28 Oct 2019 20:46:53 GMT
Last-Modified
Thu, 17 Nov 2016 14:12:49 GMT
Server
Apache
ETag
"1e096c-bef0-5417fc8cbba40"
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
48880
report-form.js
www.upstreamsystems.com/wp-content/themes/upstream/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.upstreamsystems.com/wp-content/themes/upstream/js/report-form.js?ver=4.7.15
Requested by
Host: www.upstreamsystems.com
URL: https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.219.53 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-212-219-53.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
9984944866e45a149b9b2707c5ed50c4c0a3162d039ce8c8ce919f097205c186

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Mon, 28 Oct 2019 20:46:53 GMT
Last-Modified
Thu, 17 Nov 2016 14:12:49 GMT
Server
Apache
ETag
"1e0961-682-5417fc8cbba40"
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1666
countUp.js
www.upstreamsystems.com/wp-content/themes/upstream/js/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.upstreamsystems.com/wp-content/themes/upstream/js/countUp.js?ver=4.7.15
Requested by
Host: www.upstreamsystems.com
URL: https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.219.53 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-212-219-53.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
4f566e8da674b93194440b9f9bd1858c5ff5171025ea944f858c1537b5f04a90

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Mon, 28 Oct 2019 20:46:53 GMT
Last-Modified
Thu, 17 Nov 2016 14:12:49 GMT
Server
Apache
ETag
"1e095b-1be3-5417fc8cbba40"
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7139
countUp-jquery.js
www.upstreamsystems.com/wp-content/themes/upstream/js/ 		933 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.upstreamsystems.com/wp-content/themes/upstream/js/countUp-jquery.js?ver=4.7.15
Requested by
Host: www.upstreamsystems.com
URL: https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.219.53 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-212-219-53.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ae35d463fd5dd978750d4246eaa7586765b147b5360df447ba060541dd646066

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Mon, 28 Oct 2019 20:46:53 GMT
Last-Modified
Thu, 17 Nov 2016 14:12:49 GMT
Server
Apache
ETag
"1e095f-3a5-5417fc8cbba40"
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
933
imagesloaded.min.js
www.upstreamsystems.com/wp-includes/js/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.upstreamsystems.com/wp-includes/js/imagesloaded.min.js?ver=3.2.0
Requested by
Host: www.upstreamsystems.com
URL: https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.219.53 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-212-219-53.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
854d677b850907cd851eac7e3f02f05a1e056f05bd5563199c5d93044ff16840

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Mon, 28 Oct 2019 20:46:54 GMT
Last-Modified
Tue, 30 May 2017 06:47:03 GMT
Server
Apache
ETag
"1a02b3-1f3a-550b82bd2e7c0"
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7994
masonry.min.js
www.upstreamsystems.com/wp-includes/js/ 		28 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.upstreamsystems.com/wp-includes/js/masonry.min.js?ver=3.3.2
Requested by
Host: www.upstreamsystems.com
URL: https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.219.53 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-212-219-53.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
3ca3e467b7d4d6b403aa4619019d9250b11449c8ee9c91c90bcbc9acdd64fea2

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Mon, 28 Oct 2019 20:46:54 GMT
Last-Modified
Tue, 30 May 2017 06:47:03 GMT
Server
Apache
ETag
"1a00d3-711a-550b82bd2e7c0"
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
28954
select2.full.min.js
www.upstreamsystems.com/wp-content/themes/upstream/js/ 		73 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.upstreamsystems.com/wp-content/themes/upstream/js/select2.full.min.js?ver=4.7.15
Requested by
Host: www.upstreamsystems.com
URL: https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.219.53 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-212-219-53.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
149b8bc61889897fb9420b347362582c8c89e62d28e1c720e8343ace08ad0986

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Mon, 28 Oct 2019 20:46:54 GMT
Last-Modified
Thu, 17 Nov 2016 14:12:49 GMT
Server
Apache
ETag
"1e0967-124fd-5417fc8cbba40"
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
75005
velocity.min.js
www.upstreamsystems.com/wp-content/themes/upstream/js/ 		36 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.upstreamsystems.com/wp-content/themes/upstream/js/velocity.min.js?ver=4.7.15
Requested by
Host: www.upstreamsystems.com
URL: https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.219.53 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-212-219-53.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
bff4c22600242a8fd53a7884a2f0b63ef81c8f6a80ea1839732e384423426116

