www.zdnet.com Open in urlscan Pro
2a04:4e42:1b::444 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
Submission: On February 04 via api (February 4th 2021, 3:47:01 pm UTC) from US

Summary HTTP 277 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 39 IPs in 5 countries across 31 domains to perform 277 HTTP transactions. The main IP is 2a04:4e42:1b::444, located in Ascension Island and belongs to FASTLY, US. The main domain is www.zdnet.com.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on January 24th 2020. Valid for: a year.

This is the only time www.zdnet.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
21	2a04:4e42:1b:... 2a04:4e42:1b::444	54113 (FASTLY) (FASTLY)
6	2a04:4e42:3::444 2a04:4e42:3::444	54113 (FASTLY) (FASTLY)
6	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a02:26f0:6c0... 2a02:26f0:6c00:192::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:1901:1:c... 2600:1901:1:c36::	15169 (GOOGLE) (GOOGLE)
3	2606:4700:20:... 2606:4700:20::681a:eb9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6814:b844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	3.221.156.227 3.221.156.227	14618 (AMAZON-AES) (AMAZON-AES)
2	151.101.1.188 151.101.1.188	54113 (FASTLY) (FASTLY)
3	151.101.113.194 151.101.113.194	54113 (FASTLY) (FASTLY)
16	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	34.102.213.242 34.102.213.242	15169 (GOOGLE) (GOOGLE)
2	65.9.58.19 65.9.58.19	16509 (AMAZON-02) (AMAZON-02)
6	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	142.250.185.198 142.250.185.198	15169 (GOOGLE) (GOOGLE)
47	23.210.250.213 23.210.250.213	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a02:26f0:6c0... 2a02:26f0:6c00:2a3::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
10	34.224.144.97 34.224.144.97	14618 (AMAZON-AES) (AMAZON-AES)
7	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
28	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:1b:... 2a04:4e42:1b::645	54113 (FASTLY) (FASTLY)
1	52.212.194.196 52.212.194.196	16509 (AMAZON-02) (AMAZON-02)
2	52.215.254.97 52.215.254.97	16509 (AMAZON-02) (AMAZON-02)
1	151.101.14.110 151.101.14.110	54113 (FASTLY) (FASTLY)
2	162.247.243.146 162.247.243.146	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
1	18.194.108.62 18.194.108.62	16509 (AMAZON-02) (AMAZON-02)
6	2.16.107.33 2.16.107.33	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
15	2a00:1450:400... 2a00:1450:4001:821::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
3 6	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:1c:... 2a04:4e42:1c::444	54113 (FASTLY) (FASTLY)
1	85.14.248.72 85.14.248.72	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
23	104.108.145.172 104.108.145.172	16625 (AKAMAI-AS) (AKAMAI-AS)
1	143.204.93.117 143.204.93.117	16509 (AMAZON-02) (AMAZON-02)
24	52.205.20.149 52.205.20.149	14618 (AMAZON-AES) (AMAZON-AES)
277	39

21 2a04:4e42:1b::444 (Ascension Island)

ASN54113 (FASTLY, US)

www.zdnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zdnet2.cbsistatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cmg1.cbsistatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zdnet3.cbsistatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zdnet1.cbsistatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a04:4e42:3::444 (Ascension Island)

ASN54113 (FASTLY, US)

zdnet4.cbsistatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:6c00:192::11a6 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:1:c36:: (United States)

ASN15169 (GOOGLE, US)

open.spotify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:eb9 (United States)

ASN13335 (CLOUDFLARENET, US)

static.myfinance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.myfinance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.221.156.227 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-221-156-227.compute-1.amazonaws.com

a.myfidevs.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.188 (United States)

ASN54113 (FASTLY, US)

at.cbsi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.113.194 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

confiant-integrations.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.213.242 (United States)

ASN15169 (GOOGLE, US)
PTR: 242.213.102.34.bc.googleusercontent.com

urs.zdnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.58.19 (Seattle, United States)

ASN16509 (AMAZON-02, US)

cdn.cohesionapps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 23.210.250.213 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-250-213.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:2a3::11a6 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

364bf52c.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
685b391d.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 34.224.144.97 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-224-144-97.compute-1.amazonaws.com

make.cohesionapps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

b0e95de8a43c5af9d2065ccae6acb938.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a6ad4cd7075bd7b9cf8d04ff410873ae.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::645 (Ascension Island)

ASN54113 (FASTLY, US)

vidtech.cbsinteractive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.194.196 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-194-196.eu-west-1.compute.amazonaws.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.215.254.97 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-254-97.eu-west-1.compute.amazonaws.com

geo.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.243.146 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.194.108.62 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-108-62.eu-central-1.compute.amazonaws.com

www.summerhamster.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.16.107.33 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-107-33.deploy.static.akamaitechnologies.com

clipcentric-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:821::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:1c::444 (Ascension Island)

ASN54113 (FASTLY, US)

rev.cbsi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.14.248.72 (Cologne, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 104.108.145.172 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-145-172.deploy.static.akamaitechnologies.com

cbsdfp5832910442.s.moatpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.93.117 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-93-117.fra50.r.cloudfront.net

ad.clipcentric.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 52.205.20.149 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-20-149.compute-1.amazonaws.com

tr.clipcentric.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	moatads.com z.moatads.com mb.moatads.com geo.moatads.com px.moatads.com	520 KB
39	googlesyndication.com b0e95de8a43c5af9d2065ccae6acb938.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com a6ad4cd7075bd7b9cf8d04ff410873ae.safeframe.googlesyndication.com	242 KB
25	clipcentric.com ad.clipcentric.com tr.clipcentric.com	3 KB
24	cbsistatic.com zdnet4.cbsistatic.com zdnet2.cbsistatic.com cmg1.cbsistatic.com zdnet3.cbsistatic.com zdnet1.cbsistatic.com	606 KB
23	moatpixel.com cbsdfp5832910442.s.moatpixel.com	9 KB
20	doubleclick.net securepubads.g.doubleclick.net ad.doubleclick.net googleads.g.doubleclick.net	267 KB
15	ampproject.org cdn.ampproject.org	291 KB
12	cohesionapps.com cdn.cohesionapps.com make.cohesionapps.com	17 KB
8	google.com 3 redirects adservice.google.com www.google.com	1 KB
7	googletagservices.com www.googletagservices.com	206 KB
6	akamaihd.net clipcentric-a.akamaihd.net	1 MB
6	twitter.com platform.twitter.com	31 KB
6	cookielaw.org cdn.cookielaw.org	107 KB
4	gstatic.com fonts.gstatic.com	44 KB
4	googleapis.com fonts.googleapis.com	3 KB
4	cbsi.com at.cbsi.com rev.cbsi.com	9 KB
4	zdnet.com www.zdnet.com urs.zdnet.com	195 KB
3	fastly.net confiant-integrations.global.ssl.fastly.net	116 KB
3	myfinance.com static.myfinance.com www.myfinance.com	58 KB
3	go-mpulse.net c.go-mpulse.net	52 KB
2	nr-data.net bam-cell.nr-data.net	1 KB
2	akstat.io 364bf52c.akstat.io 685b391d.akstat.io	555 B
2	myfidevs.io a.myfidevs.io	162 B
1	google.de adservice.google.de	803 B
1	exactag.com m.exactag.com	1 KB
1	summerhamster.com www.summerhamster.com	182 B
1	newrelic.com js-agent.newrelic.com	11 KB
1	cbsinteractive.com vidtech.cbsinteractive.com	281 KB
1	google.ch adservice.google.ch	803 B
1	onetrust.com geolocation.onetrust.com	522 B
1	spotify.com open.spotify.com
277	31

	Domain	Requested by
42	px.moatads.com	www.zdnet.com
28	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.zdnet.com confiant-integrations.global.ssl.fastly.net cdn.ampproject.org tpc.googlesyndication.com
24	tr.clipcentric.com	www.zdnet.com
23	cbsdfp5832910442.s.moatpixel.com
16	securepubads.g.doubleclick.net	zdnet3.cbsistatic.com securepubads.g.doubleclick.net www.zdnet.com www.googletagservices.com
15	cdn.ampproject.org	confiant-integrations.global.ssl.fastly.net
10	make.cohesionapps.com	cdn.cohesionapps.com
7	pagead2.googlesyndication.com	securepubads.g.doubleclick.net www.googletagservices.com
7	www.googletagservices.com	www.zdnet.com securepubads.g.doubleclick.net rev.cbsi.com
7	zdnet3.cbsistatic.com	www.zdnet.com zdnet4.cbsistatic.com zdnet2.cbsistatic.com zdnet3.cbsistatic.com
6	www.google.com	3 redirects www.zdnet.com
6	clipcentric-a.akamaihd.net	www.zdnet.com clipcentric-a.akamaihd.net
6	platform.twitter.com	cdn.cookielaw.org platform.twitter.com
6	cdn.cookielaw.org	www.zdnet.com cdn.cookielaw.org
6	zdnet2.cbsistatic.com	www.zdnet.com zdnet3.cbsistatic.com
6	zdnet4.cbsistatic.com	www.zdnet.com zdnet4.cbsistatic.com zdnet2.cbsistatic.com zdnet3.cbsistatic.com
5	z.moatads.com	zdnet3.cbsistatic.com www.zdnet.com securepubads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
4	fonts.googleapis.com	confiant-integrations.global.ssl.fastly.net
4	zdnet1.cbsistatic.com	www.zdnet.com zdnet4.cbsistatic.com zdnet2.cbsistatic.com
3	googleads.g.doubleclick.net
3	b0e95de8a43c5af9d2065ccae6acb938.safeframe.googlesyndication.com	securepubads.g.doubleclick.net confiant-integrations.global.ssl.fastly.net
3	confiant-integrations.global.ssl.fastly.net	zdnet3.cbsistatic.com confiant-integrations.global.ssl.fastly.net
3	c.go-mpulse.net	www.zdnet.com c.go-mpulse.net zdnet1.cbsistatic.com
3	www.zdnet.com	zdnet3.cbsistatic.com
2	rev.cbsi.com	www.zdnet.com
2	bam-cell.nr-data.net	js-agent.newrelic.com
2	geo.moatads.com	z.moatads.com
2	adservice.google.com	securepubads.g.doubleclick.net
2	cdn.cohesionapps.com	www.zdnet.com cdn.cohesionapps.com
2	at.cbsi.com	zdnet3.cbsistatic.com
2	a.myfidevs.io	static.myfinance.com
2	static.myfinance.com	www.zdnet.com
1	685b391d.akstat.io	c.go-mpulse.net
1	a6ad4cd7075bd7b9cf8d04ff410873ae.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	ad.clipcentric.com	clipcentric-a.akamaihd.net
1	m.exactag.com	www.zdnet.com
1	www.summerhamster.com
1	js-agent.newrelic.com	www.zdnet.com
1	mb.moatads.com	z.moatads.com
1	vidtech.cbsinteractive.com	zdnet2.cbsistatic.com
1	adservice.google.ch	securepubads.g.doubleclick.net
1	364bf52c.akstat.io	zdnet1.cbsistatic.com
1	ad.doubleclick.net	www.zdnet.com
1	urs.zdnet.com	zdnet2.cbsistatic.com
1	www.myfinance.com	static.myfinance.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	open.spotify.com	www.zdnet.com
1	cmg1.cbsistatic.com	www.zdnet.com
277	50

This site contains links to these domains. Also see Links.

Domain
www.zdnet.fr
www.zdnet.de
www.zdnet.co.kr
japan.zdnet.com
www.techrepublic.com
downloads.zdnet.com
chromereleases.googleblog.com
www.microsoft.com
www.youtube.com
redventures.com
www.facebook.com
twitter.com
www.linkedin.com
narratives.zdnet.com
privacyportal.onetrust.com
cbsi.secure.force.com
academy.zdnet.com
onetrust.com

Subject Issuer	Validity	Valid
*.zdnet.com DigiCert SHA2 High Assurance Server CA	`2020-01-24` - `2021-06-18`	a year	crt.sh
*.cbsistatic.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-22` - `2022-01-25`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
akstat.io DigiCert Secure Site ECC CA-1	`2020-05-06` - `2021-08-05`	a year	crt.sh
*.spotify.com DigiCert SHA2 Secure Server CA	`2020-06-23` - `2021-09-02`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-19` - `2021-07-19`	a year	crt.sh
*.onetrust.com DigiCert SHA2 Secure Server CA	`2020-05-21` - `2022-07-27`	2 years	crt.sh
*.myfidevs.io Amazon	`2021-01-06` - `2022-02-04`	a year	crt.sh
*.freetls.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-04-21` - `2021-04-22`	a year	crt.sh
*.at.cbsi.com DigiCert SHA2 High Assurance Server CA	`2019-12-17` - `2021-12-21`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
cdn.cohesionapps.com Amazon	`2021-01-17` - `2022-02-14`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh
make.cohesionapps.com Amazon	`2021-01-24` - `2022-02-21`	a year	crt.sh
*.google.ch GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
vidtech.cbsinteractive.com Sectigo RSA Organization Validation Secure Server CA	`2020-11-17` - `2021-11-17`	a year	crt.sh
*.moatads.com DigiCert SHA2 Secure Server CA	`2019-03-12` - `2021-06-10`	2 years	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-12-28` - `2021-05-07`	4 months	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
*.summerhamster.com R3	`2020-12-31` - `2021-03-31`	3 months	crt.sh
aka.clipcentric.com R3	`2020-12-05` - `2021-03-05`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
rev.cbsi.com DigiCert SHA2 High Assurance Server CA	`2020-04-22` - `2022-04-27`	2 years	crt.sh
*.exactag.com Sectigo ECC Domain Validation Secure Server CA	`2019-08-28` - `2021-09-13`	2 years	crt.sh
clipcentric.com Amazon	`2020-03-05` - `2021-04-05`	a year	crt.sh
*.google.de GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh

This page contains 21 frames:

Primary Page: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
Frame ID: 8C02986E5DE093D5EDCD6C016767116E
Requests: 147 HTTP requests in this frame

Frame: https://c.go-mpulse.net/boomerang/YZ2TK-PC7PJ-K64DL-L53CR-P2G4E
Frame ID: C855D704283B8E13E57DAFF12900444E
Requests: 2 HTTP requests in this frame

Frame: https://open.spotify.com/embed-podcast/episode/67MN69BePw5NMiBI3HIfLf
Frame ID: E67CDA40A6FB3B366577BFEE6771AFFB
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html?origin=https%3A%2F%2Fwww.zdnet.com
Frame ID: 1F44AA4DA0023E813CB846194C5F74DC
Requests: 1 HTTP requests in this frame

Frame: https://cdn.cohesionapps.com/cohesion/xs1.html
Frame ID: A55F3349DD4C4B34FA20ED68D7FEA76B
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/index.html?creatorScreenName=ZDNet&dnt=false&embedId=twitter-widget-0&frame=false&hideCard=false&hideThread=false&id=1356955218169241607&lang=en&origin=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&siteScreenName=ZDNet&theme=light&widgetsVersion=ed20a2b%3A1601588405575&width=550px
Frame ID: EE054CEF34B10F717B801FAB511F897D
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/index.html?creatorScreenName=ZDNet&dnt=false&embedId=twitter-widget-1&frame=false&hideCard=false&hideThread=false&id=1356964509727002624&lang=en&origin=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&siteScreenName=ZDNet&theme=light&widgetsVersion=ed20a2b%3A1601588405575&width=550px
Frame ID: 6E58BA891EA5431CA32EB4F132C09A99
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/index.html?creatorScreenName=ZDNet&dnt=false&embedId=twitter-widget-2&frame=false&hideCard=false&hideThread=false&id=1356940218138509312&lang=en&origin=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&siteScreenName=ZDNet&theme=light&widgetsVersion=ed20a2b%3A1601588405575&width=550px
Frame ID: CC840E028F50BDD4EDEB6A92A1668E11
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst25bDBVV7MZ0oPwOHiYw-cuGleTfo3FRX1B3VXMOW0_ZYZVnhBGPykGIZn_nP3FOHeAVTkFQD8s9iNywO1MtFmLuFnkfrZOCcxGIuSRWnDWWgtr1Blo_StirwztHNYFL2vdaokU_rI9AoFhASOm-aFwgzP1zEc-mGaZF1zCzKRW99cW1ZgDUutQdCSqj_ZcrSR5TNFdlwrT9cWR3mAxTNGgLELT8ywcA7CtdhSSqxJ46l0a6TadTrMk6tbUC-HCEgrB3fD_CW3eDvnI_b0vaKAnWpe7im3oDpKDG7lDY-aPMKdKemAhBKFFKuqLRZm&sig=Cg0ArKJSzBn8cNMJF6RJEAE&urlfix=1&adurl=
Frame ID: 435BD8A6E99CA227EBD6EA2D83DDFA9C
Requests: 37 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/022010270040000/amp4ads-v0.mjs
Frame ID: D6DB33C67F985014E7C6AFB5E48A39DE
Requests: 22 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/022010270040000/amp4ads-v0.mjs
Frame ID: 8FAEC3479B652EA8DE6D6A0B688E10A9
Requests: 16 HTTP requests in this frame

Frame: https://b0e95de8a43c5af9d2065ccae6acb938.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 2E4FF3C49024C316CA6B6CC0D37EA0F8
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstKowzkFEDlhlqWBwXNQHZJWiN_wMQy4z3JCuI60Q8JEF-7g-UHBjccaIq0Bluf2jTj1yxGCyQ8zGLSkW8Patidx7WT_LofKOPRDt4bRU9hmy4qp04wRkL8cGZIfHgtjIg4VsYEYkqxDVLGhtTCkKwcnvIe9pWXBNzq2WRHhndUxScqYXkMcFrNF-jB_mWEVXqyWcfhwizu2mvTxMpmdrbphPrVu6xOgGj0zQtf3HUO5lHBFA1JAnjDIvuszPhgXmYOKogMquh4Zuf4ACzv7_DjpAxQFeRZlPgb3BA8fcYVfw&sig=Cg0ArKJSzN3t2ew3ZuirEAE&urlfix=1&adurl=
Frame ID: DD70CAB9FA534A900F009A93427636D7
Requests: 16 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/022010270040000/amp4ads-v0.mjs
Frame ID: 823717B34D79DD4CD40B15B3C1000003
Requests: 22 HTTP requests in this frame

Frame: https://b0e95de8a43c5af9d2065ccae6acb938.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: DDC5DED1143693D9CC38278AE4D0BFA1
Requests: 1 HTTP requests in this frame

Frame: https://ad.clipcentric.com/user-9/resources/store.phtml?v200530
Frame ID: 6317491C55CC376A448AD4FC32CD01B5
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 8268F346E99FE71B1586D08E34A8DE4E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 3C7D97FDB99BA5ED8B39A04F837C5885
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssDgqCmqnYUlWNGEQ7EjrXqCyRHoHqIj5sAGhoKKIpNXpT6VqCr0EeneS2Zd2c6gAqWxUAecJOJjPpWvpsw3qf6ZjdhQlfAJw0PyR6tERhi3DGwIEfoYr8v0dlwbuM_sZUQ41d_TUdbZ84b4W45cmb8YubhGMEr0qpB0XEkWrO6gS6dG_x0K1O4eo1BpJeO5xVMK_MvA2AnI0xNPDM35ybksMZ1h5okBb99CBJO2spvXolZ42mfMrHLaP19vFqFxy4MTRWc4JvBZCtlNhC3OxwRaU8bpRSheBb3FtoVZEbx1Q&sig=Cg0ArKJSzAttEDWIVMMWEAE&urlfix=1&adurl=
Frame ID: CD0A3DE1355A914937BBE37A32F0A98C
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsup9pTztM0AAwhz5T-EoG2CXHFaYU-UaGaf81upwSgMInk3t7gJDn_94lKl-J7Z_id_NQAE6nDQVtC6uHPwIIxXIqw5fZeYvzAmb1y6CXaq1Uap8JjV9pGEBzZ0abpGjhYT1ZA30R6KPxypXB-igDs4rjFNa8da7YZTUWLk0rzBCo-gwW2THBRE-15FQEnMduW5oVyORDG4B-NNpkZrQcrP7g0wZlZp1kBf3Y245FvSK7yY2AG9lMu9drm5uAi6zI05dBp-doJ3iXdzg70t8x02RiKGzxpE7RVD_heSsN3vww&sig=Cg0ArKJSzC3vPBFuaLCsEAE&urlfix=1&adurl=
Frame ID: 33A1297C64F43478B78581F9ED63F112
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 081FEE152204FBA00376A658DF2177A4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