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Mon, 28 Oct 2019 20:46:54 GMT
Last-Modified
Thu, 17 Nov 2016 14:12:49 GMT
Server
Apache
ETag
"1e096d-8ef5-5417fc8cbba40"
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
36597
scripts.js
www.upstreamsystems.com/wp-content/themes/upstream/js/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.upstreamsystems.com/wp-content/themes/upstream/js/scripts.js?ver=1.0
Requested by
Host: www.upstreamsystems.com
URL: https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.219.53 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-212-219-53.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
6f445755039eb5215abba3d63268bff288bbd517297757895dc70d24ae7e79e2

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Mon, 28 Oct 2019 20:46:54 GMT
Last-Modified
Thu, 17 Nov 2016 14:12:49 GMT
Server
Apache
ETag
"1e0969-10b3-5417fc8cbba40"
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4275
wp-embed.min.js
www.upstreamsystems.com/wp-includes/js/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.upstreamsystems.com/wp-includes/js/wp-embed.min.js?ver=4.7.15
Requested by
Host: www.upstreamsystems.com
URL: https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.219.53 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-212-219-53.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Mon, 28 Oct 2019 20:46:54 GMT
Last-Modified
Tue, 30 May 2017 06:47:03 GMT
Server
Apache
ETag
"1a02b2-576-550b82bd2e7c0"
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1398
wp-emoji-release.min.js
www.upstreamsystems.com/wp-includes/js/ 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.upstreamsystems.com/wp-includes/js/wp-emoji-release.min.js?ver=4.7.15
Requested by
Host: www.upstreamsystems.com
URL: https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.219.53 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-212-219-53.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
549bffa1c6d412e36a8eab7630e90783665ac071220b220be545478500cae0f8

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Mon, 28 Oct 2019 20:46:54 GMT
Last-Modified
Tue, 30 May 2017 06:47:03 GMT
Server
Apache
ETag
"1a00ec-2c96-550b82bd2e7c0"
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11414
gtm.js
www.googletagmanager.com/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KNM6SP
Requested by
Host: www.upstreamsystems.com
URL: https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7f01f2277d2cbe9f060243c8f743d4e2f41a7d928a67e0015f65b221f1e559d7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Mon, 28 Oct 2019 20:46:52 GMT
content-encoding
br
last-modified
Mon, 28 Oct 2019 18:00:00 GMT
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
24562
x-xss-protection
0
expires
Mon, 28 Oct 2019 20:46:52 GMT
sprites.png
www.upstreamsystems.com/wp-content/themes/upstream/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.upstreamsystems.com/wp-content/themes/upstream/images/sprites.png
Requested by
Host: www.upstreamsystems.com
URL: https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.219.53 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-212-219-53.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
784b8fc242216677c408fe505e1a4b98d5ea44184816c95c2f6928ea885d3402

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.upstreamsystems.com/wp-content/themes/upstream/style.css?ver=2.1.0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Mon, 28 Oct 2019 20:46:54 GMT
Last-Modified
Thu, 17 Nov 2016 14:12:49 GMT
Server
Apache
ETag
"1e0183-2177-5417fc8cbba40"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8567
news-version-2.jpg
www.upstreamsystems.com/wp-content/uploads/2014/12/ 		589 KB
589 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.upstreamsystems.com/wp-content/uploads/2014/12/news-version-2.jpg
Requested by
Host: www.upstreamsystems.com
URL: https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.219.53 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-212-219-53.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
a96dada81a5d6747c5ec50b609aa12b7e50007fbc3ec2f749c685aaa451d3965

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Mon, 28 Oct 2019 20:46:53 GMT
Last-Modified
Thu, 17 Nov 2016 14:12:49 GMT
Server
Apache
ETag
"1e03ea-934ea-5417fc8cbba40"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
603370
BebasNeue-webfont.woff
www.upstreamsystems.com/wp-content/themes/upstream/font/ 		11 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.upstreamsystems.com/wp-content/themes/upstream/font/BebasNeue-webfont.woff
Requested by
Host: www.upstreamsystems.com
URL: https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.219.53 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-212-219-53.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
dd360ae94b4d7230efb497196eb6b948f8afeb2e41ec8ff6113309ee971c3721