277
Requests

100 %
HTTPS

50 %
IPv6

31
Domains

50
Subdomains

39
IPs

5
Countries

4450 kB
Transfer

10606 kB
Size

24
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: http://www.zdnet.fr/
Title: ZDNet France

Search URL Search Domain Scan URL

URL: http://www.zdnet.de/
Title: ZDNet Germany

Search URL Search Domain Scan URL

URL: http://www.zdnet.co.kr/
Title: ZDNet Korea

Search URL Search Domain Scan URL

URL: http://japan.zdnet.com/
Title: ZDNet Japan

Search URL Search Domain Scan URL

URL: https://www.techrepublic.com/resource-library/whitepapers/
Title: White Papers

Search URL Search Domain Scan URL

URL: https://downloads.zdnet.com/
Title: Downloads

Search URL Search Domain Scan URL

URL: https://www.techrepublic.com/forums/
Title: TechRepublic Forums

Search URL Search Domain Scan URL

URL: https://chromereleases.googleblog.com/2021/02/stable-channel-update-for-desktop.html
Title: Google Chrome 88.0.4324.146

Search URL Search Domain Scan URL

URL: http://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=Backdoor:PHP/Funvalget.A&ThreatID=2147761529
Title: PHP/Funvalget.A

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=WNcbycvyLws
Title: How ransomware could get even more disruptive in 2021 (ZDNet YouTube)

Search URL Search Domain Scan URL

URL: https://www.techrepublic.com/article/homebrew-how-to-install-post-exploitation-tools-on-macos/?ftag=CMG-01-10aaa1b
Title: Homebrew: How to install post-exploitation tools on macOS (TechRepublic)

Search URL Search Domain Scan URL

URL: https://redventures.com/CMG-terms-of-use.html
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://redventures.com/privacy-policy.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ZDNet/
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/zdnet
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/zdnet-com
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCr9QWb5RKLfaunjKHJZAdQQ
Title:

Search URL Search Domain Scan URL

URL: http://narratives.zdnet.com/
Title: Sponsored Narratives

Search URL Search Domain Scan URL

URL: https://privacyportal.onetrust.com/webform/79ba7c84-ebc2-4740-8d11-bf1cc4501e59/ae88e03f-2b16-4276-9980-27124ba4b2c1
Title: Do Not Sell My Information

Search URL Search Domain Scan URL

URL: https://cbsi.secure.force.com/CBSi/knowledgehome?referer=zdnet.com
Title: Site Assistance

Search URL Search Domain Scan URL

URL: https://academy.zdnet.com/
Title: ZDNet Academy

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 154

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 191

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 192

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

277 HTTP transactions
13 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/ 502 KB
143 KB 131ms
116ms Document
text/html 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f994c73e277a27cd234c2e1f00fd992f1626a276c0779671edd5657c1b30adf7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .zdnet.com .ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.zdnet.com
:scheme: https
:path: /article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-encoding: gzip
content-security-policy: frame-ancestors 'self' *.zdnet.com *.ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
content-type: text/html; charset=UTF-8
expect-ct: max-age=0, report-uri="https://7a8f8748a40805618a61b617481a6ebc.report-uri.com/r/d/ct/reportOnly"
last-modified: Thu, 04 Feb 2021 15:42:18 GMT
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-tx-id: f2185c4c-1048-473f-a4a0-f67fadfd63c7
x-xss-protection: 1; mode=block
date: Thu, 04 Feb 2021 15:46:37 GMT
cache-control: max-age=5400, private
expires: Thu, 04 Feb 2021 17:12:18 GMT
set-cookie: fly_geo={"countryCode": "de"}; max-age=604800; path=/; domain=.zdnet.com; Secure; fly_device=desktop; max-age=604800; path=/; domain=.zdnet.com; Secure; fly_preferred_edition=eu; path=/; domain=.zdnet.com; Secure; fly_default_edition=eu; path=/; domain=.zdnet.com; Secure;
vary: Accept-Encoding, User-Agent
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 145565

GET
H2 200 main-ec150deb74-rev.css
zdnet4.cbsistatic.com/fly/css/core/ 352 KB
59 KB 32ms
8ms Stylesheet
text/css 2a04:4e42:3::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet4.cbsistatic.com/fly/css/core/main-ec150deb74-rev.css

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

5baed5248c9dec0518095be43727171579492c181b3ef3c75a707884cef037b2

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18296
vary: Accept-Encoding, Accept
content-length: 59534
x-xss-protection: 1; mode=block
last-modified: Thu, 04 Feb 2021 10:40:35 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "d826bb449ee3f8af0ae7ebfddc35975c"
strict-transport-security: max-age=31536000
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Feb 2021 10:41:40 GMT

GET
H2 200 controls-ed933e60c5-rev.css
zdnet2.cbsistatic.com/fly/css/video/htmlPlayerControls/ 19 KB
4 KB 23ms
7ms Stylesheet
text/css 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet2.cbsistatic.com/fly/css/video/htmlPlayerControls/controls-ed933e60c5-rev.css

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

088a2bd1eceaf52ee1148e164370cbf7adabb0fd9fbbf6d7400ae6024b5de52e

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18297
vary: Accept-Encoding, Accept
content-length: 3957
x-xss-protection: 1; mode=block
last-modified: Thu, 04 Feb 2021 10:40:37 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "46794529add7329a7914dafe07f65ef7"
strict-transport-security: max-age=31536000
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Feb 2021 10:41:40 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 13 KB
5 KB 29ms
14ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd4b42f7c8ddeeedbc0e556a5da8b647fd08c56a2ac3540b1e5a6d9342ba5c4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 04 Feb 2021 15:46:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: XGEj0K3rTilYfgfnFZGB2g==
age: 2180
vary: Accept-Encoding
content-length: 4211
cf-request-id: 080f526985000097aec1182000000001
x-ms-lease-status: unlocked
last-modified: Thu, 28 Jan 2021 07:37:57 GMT
server: cloudflare
etag: 0x8D8C35FA1761C2B
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 89c4d4e9-301e-0099-5a55-f55724000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 61c58688dbdd97ae-FRA

GET
H2 200 optanon-v1.1.0.js Show response
cmg1.cbsistatic.com/privacy/optanon/ 36 KB
36 KB 7ms
6ms Script
text/javascript 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cmg1.cbsistatic.com/privacy/optanon/optanon-v1.1.0.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

a0a97a5a7dc2b30e9a76ff211332f36d435293c19ed91ca1ad6a66adc1dc50cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=900
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:37 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 05 Nov 2020 17:51:25 GMT
server: ContentServer
age: 7854317
etag: "46e2aa30cbebb708b5fc468d57d56d8b"
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: public, max-age=604800
x-content-type-options: nosniff
strict-transport-security: max-age=900
accept-ranges: bytes
content-length: 36582
x-xss-protection: 1; mode=block
expires: Thu, 05 Nov 2020 19:01:20 GMT

GET
H2 200 catalin-cimpanu.jpg
zdnet3.cbsistatic.com/hub/i/r/2018/08/21/a59867e9-8d75-40af-a87c-690638f8afa4/thumbnail/40x40/e9e4d21a35e101b1402c656cf979114c/ 909 B
1 KB 10ms
8ms Image
image/jpeg 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet3.cbsistatic.com/hub/i/r/2018/08/21/a59867e9-8d75-40af-a87c-690638f8afa4/thumbnail/40x40/e9e4d21a35e101b1402c656cf979114c/catalin-cimpanu.jpg

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

7cd54b3c177c3f63dd51c2dae4ef7ca4e3cd938c1afb60e4b4e9d78df952ac75

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:37 GMT
x-content-type-options: nosniff
age: 1244181
vary: Accept-Encoding, Accept
content-length: 909
x-xss-protection: 1; mode=block
last-modified: Fri, 21 Aug 2020 16:49:51 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"eea6e0b6dedefcdd0e40680af3f9f5c0"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Mar 2021 07:00:17 GMT

GET
H2 200 defender-atp-chrome-backdoor.png
zdnet1.cbsistatic.com/hub/i/2021/02/03/82ee7b17-9099-4254-9269-bd515ca87110/ 59 KB
60 KB 11ms
9ms Image
image/png 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet1.cbsistatic.com/hub/i/2021/02/03/82ee7b17-9099-4254-9269-bd515ca87110/defender-atp-chrome-backdoor.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

2ebfb85493384515f05a653fb626cb7d64cb0d810d63a3d7d11b5f0f1b783a78

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:37 GMT
x-content-type-options: nosniff
x-goog-meta-imagewidth: 1000
age: 90019
x-goog-meta-imageheight: 415
x-goog-meta-imageformat: png
vary: Accept-Encoding, Accept
content-length: 60803
x-xss-protection: 1; mode=block
last-modified: Wed, 03 Feb 2021 14:13:05 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"69e3484bff639ec63e502f78ae16c436"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
x-goog-meta-contentlength: 60803
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Apr 2021 14:45:46 GMT

GET
H2 200 require-2.1.2.js Show response
zdnet2.cbsistatic.com/fly/js/libs/ 16 KB
6 KB 10ms
10ms Script
application/javascript 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet2.cbsistatic.com/fly/js/libs/require-2.1.2.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

a70d5b9ad136255942779acf94da5cc72316fde5c10c5e7707d6f1888f43dcb8

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191273
vary: Accept-Encoding, Accept
content-length: 6169
x-xss-protection: 1; mode=block
last-modified: Fri, 29 Jan 2021 14:23:42 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "2a20ffe66fb6d129cbf2f13b19f1883a"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Feb 2021 10:38:44 GMT

GET
H/1.1 200
OK YZ2TK-PC7PJ-K64DL-L53CR-P2G4E Show response
c.go-mpulse.net/boomerang/ Frame C855 205 KB
50 KB 26ms
11ms Script
application/javascript 2a02:26f0:6c00:192::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/boomerang/YZ2TK-PC7PJ-K64DL-L53CR-P2G4E
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:192::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Resource Optimizer /
Resource Hash: 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 15:46:37 GMT
Content-Encoding: br
Last-Modified: Wed, 06 Jan 2021 23:07:27 GMT
Server: Akamai Resource Optimizer
Vary: Accept-Encoding
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800, s-maxage=604800
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 50393

GET
DATA 200
OK truncated
/ 31 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f3e2e0f12c5badfe408d69bf6c0fa9ce6247f9a45c849851a53b8647637cfcd0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfd272053c730cd470302af475eb401d9be41c81f0081c20d7910f6c12732c9d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95783bf43b78701a92daf5ec7268db97c7144599c774821126b8cc5396724bfa

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 917 B
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2fe67ecc4354b214728e0a7d75b67536a78f6b575080b589d54a1937fc46b41

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1724d7fd70903754d6f29172f2ac879dc6dab79df6c4c78ed06f45c0f117e15c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ceffb891c3e1891757ead2e7e41497adc13abca0d14d7f58d20e3aa8d5aee108

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c0ccb11374e2374cb7a52c792ffe07d9203d28d4ad97623bcf27bc58d2513f9

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 67MN69BePw5NMiBI3HIfLf
open.spotify.com/embed-podcast/episode/ Frame E67C 0
0 422ms
405ms Document
text/html 2600:1901:1:c36::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://open.spotify.com/embed-podcast/episode/67MN69BePw5NMiBI3HIfLf

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:1:c36:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: open.spotify.com
:scheme: https
:path: /embed-podcast/episode/67MN69BePw5NMiBI3HIfLf
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/

Response headers

server: envoy
date: Thu, 04 Feb 2021 15:46:38 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
spotify-request-id: a12a3fd6-ab9f-451f-b967-6a5dcea78a5d
set-cookie: sp_t=f7bd514668e9830d780181b34937c740; path=/; expires=Mon, 05 Apr 2021 15:46:37 GMT; domain=.spotify.com; samesite=none; secure sp_landing=https%3A%2F%2Fopen.spotify.com%2Fembed-podcast%2Fepisode%2F67MN69BePw5NMiBI3HIfLf; path=/; expires=Fri, 05 Feb 2021 15:46:37 GMT; domain=.spotify.com; samesite=none; secure; httponly
content-encoding: br
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: clear

GET
H2 200 mag-white01.png
zdnet1.cbsistatic.com/fly/1612434968-asset/bundles/zdnetcss/images/core/ 1 KB
1 KB 7ms
6ms Image
image/png 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet1.cbsistatic.com/fly/1612434968-asset/bundles/zdnetcss/images/core/mag-white01.png

Requested by

Host: zdnet4.cbsistatic.com
URL: https://zdnet4.cbsistatic.com/fly/css/core/main-ec150deb74-rev.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

69721aa2f1085046c84d1943a1daa0515be8e2f060c21063024ea117789e425c

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://zdnet4.cbsistatic.com/fly/css/core/main-ec150deb74-rev.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:37 GMT
x-content-type-options: nosniff
age: 18296
vary: Accept-Encoding, Accept
content-length: 1265
x-xss-protection: 1; mode=block
last-modified: Thu, 04 Feb 2021 09:57:06 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Feb 2021 09:57:58 GMT

GET
H2 200 Semibold.woff2
zdnet4.cbsistatic.com/bundles/zdnetcss/fonts/Proxima%20Nova/ 20 KB
20 KB 21ms
7ms Font
font/woff2 2a04:4e42:3::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet4.cbsistatic.com/bundles/zdnetcss/fonts/Proxima%20Nova/Semibold.woff2

Requested by

Host: zdnet4.cbsistatic.com
URL: https://zdnet4.cbsistatic.com/fly/css/core/main-ec150deb74-rev.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

21c9c7889404394d4e4c780022b56b5fa39e83b19c34eb0508561a115a1dcc6a

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.zdnet.com
Referer: https://zdnet4.cbsistatic.com/fly/css/core/main-ec150deb74-rev.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:37 GMT
x-content-type-options: nosniff
age: 29641597
vary: Accept-Encoding, Accept
content-length: 20344
x-xss-protection: 1; mode=block
last-modified: Thu, 27 Feb 2020 13:35:38 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "5e57c5aa-4f78"
strict-transport-security: max-age=31536000
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
gcstest: false
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Feb 2021 13:59:59 GMT

GET
H2 200 Regular.woff2
zdnet4.cbsistatic.com/bundles/zdnetcss/fonts/Proxima%20Nova/ 20 KB
20 KB 21ms
7ms Font
font/woff2 2a04:4e42:3::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet4.cbsistatic.com/bundles/zdnetcss/fonts/Proxima%20Nova/Regular.woff2

Requested by

Host: zdnet4.cbsistatic.com
URL: https://zdnet4.cbsistatic.com/fly/css/core/main-ec150deb74-rev.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

7fa1c7b1686f9f116183456c39f7b3ed9cce063cfb428e575fe4a29ae05c4fa6

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.zdnet.com
Referer: https://zdnet4.cbsistatic.com/fly/css/core/main-ec150deb74-rev.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:37 GMT
x-content-type-options: nosniff
age: 9101182
vary: Accept-Encoding, Accept
content-length: 20256
x-xss-protection: 1; mode=block
last-modified: Wed, 07 Oct 2020 09:28:08 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "2d636d9395b2da27ce67040250333ca4"
strict-transport-security: max-age=31536000
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
expires: Fri, 22 Oct 2021 07:34:28 GMT

GET
H2 200 myFinance.js Show response
static.myfinance.com/widget/ 177 KB
54 KB 51ms
26ms Script
application/javascript 2606:4700:20::681a:eb9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.myfinance.com/widget/myFinance.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:eb9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9cee759387f3f1d640b597ec5650ee5fd065b3bda07ebca0ed51cb4eaf974861

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2107
strict-transport-security: max-age=15552000
x-amz-request-id: ACBE5DD540C13605
x-amz-id-2: ss79Xs0t2n1Ll6puyQFOBL46hBMkRTI/WiluT1zfwAF88MPn5NsvbBLp+HdtL+oJSUIQvzJYBDA=
last-modified: Thu, 28 Jan 2021 15:57:21 GMT
server: cloudflare
etag: W/"d2069df4432bc425b07cac51fd91c7e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Iz4%2BO6xnw9E42rPoDbxk7%2F3Ldo4ySmNSCa3F%2FMWVfcmUhl71c7CvEJu8eZ0fmB2nqihUkNJ3yB2BK%2Fnsbc%2BQSDtFTAefBQR4mtTjdQcqi%2FnAI0xDlhwnZd%2FtKDuaiHqMsA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-request-id: 080f526a3f00000eb3492fe000000001
cf-ray: 61c58689fec50eb3-FRA

GET
H2 200 myFinance.css
static.myfinance.com/widget/ 4 KB
2 KB 49ms
24ms Stylesheet
text/css 2606:4700:20::681a:eb9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.myfinance.com/widget/myFinance.css

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:eb9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

431817fa21d4c16dc23ff06237191f5c72b9f960d6f3231f7898be40c34cdd2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2110
strict-transport-security: max-age=15552000
x-amz-request-id: AJ8HFSER7TEZ4N0Y
x-amz-id-2: lbV+umHFklSbFl2EIVQeGkpVrCWP+OYSRCEJXV6ufKAPMP1ien8Kav5Nw4JcsocQaO2Hd1I7/Xo=
last-modified: Mon, 27 Jan 2020 15:45:18 GMT
server: cloudflare
etag: W/"343cb2ab0257e64730be244a8662b4f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=faaYG5hg5Mr7eAsAel2pYAuaoZlZD%2B3eza7u%2BOi%2F5VNlrKjaBXWVo%2BDvXB%2FRqxdDqHfQI3bsf5pSLxyTkQYNpNSBIM1ebFFiAsd5XfonbxDtnWIHKGplitC2jeG0d1%2BoKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-request-id: 080f526a3f00000eb33f187000000001
cf-ray: 61c58689fec00eb3-FRA

GET
H2 200 logo.png
zdnet3.cbsistatic.com/fly/1612434968-asset/bundles/zdnetcss/images/core/ 4 KB
4 KB 6ms
6ms Image
image/png 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet3.cbsistatic.com/fly/1612434968-asset/bundles/zdnetcss/images/core/logo.png

Requested by

Host: zdnet4.cbsistatic.com
URL: https://zdnet4.cbsistatic.com/fly/css/core/main-ec150deb74-rev.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

ff2ae991ac0efdb5ae8b4428ba8555a0aeb0fd94b8014ce290c484242c524097

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://zdnet4.cbsistatic.com/fly/css/core/main-ec150deb74-rev.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:37 GMT
x-content-type-options: nosniff
age: 18296
vary: Accept-Encoding, Accept
content-length: 4105
x-xss-protection: 1; mode=block
last-modified: Thu, 04 Feb 2021 09:57:07 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Feb 2021 09:58:04 GMT

GET
H2 200 e70f246a-fd9b-4805-9fd4-fcd89020aca5.json Show response
cdn.cookielaw.org/consent/e70f246a-fd9b-4805-9fd4-fcd89020aca5/ 3 KB
2 KB 31ms
17ms XHR
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/e70f246a-fd9b-4805-9fd4-fcd89020aca5/e70f246a-fd9b-4805-9fd4-fcd89020aca5.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0844bd3c4baeabefa82df5e7dab5789c384a63f93799d25d325923c87941b79b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 04 Feb 2021 15:46:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: /OEOyq06PFOqP2wdlgJHyA==
age: 2103
vary: Accept-Encoding
content-length: 1219
cf-request-id: 080f526a4f00002ba16b8fc000000001
x-ms-lease-status: unlocked
last-modified: Thu, 29 Oct 2020 19:43:56 GMT
server: cloudflare
etag: 0x8D87C42F9703542
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 717d6a01-601e-00a8-611b-d40cf3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 61c5868a1cf92ba1-FRA

GET
H2 200 main.default.js Show response
zdnet3.cbsistatic.com/fly/6b2e92-fly/js/ 765 KB
230 KB 8ms
8ms Script
application/javascript 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet3.cbsistatic.com/fly/6b2e92-fly/js/main.default.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