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.upstreamsystems.com/wp-content/themes/upstream/style.css?ver=2.1.0
Origin
https://www.upstreamsystems.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Mon, 28 Oct 2019 20:46:53 GMT
Last-Modified
Thu, 17 Nov 2016 14:12:49 GMT
Server
Apache
ETag
"1e0a60-2d70-5417fc8cbba40"
Content-Type
text/plain; charset=UTF-8
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11632
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNM6SP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
3163
date
Mon, 28 Oct 2019 19:54:09 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Mon, 28 Oct 2019 21:54:09 GMT
insight.min.js
sjs.bizographics.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sjs.bizographics.com/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNM6SP
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:293::3adf , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Mon, 28 Oct 2019 20:46:52 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Oct 2019 16:41:31 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=45985
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1576
uwt.js
static.ads-twitter.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNM6SP
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Mon, 28 Oct 2019 20:46:52 GMT
content-encoding
gzip
age
45203
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200
content-length
1954
x-served-by
cache-fra19120-FRA
last-modified
Tue, 23 Jan 2018 20:09:00 GMT
x-timer
S1572295613.926248,VS0,VE10
etag
"b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary
Accept-Encoding,Host
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
no-cache
accept-ranges
bytes
fbevents.js
connect.facebook.net/en_US/ 		103 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.upstreamsystems.com
URL: https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
b02eb6a63bca577aa26a3d54c450cd179dab7b63e08cb8830411bca8f853c002
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-23=":443"; ma=3600
content-length
22456
x-xss-protection
0
pragma
public
x-fb-debug
k86zA5bOas+AjYTl5hDxzWUla0drTFV0Nz5H/nAij1PVlG+/3P4+BB4wF4MtAtXUVWZ8NqGjnHkGwcvxlf73Jg==
x-fb-trip-id
1850256238
x-frame-options
DENY
date
Mon, 28 Oct 2019 20:46:52 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
133 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=13935257&t=pageview&_s=1&dl=https%3A%2F%2Fwww.upstreamsystems.com%2Freturning-rogue-weather-app-continues-mobile-ad-fraud%2F&ul=en-us&de=UTF-8&dt=Returning%20rogue%20weather%20app%20continues%20mobile%20ad%20fraud%20-%20Upstream&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YGBAgAAB~&jid=964393034&gjid=1306388712&cid=1584967590.1572295613&tid=UA-6697596-1&_gid=305655660.1572295613&gtm=2wgaa0KNM6SP&z=837687534
Requested by
Host: www.upstreamsystems.com
URL: https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Oct 2019 07:13:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1517622
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/r/ 		35 B
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-6697596-1&cid=1584967590.1572295613&jid=964393034&gjid=1306388712&_gid=305655660.1572295613&_u=YGBAgAAB~&z=1073120918
Requested by
Host: www.upstreamsystems.com
URL: https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 28 Oct 2019 20:46:52 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
1536816583283664
connect.facebook.net/signals/config/ 		280 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1536816583283664?v=2.9.5&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
aeaf9c598fa942bdad253930015c18f868eec9dbfedb64d27c5fb3f1253f24d2
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-23=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
kS9/XkZyQ5nrfMkhhqx7ghMAd1vXHQ0MTCtUup/3uK+GxFs/eIvUXUZnRIee8QjOudaG6c/rk3Su6Iv5gszDJw==
x-fb-trip-id
1850256238
x-frame-options
DENY
date
Mon, 28 Oct 2019 20:46:53 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=417626&url=https%3A%2F%2Fwww.upstreamsystems.com%2Freturning-rogue-weather-app-continues-mobile-ad-fraud%2F&time=1572295612951
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D417626%26url%3Dhttps%253A%252F%252Fwww.upstreamsystems.com%252Freturning-rogue-we...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=417626&url=https%3A%2F%2Fwww.upstreamsystems.com%2Freturning-rogue-weather-app-continues-mobile-ad-fraud%2F&time=1572295612951&liSync=true
0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=417626&url=https%3A%2F%2Fwww.upstreamsystems.com%2Freturning-rogue-weather-app-continues-mobile-ad-fraud%2F&time=1572295612951&liSync=true
Requested by
Host: www.upstreamsystems.com
URL: https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:f500:10:101::b93f:9105 , Ireland, ASN14413 (LINKEDIN - LinkedIn Corporation, US),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Mon, 28 Oct 2019 20:46:53 GMT
content-encoding
gzip
server
Play
vary
Accept-Encoding
x-li-fabric
prod-lva1
status
200
x-li-proto
http/2
x-li-pop
prod-efr5
content-type
application/javascript
content-length
20
x-li-uuid
/t6coofq0RXQ+GfmryoAAA==