4814dcfae9edca14230204d0f1bf984f9c35b2abeb1a00acb01a53161b64c424

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18296
vary: Accept-Encoding, Accept
content-length: 235487
x-xss-protection: 1; mode=block
last-modified: Thu, 04 Feb 2021 10:40:25 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "1731650d1805ea38faa0ac9edeb973bd"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Feb 2021 10:41:41 GMT

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ Frame C855 2 KB
1 KB 16ms
15ms XHR
application/json 2a02:26f0:6c00:192::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=YZ2TK-PC7PJ-K64DL-L53CR-P2G4E&d=www.zdnet.com&t=5374845&v=1.720.0&if=&sl=0&si=66c57e38-2a2b-4561-b009-45f45d293682-qo0h5p&plugins=ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=
Requested by: Host: c.go-mpulse.net
URL: https://c.go-mpulse.net/boomerang/YZ2TK-PC7PJ-K64DL-L53CR-P2G4E
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:192::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 94399e6f28b32bc7f9b2da5fba5f6d0f6ecc13e506629d94d03f7fec169998c3

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 15:46:37 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 793

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 164 B
522 B 49ms
28ms Script
text/javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:37 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 61c5868a59f4d6c5-FRA
cf-request-id: 080f526a770000d6c5a7abc000000001

OPTIONS
H2 204 record
a.myfidevs.io/ Frame 0
0 383ms
125ms Other 3.221.156.227
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.myfidevs.io/record
Protocol: H2
Server: 3.221.156.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-221-156-227.compute-1.amazonaws.com
Software: Python/3.7 aiohttp/3.6.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-api-key
Origin: https://www.zdnet.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 04 Feb 2021 15:46:38 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-allow-headers: *
server: Python/3.7 aiohttp/3.6.2

POST
H2 204 record Show response
a.myfidevs.io/ 0
162 B 148ms
147ms XHR
text/plain 3.221.156.227
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.myfidevs.io/record
Requested by: Host: static.myfinance.com
URL: https://static.myfinance.com/widget/myFinance.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.221.156.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-221-156-227.compute-1.amazonaws.com
Software: Python/3.7 aiohttp/3.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
x-api-key: yuH27H1QId6afXAojow6Tafi7Vw9v1spaLD5Yznw
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Thu, 04 Feb 2021 15:46:38 GMT
access-control-allow-credentials: true
server: Python/3.7 aiohttp/3.6.2
access-control-allow-headers: *
access-control-allow-methods: POST

GET
H2 200 v1.5 Show response
www.myfinance.com/api/au/ 1 KB
2 KB 591ms
558ms XHR
application/json 2606:4700:20::681a:eb9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.myfinance.com/api/au/v1.5?tzo=-60&w=1600&h=1200&mf_referrer=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&creative_sets=%5B%5D&widgets=%5B%5D&cru_placements=%5B%5D&page=0

Requested by

Host: static.myfinance.com
URL: https://static.myfinance.com/widget/myFinance.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:eb9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d49d2e000b8fc7a4513e24a4a232656d759bf23f515e7c312d041536485834d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json
Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
content-type: application/json
vary: Accept, Accept-Language, Origin, Cookie
cf-request-id: 080f526a9d00002c4a7d23e000000001
allow: GET, HEAD, OPTIONS
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4jQQuKOkE7jwk%2F9%2Becp3JmsTPJDJvrzYKnAsBy3eINbmMyEdFVHuWqSEA4Pcumxt%2FCGFeTc7bTrGUdqd0nKl8kGQM0T1HIn%2BWxSp4q%2F5dVcqWkwaVmKRvdXgG3metQ%3D%3D"}]}
content-language: en-us
access-control-allow-origin: https://www.zdnet.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 61c5868a9c062c4a-FRA
expires: Thu, 04 Feb 2021 15:46:38 GMT

OPTIONS
H2 200 diff
at.cbsi.com/lib/api/v1/zdnet/prod/config/ Frame 0
0 191ms
132ms Other
text/html 151.101.1.188
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://at.cbsi.com/lib/api/v1/zdnet/prod/config/diff

Protocol

Server

151.101.1.188 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: cat,content-type,variant,version
Origin: https://www.zdnet.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: text/html; charset=utf-8
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://www.zdnet.com
access-control-allow-headers: *
allow: GET,HEAD
etag: W/"8-ZRAf8oNBS3Bjb/SU2GYZCmbtmXg"
x-cloud-trace-context: d69a55f9cc096fa5e0be49eb157800ac
server: Google Frontend
accept-ranges: bytes
date: Thu, 04 Feb 2021 15:46:38 GMT
via: 1.1 varnish
x-served-by: cache-hhn4038-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1612453598.990516,VS0,VE93
vary: Accept-Encoding, Origin
x-abtest: none
strict-transport-security: max-age=300
content-length: 8

GET
H/1.1 200
OK config.js Show response
confiant-integrations.global.ssl.fastly.net/6NAGEHPQTIMciZyoLrUIDQZlmus/gpt_and_prebid/ 126 KB
31 KB 89ms
29ms Script
text/javascript 151.101.113.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/6NAGEHPQTIMciZyoLrUIDQZlmus/gpt_and_prebid/config.js
Requested by: Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/6b2e92-fly/js/main.default.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9b52a72e3b91442b19a1767129ae457927a3cc0a3bc5809b60594a48e3e9a705

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 15:46:37 GMT
Content-Encoding: gzip
Age: 2727
X-Cache: HIT
Connection: keep-alive
Content-Length: 30996
x-amz-id-2: 97+ElaMGWYr+2jlvVt5N+PfcAB58cVUq2mK9Sa8dZCf5ZIzk4RviCBGye27X+0vgoFsVTkJaDGQ=
X-Served-By: cache-hhn4034-HHN
Last-Modified: Thu, 04 Feb 2021 14:26:21 GMT
Server: AmazonS3
X-Timer: S1612453598.978169,VS0,VE0
ETag: "32e905c633f605d75fd72f900256fe6e"
x-amz-request-id: 8D05DA3BCE07A9EB
Via: 1.1 varnish
Cache-Control: public, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Type: text/javascript
X-Cache-Hits: 315

GET
H2 200 diff Show response
at.cbsi.com/lib/api/v1/zdnet/prod/config/ 19 KB
4 KB 32ms
30ms Fetch
application/json 151.101.1.188
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://at.cbsi.com/lib/api/v1/zdnet/prod/config/diff

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/6b2e92-fly/js/main.default.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.188 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

8e56c57c09842e23fd61b419b00b3c7559901d95fd2607421ca5d70efe3d3be4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
cat: KslRu2oT7
Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
version: v2.20.0
variant: core
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

x-abtest: none
date: Thu, 04 Feb 2021 15:46:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 299
x-dns-prefetch-control: off
x-cache: HIT
ttl: 900s
content-length: 3856
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4038-HHN
access-control-allow-origin: *
server: Google Frontend
x-timer: S1612453598.124343,VS0,VE0
x-frame-options: SAMEORIGIN
etag: W/5353e63809adcba65a09cad4acf738100a5f7a90
x-download-options: noopen
vary: Accept-Encoding, Origin
strict-transport-security: max-age=300
content-type: application/json; charset=utf-8
via: 1.1 varnish
x-cloud-trace-context: 09f306bdb8f353cbab17ed1e564cde39
cache-control: max-age=900
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 2

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 56 KB
19 KB 101ms
37ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/6b2e92-fly/js/main.default.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

sffe /

Resource Hash

41546115179501d1b52563177d4927809e384c24a83b263d3c1cc5146e307cbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "773 / 773 of 1000 / last-modified: 1612440977"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19181
x-xss-protection: 0
expires: Thu, 04 Feb 2021 15:46:38 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.7.0/ 338 KB
72 KB 17ms
16ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.7.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1e3d87e5966b1193f8e51bec035a9de6de1c02243deb8f2b9bd280a67715112

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 04 Feb 2021 15:46:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 39GJ8QXxSjBaTmaIgt+tLg==
age: 2179
vary: Accept-Encoding
content-length: 73268
cf-request-id: 080f526af0000097ae263c4000000001
x-ms-lease-status: unlocked
last-modified: Fri, 09 Oct 2020 06:35:45 GMT
server: cloudflare
etag: 0x8D86C1D8DA49AF8
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: a60850d8-c01e-010b-151a-d486c7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 61c5868b1d7c97ae-FRA

GET
H2 200 urs.js Show response
urs.zdnet.com/sdk/ 50 KB
50 KB 184ms
132ms Script
application/javascript 34.102.213.242
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://urs.zdnet.com/sdk/urs.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.213.242 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

242.213.102.34.bc.googleusercontent.com

Software

Resource Hash

fb7a86f12d2f0ac2f4111c147415ab30f9c7d84c5e15faba3875fce7ce590127

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:38 GMT
via: 1.1 google
last-modified: Mon, 13 Apr 2020 17:57:02 GMT
etag: "5e94a7ee-c803"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
accept-ranges: bytes
alt-svc: clear
content-length: 51203

GET
H2 200 mpulse-1.0.2.js Show response
zdnet1.cbsistatic.com/fly/js/libs/ 61 KB
12 KB 7ms
6ms Script
application/javascript 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet1.cbsistatic.com/fly/js/libs/mpulse-1.0.2.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

ea7373d7059ab32d4304249b48a91311f91d2dce5e1ebf10450f33f9a8c5f5ec

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 540406
vary: Accept-Encoding, Accept
content-length: 12449
x-xss-protection: 1; mode=block
last-modified: Thu, 28 Jan 2021 21:26:56 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "c9e7aff16ab8ba2e866e52e9a4eb8ed2"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Feb 2021 09:39:51 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/e70f246a-fd9b-4805-9fd4-fcd89020aca5/a652efb7-f570-4ba9-a221-2753b7eb30e8/ 60 KB
14 KB 16ms
16ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/e70f246a-fd9b-4805-9fd4-fcd89020aca5/a652efb7-f570-4ba9-a221-2753b7eb30e8/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.7.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ce8d3bfed7339952b7f3a4143df2e3867ab6ea6555d95d3bd44087d4f672bd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 04 Feb 2021 15:46:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: zmR4HzWDnD/K8NKWX2k29A==
age: 2103
vary: Accept-Encoding
content-length: 14179
cf-request-id: 080f526b1100002ba1652f1000000001
x-ms-lease-status: unlocked
last-modified: Thu, 29 Oct 2020 19:43:59 GMT
server: cloudflare
etag: 0x8D87C42FB4B3E93
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 49f866d8-c01e-0144-5e0a-b442df000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 61c5868b48032ba1-FRA

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/v2/ 2 KB
1 KB 43ms
43ms XHR
application/json 2a02:26f0:6c00:192::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/v2/config.json?key=YZ2TK-PC7PJ-K64DL-L53CR-P2G4E&t=1612453597971&s=f3cd01eb87dfb588987411d22014dfe73b1b750dbc6a1e7071fcf40a6a99e53e
Requested by: Host: zdnet1.cbsistatic.com
URL: https://zdnet1.cbsistatic.com/fly/js/libs/mpulse-1.0.2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:192::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: c96621a9ccf4e2701f8c5fc08efb43224bd59a328f0c71b4b0c524aa338cf440

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 15:46:38 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 869

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.7.0/assets/ 12 KB
4 KB 12ms
11ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.7.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.7.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06b10167b8d0ac41c1b681a2cce2977f08c4bb49f3261d7ff2fce60b0e59f7c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 04 Feb 2021 15:46:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 6g5s6eICehvPXWb9nycIcQ==
age: 2179
vary: Accept-Encoding
content-length: 3328
cf-request-id: 080f526b2900002ba18d361000000001
x-ms-lease-status: unlocked
last-modified: Fri, 09 Oct 2020 06:35:38 GMT
server: cloudflare
etag: 0x8D86C1D890DBAF3
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 6f0ee0a3-601e-0046-6d17-b30670000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 61c5868b78672ba1-FRA

GET
H2 200 otPcPanel.json Show response
cdn.cookielaw.org/scripttemplates/6.7.0/assets/v2/ 45 KB
11 KB 16ms
15ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.7.0/assets/v2/otPcPanel.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.7.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c269c820bb1f57a535cbc2b61ddbd902ef33364e5fd1f827ecaccbd1831c1d42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 04 Feb 2021 15:46:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: VdPW9mUL+ZgJ7oO59gDKyw==
age: 2179
vary: Accept-Encoding
content-length: 11094
cf-request-id: 080f526b2900002ba16b90f000000001
x-ms-lease-status: unlocked
last-modified: Fri, 09 Oct 2020 06:35:40 GMT
server: cloudflare
etag: 0x8D86C1D8A75F320
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 743ef2b2-401e-0037-71d4-b47449000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 61c5868b786b2ba1-FRA

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/gpt/202102021841/ 191 KB
58 KB 32ms
31ms Script
application/javascript 151.101.113.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202102021841/wrap.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/6NAGEHPQTIMciZyoLrUIDQZlmus/gpt_and_prebid/config.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5c32e7709e9594c76e5b8c8d689b696f88237d60df0b1f6dd0b28d361469332c

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 15:46:38 GMT
Content-Encoding: gzip
Age: 731
X-Cache: HIT
Connection: keep-alive
Content-Length: 58468
x-amz-id-2: PfiTKffMmNMQ0kbVhxuCd9axNizmTbxJzqu8a+h8/5ngrl2h7/hkLzF2hIwELL8CLPC0Nkg3Uos=
X-Served-By: cache-hhn4034-HHN
Last-Modified: Tue, 02 Feb 2021 23:44:30 GMT
Server: AmazonS3
X-Timer: S1612453598.171789,VS0,VE0
ETag: "c7c578310510fc2a6129ca2158dfa3fb"
x-amz-request-id: EAE2E5AA8CD0E681
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 1017

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/prebid/202102021841/ 81 KB
27 KB 84ms
26ms Script
application/javascript 151.101.113.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202102021841/wrap.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/6NAGEHPQTIMciZyoLrUIDQZlmus/gpt_and_prebid/config.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 453c962002dc745e53f6b3b7542a3a4cb6e7b1783c19b380b2761ba1b661fc4e

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 15:46:38 GMT
Content-Encoding: gzip
Age: 868
X-Cache: HIT
Connection: keep-alive
Content-Length: 27154
x-amz-id-2: P8TWCmlQyc1PT39PNMkKyc8SZsW3lapOWrrkDXKvI9WHTBZW30rpygFaxaKwcd1bQcb5+bjyO3k=
X-Served-By: cache-hhn4034-HHN
Last-Modified: Tue, 02 Feb 2021 23:44:32 GMT
Server: AmazonS3
X-Timer: S1612453598.224767,VS0,VE0
ETag: "4176b473aca0300d0bcfeb8bc2be6b83"
x-amz-request-id: CBFAE46E7A05A56D
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 1382

GET
H2 200 cohesion-latest.min.js Show response
cdn.cohesionapps.com/cohesion/ 57 KB
16 KB 110ms
32ms Script
application/javascript 65.9.58.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cohesionapps.com/cohesion/cohesion-latest.min.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.19 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a3f4d1a63466241f801a814a97f1b171bbf05baa39a9bcb585f2c076a0367179

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 03 Feb 2021 18:00:34 GMT
content-encoding: gzip
last-modified: Thu, 28 Jan 2021 13:02:08 GMT
server: AmazonS3
age: 78365
etag: W/"1d37b46187172848d82e8dd5c8a768b7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 9570c3a1725c20e6faed117bbb74223b.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
content-type: application/javascript
x-amz-cf-id: cIGyvKMHs0aJDkhMgyVdLh2OYEmB5FfZS9pcLogqGh9hilr3Hu8bPA==

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 57ms
14ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.7.0/otBannerSdk.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B92) /
Resource Hash: 2b418a10ba4680c77fa07fb0e736eec6306cba0dbbbc8deac94a25e679178e15

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 15:46:38 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 868
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Content-Length: 28698
x-tw-cdn: VZ
Last-Modified: Thu, 01 Oct 2020 21:52:09 GMT
Server: ECS (amb/6B92)
Etag: "a671d4d584ef50954e5cebb21da17065+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 ;ord=1612453598264
ad.doubleclick.net/ddm/ad/px/pvqksvdmo/zn/ 43 B
632 B 98ms
35ms Image
image/gif 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/ad/px/pvqksvdmo/zn/;ord=1612453598264?

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

cafe /

Resource Hash

9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 15:46:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 pubads_impl_2021012801.js Show response
securepubads.g.doubleclick.net/gpt/ 275 KB
97 KB 74ms
41ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

sffe /

Resource Hash

fa533eb34a8900f6013bf6f0095c696ea16758fe6fbf7442694de0f8ebb2f536

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 09:41:30 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99311
x-xss-protection: 0
expires: Thu, 04 Feb 2021 15:46:38 GMT

GET
H2 200 moatheader.js Show response
z.moatads.com/cbsprebidheader506831276743/ 227 KB
79 KB 112ms
44ms Script
application/x-javascript 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsprebidheader506831276743/moatheader.js
Requested by: Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/6b2e92-fly/js/main.default.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 9c9684fffc904b34596432583ffbfedc05e74cccbb87a59a8e6ca01f4dff9b4c

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:38 GMT
content-encoding: gzip
last-modified: Wed, 13 Jan 2021 18:02:10 GMT
server: AmazonS3
x-amz-request-id: DN7Q2XEPEWDW6R4G
etag: "1ea956ab713466f3f265b8a2ab347e84"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=9023
accept-ranges: bytes
content-length: 80306
x-amz-id-2: Yk1qu+o6X1ZgTtzhWrIRztE3T8Xg53bKCZ0Zx8kr7RtI2gC7J3nqZip5oMG/Rp3t5l1nzHbKTZU=

GET
H/1.1 200
OK widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html
platform.twitter.com/widgets/ Frame 1F44 0
0 13ms
13ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html?origin=https%3A%2F%2Fwww.zdnet.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B94) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 547999
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 04 Feb 2021 15:46:38 GMT
Etag: "9fa476ae827f556d5b037fe43632370d+gzip"
Last-Modified: Thu, 01 Oct 2020 21:50:01 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6B94)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 5825

GET
H/1.1 204
No Content / Show response
364bf52c.akstat.io/ 0
354 B 51ms
36ms XHR
image/gif 2a02:26f0:6c00:2a3::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://364bf52c.akstat.io/?h.pg=article&when=1612453598462&cdim.Site_View=desktop&t_other=custom4%7C142&d=zdnet.com&h.key=YZ2TK-PC7PJ-K64DL-L53CR-P2G4E&h.d=zdnet.com&h.cr=244f3c1cae8edf75f9243c35847fbd3530848e94&h.t=1612453597996&http.initiator=api&rt.start=api&rt.si=528910a9-9184-4123-9b20-bfc34b1d9750&rt.ss=1612453598558&rt.sl=0&api=1&api.v=2&api.l=js&api.lv=0.0.1

Requested by

Host: zdnet1.cbsistatic.com
URL: https://zdnet1.cbsistatic.com/fly/js/libs/mpulse-1.0.2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00:2a3::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Feb 2021 15:46:38 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.zdnet.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-XSS-Protection: 0
Expires: Thu, 04 Feb 2021 15:46:38 GMT

OPTIONS
H2 200 t
make.cohesionapps.com/v1/ Frame 0
0 376ms
121ms Other 34.224.144.97
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://make.cohesionapps.com/v1/t
Protocol: H2
Server: 34.224.144.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-224-144-97.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://www.zdnet.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 04 Feb 2021 15:46:38 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 900
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

OPTIONS
H2 200 t
make.cohesionapps.com/v1/ Frame 0
0 373ms
120ms Other 34.224.144.97
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://make.cohesionapps.com/v1/t
Protocol: H2
Server: 34.224.144.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-224-144-97.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://www.zdnet.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 04 Feb 2021 15:46:38 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 900
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 t Show response
make.cohesionapps.com/v1/ 92 B
224 B 145ms
145ms XHR
application/json 34.224.144.97
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://make.cohesionapps.com/v1/t
Requested by: Host: cdn.cohesionapps.com
URL: https://cdn.cohesionapps.com/cohesion/cohesion-latest.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.224.144.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-224-144-97.compute-1.amazonaws.com
Software: /
Resource Hash: 6de238f4ea5c7f7dea04436d539888ee4e409695e17c4a9c01e989aa8d317178