Redirect headers

date
Mon, 28 Oct 2019 20:46:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
302
vary
Accept-Encoding
content-length
20
x-li-uuid
vLvynIfq0RWwNXDEhCsAAA==
server
Play
pragma
no-cache
x-li-pop
prod-tln1
x-frame-options
sameorigin
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security
max-age=2592000
x-li-fabric
prod-lva1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=417626&url=https%3A%2F%2Fwww.upstreamsystems.com%2Freturning-rogue-weather-app-continues-mobile-ad-fraud%2F&time=1572295612951&liSync=true
x-xss-protection
1; mode=block
cache-control
no-cache, no-store
content-security-policy
default-src *; connect-src 'self' static.licdn.com media.licdn.com static-exp1.licdn.com static-exp2.licdn.com media-exp1.licdn.com media-exp2.licdn.com https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob:; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' platform.linkedin.com spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
adsct
t.co/i/ 		43 B
170 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nzt95&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0
Requested by
Host: www.upstreamsystems.com
URL: https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Mon, 28 Oct 2019 20:46:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
111
pragma
no-cache
last-modified
Mon, 28 Oct 2019 20:46:53 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
776e68afac33eb85b55856951f2742e9
x-transaction
00307fe100490979
expires
Tue, 31 Mar 1981 05:00:00 GMT
/
www.facebook.com/tr/ 		44 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1536816583283664&ev=PageView&dl=https%3A%2F%2Fwww.upstreamsystems.com%2Freturning-rogue-weather-app-continues-mobile-ad-fraud%2F&rl=&if=false&ts=1572295613090&sw=1600&sh=1200&v=2.9.5&r=stable&ec=0&o=30&fbp=fb.1.1572295613089.347792318&it=1572295612947&coo=false&rqm=GET
Requested by
Host: www.upstreamsystems.com
URL: https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Mon, 28 Oct 2019 20:46:53 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-23=":443"; ma=3600
content-length
44
expires
Mon, 28 Oct 2019 20:46:53 GMT
/
www.facebook.com/tr/ 		44 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1536816583283664&ev=Microdata&dl=https%3A%2F%2Fwww.upstreamsystems.com%2Freturning-rogue-weather-app-continues-mobile-ad-fraud%2F&rl=&if=false&ts=1572295613593&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Returning%20rogue%20weather%20app%20continues%20mobile%20ad%20fraud%20-%20Upstream%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Atitle%22%3A%22Returning%20rogue%20weather%20app%20continues%20mobile%20ad%20fraud%20-%20Upstream%22%2C%22og%3Adescription%22%3A%2234%20million%20new%20suspicious%20transaction%20attempts%20in%20just%20six%20months%20by%20second%20time%20offender%20London%2C%20September%2023rd%2C%202019%C2%A0%C2%A0%E2%80%93%20A%20weather%20forecasting%20app%20from%20Chinese%20company%20TCL%20Communications%20has%20once%20again%20been%20caught%20making%20digital%20purchases%20of%20premium%20services%20without%20the%20knowledge%20of%20the%20phone%E2%80%99s%20owner.%C2%A0%20It%20is%20the%20second%20time%20the%20app%20has%20been%20exposed%20%E2%80%A6%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.upstreamsystems.com%2Freturning-rogue-weather-app-continues-mobile-ad-fraud%2F%22%2C%22og%3Asite_name%22%3A%22Upstream%22%2C%22article%3Atag%22%3A%22weather%20malicious%20apps%22%2C%22article%3Asection%22%3A%22Press%20Releases%22%2C%22article%3Apublished_time%22%3A%222019-09-23T12%3A33%3A30%2B00%3A00%22%2C%22article%3Amodified_time%22%3A%222019-10-02T17%3A02%3A09%2B00%3A00%22%2C%22og%3Aupdated_time%22%3A%222019-10-02T17%3A02%3A09%2B00%3A00%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.upstreamsystems.com%2Fwp-content%2Fuploads%2F2019%2F09%2FWeather-TCL-Activity-v1.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.5&r=stable&ec=1&o=30&fbp=fb.1.1572295613089.347792318&it=1572295612947&coo=false&es=automatic&rqm=GET