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
Authorization: Basic d2tfMWtZc0FkSHN4MVhWd1Q1RWJYOU9RWWw0bkpNOg==
Content-Type: application/json;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 04 Feb 2021 15:46:39 GMT
access-control-allow-credentials: true
content-length: 92
vary: Origin
content-type: application/json

POST
H2 200 t Show response
make.cohesionapps.com/v1/ 92 B
224 B 134ms
134ms XHR
application/json 34.224.144.97
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://make.cohesionapps.com/v1/t
Requested by: Host: cdn.cohesionapps.com
URL: https://cdn.cohesionapps.com/cohesion/cohesion-latest.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.224.144.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-224-144-97.compute-1.amazonaws.com
Software: /
Resource Hash: 4c04a9f2fe75dd7aeff2eeff4a51e6fa91fe1d7c4d940c93c122a966a47d45e0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
Authorization: Basic d2tfMWtZc0FkSHN4MVhWd1Q1RWJYOU9RWWw0bkpNOg==
Content-Type: application/json;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 04 Feb 2021 15:46:39 GMT
access-control-allow-credentials: true
content-length: 92
vary: Origin
content-type: application/json

GET
H2 200 xs1.html
cdn.cohesionapps.com/cohesion/ Frame A55F 0
0 28ms
26ms Document
text/html 65.9.58.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cohesionapps.com/cohesion/xs1.html
Requested by: Host: cdn.cohesionapps.com
URL: https://cdn.cohesionapps.com/cohesion/cohesion-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.19 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: cdn.cohesionapps.com
:scheme: https
:path: /cohesion/xs1.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/

Response headers

content-type: text/html
date: Thu, 04 Feb 2021 02:25:27 GMT
last-modified: Thu, 28 Jan 2021 13:02:08 GMT
etag: W/"10b2c1751c2247b1aeccc91060f971cf"
x-amz-server-side-encryption: AES256
x-amz-version-id: null
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9570c3a1725c20e6faed117bbb74223b.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: -nRid_YrBiIOFzf5Lv2HOH8kxwbPrOICP-ssgTJYZtL4OCmfr8Nnww==
age: 48072

GET
H2 200 article-8de8a28caf-rev.js Show response
zdnet4.cbsistatic.com/fly/js/pages/ 143 KB
38 KB 13ms
7ms Script
application/javascript 2a04:4e42:3::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet4.cbsistatic.com/fly/js/pages/article-8de8a28caf-rev.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

bc53320602e91f327e677f42e96103a6145826e2120c889f0729a5184374843c

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 167971
vary: Accept-Encoding, Accept
content-length: 38474
x-xss-protection: 1; mode=block
last-modified: Tue, 02 Feb 2021 15:10:40 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "4f0415e68b6a0710a3db132c16c5858b"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Feb 2021 17:07:07 GMT

GET
H/1.1 200
OK horizon_tweet.716ef7f4c155526f8ec8e60dbd2fbf56.js Show response
platform.twitter.com/js/ 6 KB
3 KB 17ms
14ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/horizon_tweet.716ef7f4c155526f8ec8e60dbd2fbf56.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BB4) /
Resource Hash: b8e8fe9b8ca280dc3c982691064e62ba97c8f2c192a17dfe74430c7cf73cb4de

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 15:46:38 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Oct 2020 21:49:51 GMT
Server: ECS (amb/6BB4)
Age: 579575
Etag: "15d6bf68a8d65b293e52ddc833724ed4+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 2195

GET
H2 200 integrator.js Show response
adservice.google.ch/adsid/ 109 B
803 B 53ms
31ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=www.zdnet.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Feb 2021 15:46:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
803 B 80ms
59ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.zdnet.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Feb 2021 15:46:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 260 KB
48 KB 823ms
821ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=446324754840027&correlator=1201689161893530&output=ldjh&impl=fifs&eid=21068601%2C21068773%2C21068891%2C21069811%2C21069964%2C21069730&vrg=2021012801&ptt=17&guci=2.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210204&iu_parts=8264%2Cuk-zdnet%2Csecurity&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=5x5%2C728x90%7C970x250%7C970x66%2C300x250%7C300x600%7C300x1050%2C300x250%2C371x771%2C300x250%2C728x90%7C970x250%7C970x66&prev_scp=pos%3Dnav%26sl%3Dnav-ad%253FT-1000%7Cpos%3Dtop%26sl%3Dleader-plus-top%253FT-1000%7Cpos%3Dtop%26sl%3Dmpu-plus-top%253FT-1000%7Cpos%3Dmiddle%26sl%3Dmpu-middle%253FT-1000%7Cpos%3Dtop%26sl%3Ddynamic-showcase-top%253FT-1000%7Cpos%3Dbottom%26sl%3Dmpu-bottom%253FT-1000%7Cpos%3Dbottom%26sl%3Dleader-plus-bottom%253FT-1000&eri=1&cust_params=buyingcycle%3Ddiscover%26topic%3Dsecurity%252Cgoogle%252Cmicrosoft%26mfr%3Dmicrosoft%252Cgoogle%252Catp-electronics%26tag%3Dmicrosoft%252Cchrome%252Cupdate%252Cfiles%252Csecurity%252Cgoogle%252Cantivirus%26pid%3Daudio-technica-atp%252Caltec-atp%252Cmotorola-atp%26prodtype%3Dantivirus%26device%3Ddesktop%26ptype%3Darticle%26cid%3Dmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%26env%3Dprod%26user%3Danon%26userGroup%3Dfirst_impression%26type%3Dgpt%26region%3Duk%26subses%3D4%26session%3Da%26pv%3D1%26vguid%3D66471301-4b3f-419f-b5f3-8c1921e8da02&cookie_enabled=1&bc=31&abxe=1&lmt=1612453338&dt=1612453598783&dlt=1612453597523&idt=1193&frm=20&biw=1600&bih=1200&oid=3&adxs=0%2C436%2C1050%2C1050%2C1015%2C1050%2C436&adys=0%2C370%2C510%2C2537%2C1736%2C3419%2C3719&adks=2072725681%2C3581870410%2C1925781520%2C3289239044%2C3970605601%2C3509234736%2C519614694&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x4179%7C1600x90%7C370x250%7C370x250%7C370x771%7C370x250%7C1210x90&msz=1600x5%7C1600x90%7C370x250%7C370x250%7C370x771%7C370x250%7C1210x90&ga_vid=1015892485.1612453599&ga_sid=1612453599&ga_hid=2064022193&fws=4%2C4%2C4%2C4%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

4935a7d49d45be5d5682d364c17ffb3a02548dc4f8a51082e250153ef0c29702

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48000
x-xss-protection: 0
google-lineitem-id: 5609845120,-1,-1,-1,4825966980,-1,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138338738264,-1,-1,-1,138247024569,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.zdnet.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
b0e95de8a43c5af9d2065ccae6acb938.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 78ms
14ms Other
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://b0e95de8a43c5af9d2065ccae6acb938.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 51ms
8ms Other
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

OPTIONS
H2 200 t
make.cohesionapps.com/v1/ Frame 0
0 181ms
119ms Other 34.224.144.97
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://make.cohesionapps.com/v1/t
Protocol: H2
Server: 34.224.144.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-224-144-97.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://www.zdnet.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 04 Feb 2021 15:46:38 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 900
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

OPTIONS
H2 200 t
make.cohesionapps.com/v1/ Frame 0
0 181ms
120ms Other 34.224.144.97
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://make.cohesionapps.com/v1/t
Protocol: H2
Server: 34.224.144.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-224-144-97.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://www.zdnet.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 04 Feb 2021 15:46:38 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 900
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 t Show response
make.cohesionapps.com/v1/ 92 B
224 B 131ms
130ms XHR
application/json 34.224.144.97
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://make.cohesionapps.com/v1/t
Requested by: Host: cdn.cohesionapps.com
URL: https://cdn.cohesionapps.com/cohesion/cohesion-latest.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.224.144.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-224-144-97.compute-1.amazonaws.com
Software: /
Resource Hash: 92a519c70a34f291536ea3f62ec780de77273cd975a294a388f5cef1c733908f

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
Authorization: Basic d2tfMWtZc0FkSHN4MVhWd1Q1RWJYOU9RWWw0bkpNOg==
Content-Type: application/json;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 04 Feb 2021 15:46:39 GMT
access-control-allow-credentials: true
content-length: 92
vary: Origin
content-type: application/json

POST
H2 200 t Show response
make.cohesionapps.com/v1/ 92 B
224 B 152ms
151ms XHR
application/json 34.224.144.97
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://make.cohesionapps.com/v1/t
Requested by: Host: cdn.cohesionapps.com
URL: https://cdn.cohesionapps.com/cohesion/cohesion-latest.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.224.144.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-224-144-97.compute-1.amazonaws.com
Software: /
Resource Hash: e5b288e6d90390e85409dadecbb56ec645fd8b4998346db23550f1288a5f3e85

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
Authorization: Basic d2tfMWtZc0FkSHN4MVhWd1Q1RWJYOU9RWWw0bkpNOg==
Content-Type: application/json;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 04 Feb 2021 15:46:39 GMT
access-control-allow-credentials: true
content-length: 92
vary: Origin
content-type: application/json

GET
H2 200 CBSI-PLAYER.js Show response
vidtech.cbsinteractive.com/uvpjs/0.42.297/ 1 MB
281 KB 32ms
9ms Script
application/javascript 2a04:4e42:1b::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidtech.cbsinteractive.com/uvpjs/0.42.297/CBSI-PLAYER.js
Requested by: Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/js/libs/require-2.1.2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::645 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1df152c5f79010dd701eceeabbf5fae49f8b375b625f2a5d7f8a8fbe11b92f2b

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:38 GMT
via: 1.1 varnish, 1.1 varnish
age: 2362546
x-cache: HIT, HIT
content-encoding: gzip
content-length: 286838
x-amz-id-2: /diwBpM/GlNv3/giGyEmVHsHkXcC3/OJyicrAs8ODQ44YGmVTx298DoLyYKp3xI3hmm2YOjpFR8=
x-served-by: cache-dca17727-DCA, cache-hhn4051-HHN
last-modified: Fri, 01 Feb 2019 18:20:56 GMT
server: AmazonS3
x-timer: S1612453599.921572,VS0,VE1
etag: "eb5dd4ed3dcb7641ebbcb604d7ddb038"
vary: Accept-Encoding
x-amz-request-id: EJ3Q9Z7M1JFV3XCR
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1, 1