Requested by
Host: www.upstreamsystems.com
URL: https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Mon, 28 Oct 2019 20:46:53 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-23=":443"; ma=3600
content-length
44
expires
Mon, 28 Oct 2019 20:46:53 GMT
adsct
analytics.twitter.com/i/ 		31 B
263 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nzt95&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.upstreamsystems.com%2Freturning-rogue-weather-app-continues-mobile-ad-fraud%2F
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
tsa_o /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Mon, 28 Oct 2019 20:46:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
strict-transport-security
max-age=631138519
content-length
57
x-xss-protection
0
x-response-time
112
pragma
no-cache
last-modified
Mon, 28 Oct 2019 20:46:54 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
839cc40ec32ca5c2ea2936366494feea
x-transaction
007793a400c946be
expires
Tue, 31 Mar 1981 05:00:00 GMT
collect
www.google-analytics.com/ 		35 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=13935257&t=timing&_s=2&dl=https%3A%2F%2Fwww.upstreamsystems.com%2Freturning-rogue-weather-app-continues-mobile-ad-fraud%2F&ul=en-us&de=UTF-8&dt=Returning%20rogue%20weather%20app%20continues%20mobile%20ad%20fraud%20-%20Upstream&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&plt=5262&pdt=13&dns=0&rrt=871&srt=769&tcp=0&dit=5106&clt=5106&_gst=3245&_gbt=3257&_cst=3191&_cbt=3241&_u=YGBAgAAB~&jid=1521973981&gjid=1672095223&cid=1584967590.1572295613&tid=UA-6697596-1&_gid=305655660.1572295613&gtm=2wgaa0KNM6SP&z=304973101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Oct 2019 07:13:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1517624
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/r/ 		35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-6697596-1&cid=1584967590.1572295613&jid=1521973981&gjid=1672095223&_gid=305655660.1572295613&_u=YGBAgAAB~&z=567364913
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.upstreamsystems.com/returning-rogue-weather-app-continues-mobile-ad-fraud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 28 Oct 2019 20:46:54 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| _wpemojiSettings undefined| $ function| jQuery object| sdm_ajax_script object| html5 object| Modernizr function| yepnope object| dataLayer object| google_tag_manager string| GoogleAnalyticsObject function| ga string| _bizo_data_partner_id undefined| _bizo_data_partner_title undefined| _bizo_data_partner_domain undefined| _bizo_data_partner_company undefined| _bizo_data_partner_location undefined| _bizo_data_partner_employee_range undefined| _bizo_data_partner_sics undefined| _bizo_data_partner_email function| twq function| fbq function| _fbq object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| twttr function| lintrk boolean| _already_called_lintrk object| addComment function| jRespond function| revslider_showDoubleJqueryError object| pageScroller function| a string| c number| d object| e function| f object| g function| CountUp function| EventEmitter object| eventie function| imagesLoaded function| getStyleProperty function| getSize function| docReady function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry object| ThemeOption function| equalizeHeights object| jQuery11240618124641935816 object| wp object| twemoji

0 Cookies

1 Console Messages

Source Level URL
Text
console-api log URL: https://www.upstreamsystems.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
connect.facebook.net
netdna.bootstrapcdn.com
px.ads.linkedin.com
sjs.bizographics.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.linkedin.com
www.upstreamsystems.com
104.244.42.131
104.244.42.197
151.101.12.157
2001:4de0:ac19::1:b:2a
2a00:1450:4001:806::2008
2a00:1450:4001:808::200e
2a00:1450:400c:c00::9a
2a02:26f0:6c00:293::3adf
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:f500:10:101::b93f:9105
2a05:f500:11:101::b93f:9001
52.212.219.53
044d12b8bafd404c60fc17d525f6f89fc2acfa278dae63c686731dab15592578
101e4281bb8dd5a0ae29fe6369318c032bc27cd2c5366a339d003663ecf1a596
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
149b8bc61889897fb9420b347362582c8c89e62d28e1c720e8343ace08ad0986
1b1ca0f15010e0124bd4ca481404643c88f7eda1b276e9554d0ed83fb45b7e30
3083e8d3b21ddc3f0e6d65ec3580aa6edfaadca5d9737d9caa27e6a233e1ccf3
3086e0cf9a1559961dce815f1476c31f0aa5eaccc09725645f9eb8d4afb98600
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
3ca3e467b7d4d6b403aa4619019d9250b11449c8ee9c91c90bcbc9acdd64fea2
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
424b8d1a69e5a6f7315d125f7733baf9298f08ada3b460d6a992bf850560f81b
4354449ab7a164ef5486d12020f3bc403b8ff104a8da73e9f9332106b86b061c
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4a54a50c1e9109d8ae67c2649885b98d294a7c96efa44b8bd2007e3b70c53ef1
4f566e8da674b93194440b9f9bd1858c5ff5171025ea944f858c1537b5f04a90
50ff8df40d74b4c9f526d46aa69414b34a8a2166140dfd31be691709cd52ae46
549bffa1c6d412e36a8eab7630e90783665ac071220b220be545478500cae0f8
651fcce847d0d1628af702c528ee97bd09ddcf45566d69c26b4a0a257d0cd530
6a8e262abdf8959a372433c41aec9ac57f848dc1c6ed1d0bd4852fee3d32695f
6f445755039eb5215abba3d63268bff288bbd517297757895dc70d24ae7e79e2
784b8fc242216677c408fe505e1a4b98d5ea44184816c95c2f6928ea885d3402
798cd40f817461594df9d33cb10283eba0d48743168405c6d18738600cf36426
7b31e694a4f197bb901a44a2a6727b45d7eef7fe1d1fa3c2234575563a5e2e94
7f01f2277d2cbe9f060243c8f743d4e2f41a7d928a67e0015f65b221f1e559d7
7f684467e10dd39656c5e46ff48cc6a8cc248089a3ac26583f48f629975e48ed
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
854d677b850907cd851eac7e3f02f05a1e056f05bd5563199c5d93044ff16840
962f3514c25ab850354df1446c6e76bd45df130d0c53a8fab38357a5a38b750c
9984944866e45a149b9b2707c5ed50c4c0a3162d039ce8c8ce919f097205c186
9b175c7a46e589efc0715b0e629f1ada753c34a98aae2a7cb29578040f7b57c1
a736d964299c82f23d3914debaa00c821b18b80217158adbc8e34974f18126bb
a96dada81a5d6747c5ec50b609aa12b7e50007fbc3ec2f749c685aaa451d3965
aadd8d40946805c01a7364cd8ffbe8326ce0ca1747f9f53f9d5efd6952dfe8a7
ac697bb1b64610f093d527c879ce2b782a62277fa328c9373c8c288aa7c3d1b3
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae35d463fd5dd978750d4246eaa7586765b147b5360df447ba060541dd646066
aeaf9c598fa942bdad253930015c18f868eec9dbfedb64d27c5fb3f1253f24d2
b02eb6a63bca577aa26a3d54c450cd179dab7b63e08cb8830411bca8f853c002
b4413b76b47c14296ee4560269b45f22502f57542ac111d27dba693c7beca634
b84377d61e288165217a124bcd59924c19924389ddef00bec655fed5e87f6996
bff4c22600242a8fd53a7884a2f0b63ef81c8f6a80ea1839732e384423426116
c26da0fbac2e11afd246aae906b63e82f5b115b3ab35888eaac65361581552a7
ce2d9410d66fbc7afa4685024a9ac9721357fb127e513a446ed2313f004c5187
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3
cfd93c21f7a79a291e17ae0351dd1d4a4bb5acaa6a1f71da53e8088ebe63d8fc
d4aa2407a4de5818730beef1d2167d90631c8a31139c61f4909e27597e9ecb07
db304bdc4ca554cb1618e281739ae11e3911c05b461ea521eaeb102d7c2f93a6
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0
dd360ae94b4d7230efb497196eb6b948f8afeb2e41ec8ff6113309ee971c3721
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e0e2bc4e1d3ee5024c4e1aa58a6cad9aa42fc63a8c89ce18013a1c8f2b94875c
e0ec5aad534ba75347c59e33ddcf0bfc20a66572e2aa595b079343875cc5a109
e2278593554d4a530542ce1af5727d6e50130a21fb38d15850b6f67090936ea5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecef7cbb8d410b03fff6198d1916ae822091acee0aa457e45e437528bb133f47