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 296 B
471 B 188ms
78ms Script
text/html 52.212.194.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=1801734898&tf=Id8O-DxRgoC-xFQTS-CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-YtJRcnFITyNasGPVCywBEAhKBRM3uwndnCs78ABRGBCPEpDfmAqnEVFZ&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&pcode=cbsprebidheader506831276743&callback=MoatNadoAllJsonpRequest_36376786
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/cbsprebidheader506831276743/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.194.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-194-196.eu-west-1.compute.amazonaws.com
Software: TornadoServer/4.5.3 /
Resource Hash: d0bd00ec1953b2f01c0b7e07fb33f6f0b8157369ee9c637f9bc3f4d8953cc50b

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:39 GMT
cache-control: max-age=900
server: TornadoServer/4.5.3
timing-allow-origin: *
etag: "7a289ed013a4e9a466e65ded42f76c5bba09acb9"
content-length: 296
content-type: text/html; charset=UTF-8

GET
H2 200 n.js Show response
geo.moatads.com/ 110 B
284 B 153ms
51ms Script
text/html 52.215.254.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=1801734898&tf=Id8O-DxRgoC-xFQTS-CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-YtJRcnFITyNasGPVCywBEAhKBRM3uwndnCs78ABRGBCPEpDfmAqnEVFZ&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&i=CBS_PREBID_HEADER1&hp=1&wf=1&vb=8&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=11&f=0&j=&t=1612453598920&de=307241754246&rx=699394027241&m=0&ar=a4c42fd81f5-clean&iw=953a59b&q=1&cb=0&cu=1612453598920&ll=2&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&id=1&ii=4&bo=undefined&bd=undefined&gw=cbsprebidheader506831276743&fd=1&ac=1&it=500&pe=1%3A342%3A342%3A0%3A346&fs=188103&na=1507564497&cs=0&callback=DOMlessLLDcallback_36376786
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/cbsprebidheader506831276743/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.254.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-254-97.eu-west-1.compute.amazonaws.com
Software: TornadoServer/4.5.3 /
Resource Hash: 8e6f902afdd5e071b55aa9969c6a2df552f70aaddd1d32b4bce89c1646b75e1c

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:39 GMT
cache-control: max-age=900
server: TornadoServer/4.5.3
timing-allow-origin: *
etag: "be931079e66f4b25be21c0738b3bb724103f9da9"
content-length: 110
content-type: text/html; charset=UTF-8

GET
H2 200 n.js Show response
geo.moatads.com/ 113 B
289 B 151ms
51ms Script
text/html 52.215.254.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=1801734898&tf=Id8O-DxRgoC-xFQTS-CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-YtJRcnFITyNasGPVCywBEAhKBRM3uwndnCs78ABRGBCPEpDfmAqnEVFZ&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&i=CBS_PREBID_HEADER1&hp=1&wf=1&vb=8&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=11&f=0&j=&t=1612453598920&de=307241754246&rx=699394027241&m=0&ar=a4c42fd81f5-clean&iw=953a59b&q=2&cb=0&cu=1612453598920&ll=2&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&id=1&ii=4&bo=undefined&bd=undefined&gw=cbsprebidheader506831276743&fd=1&ac=1&it=500&pe=1%3A342%3A342%3A0%3A346&fs=188103&na=1386511310&cs=0&callback=MoatDataJsonpRequest_36376786
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/cbsprebidheader506831276743/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.254.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-254-97.eu-west-1.compute.amazonaws.com
Software: TornadoServer/4.5.3 /
Resource Hash: 586176dad3c2dae383086f7f1502b9218f8299c38d4932790ccbd8b6c7308b4d

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:39 GMT
cache-control: max-age=900
server: TornadoServer/4.5.3
timing-allow-origin: *
etag: "fa456b673d69f9d3abf26d2bb392a6ccc7f353e4"
content-length: 113
content-type: text/html; charset=UTF-8

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 66ms
58ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&t=1612453598920&de=560603194&d=CBS_PREBID_HEADER1%3ADesktop%3A-%3A-&i=YIELD_INTELLIGENCE_INTERNAL1&ar=a4c42fd81f5-clean&iw=953a59b&zMoatRendered=0&zMoatSlotTargetingLoaded=0&zMoatSlotTargetingSet=0&zMoatPageDataTargetingSet=0&zMoatSafetyTargetingSet=0&zMoatEmptySlot=0&zMoatNadoDataLoadTime=Not%20Loaded&zMoatAllDataLoadTime=Not%20Loaded&bo=zdnet.com&bd=zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor&ac=1&bq=11&f=0&na=700506978&cs=0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 15:46:39 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 04 Feb 2021 15:46:39 GMT

GET
H/1.1 200
OK index.html
platform.twitter.com/embed/ Frame EE05 0
0 14ms
13ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/index.html?creatorScreenName=ZDNet&dnt=false&embedId=twitter-widget-0&frame=false&hideCard=false&hideThread=false&id=1356955218169241607&lang=en&origin=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&siteScreenName=ZDNet&theme=light&widgetsVersion=ed20a2b%3A1601588405575&width=550px
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BC8) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 527
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=utf-8
Date: Thu, 04 Feb 2021 15:46:39 GMT
Etag: "0a7c0ee5972037292537365a97d5b19e"
Last-Modified: Thu, 28 Jan 2021 22:41:30 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6BC8)
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 487

GET
H/1.1 200
OK index.html
platform.twitter.com/embed/ Frame 6E58 0
0 23ms
13ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/index.html?creatorScreenName=ZDNet&dnt=false&embedId=twitter-widget-1&frame=false&hideCard=false&hideThread=false&id=1356964509727002624&lang=en&origin=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&siteScreenName=ZDNet&theme=light&widgetsVersion=ed20a2b%3A1601588405575&width=550px
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B7A) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Age: 945
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=utf-8
Date: Thu, 04 Feb 2021 15:46:39 GMT
Etag: "0a7c0ee5972037292537365a97d5b19e"
Last-Modified: Thu, 28 Jan 2021 22:41:30 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6B7A)
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 487

GET
H/1.1 200
OK index.html
platform.twitter.com/embed/ Frame CC84 0
0 36ms
12ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/index.html?creatorScreenName=ZDNet&dnt=false&embedId=twitter-widget-2&frame=false&hideCard=false&hideThread=false&id=1356940218138509312&lang=en&origin=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&siteScreenName=ZDNet&theme=light&widgetsVersion=ed20a2b%3A1601588405575&width=550px
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B97) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 306
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=utf-8
Date: Thu, 04 Feb 2021 15:46:39 GMT
Etag: "0a7c0ee5972037292537365a97d5b19e"
Last-Modified: Thu, 28 Jan 2021 22:41:30 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6B97)
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 487

GET
H2 200 nr-1194.min.js Show response
js-agent.newrelic.com/ 27 KB
11 KB 95ms
39ms Script
application/javascript 151.101.14.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1194.min.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 04446c6509e4513c239c7803cf8a8c3727e8cef843c8537e48d5e05e1fa723cd

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:39 GMT
content-encoding: gzip
x-amz-request-id: BDA33F0ADF8B446F
x-cache: HIT
content-length: 10625
x-amz-id-2: ZBBsNmFVlqY4Vm3G5KmpGb7jgl6i6pF00oVNbFw842+Gtx5110FCeoI/pT6oqfqZzNVWEqpSjow=
x-served-by: cache-fra19149-FRA
last-modified: Wed, 06 Jan 2021 22:25:50 GMT
server: AmazonS3
x-timer: S1612453599.335443,VS0,VE0
etag: "4f5c23cba20072ede6a543efb2f986c3"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 9085

OPTIONS
H2 200 t
make.cohesionapps.com/v1/ Frame 0
0 123ms
123ms Other 34.224.144.97
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://make.cohesionapps.com/v1/t
Protocol: H2
Server: 34.224.144.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-224-144-97.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://www.zdnet.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 04 Feb 2021 15:46:39 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 900
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 t Show response
make.cohesionapps.com/v1/ 92 B
224 B 133ms
133ms XHR
application/json 34.224.144.97
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://make.cohesionapps.com/v1/t
Requested by: Host: cdn.cohesionapps.com
URL: https://cdn.cohesionapps.com/cohesion/cohesion-latest.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.224.144.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-224-144-97.compute-1.amazonaws.com
Software: /
Resource Hash: cfc159323e621d28f9e1f456ba313f330d7a7b903da37d682dae3d94b5593e00

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
Authorization: Basic d2tfMWtZc0FkSHN4MVhWd1Q1RWJYOU9RWWw0bkpNOg==
Content-Type: application/json;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 04 Feb 2021 15:46:39 GMT
access-control-allow-credentials: true
content-length: 92
vary: Origin
content-type: application/json

GET
H2 200 / Show response
www.zdnet.com/components/breaking-news/xhr/ 1 KB
628 B 114ms
114ms XHR
application/json 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/components/breaking-news/xhr/?slug=breaking-news-banner

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/6b2e92-fly/js/main.default.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4a0d0532f2e2c10a53a59d2fdb7f2b262ecbbb01c80e7b0f7056ef468d744d43

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .zdnet.com .ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' *.zdnet.com *.ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 04 Feb 2021 15:30:12 GMT
x-frame-options: SAMEORIGIN
date: Thu, 04 Feb 2021 15:46:39 GMT
expect-ct: max-age=0, report-uri="https://7a8f8748a40805618a61b617481a6ebc.report-uri.com/r/d/ct/reportOnly"
vary: Accept-Encoding, User-Agent
x-tx-id: b5867235-f3a1-48c6-abad-5a857c93bf00
content-type: application/json
cache-control: max-age=5400, private
accept-ranges: bytes
expires: Thu, 04 Feb 2021 17:00:12 GMT

GET
H2 200 disqus-loader-e3cab293df-rev.js Show response
zdnet3.cbsistatic.com/fly/js/components/ 1 KB
811 B 7ms
7ms Script
application/javascript 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet3.cbsistatic.com/fly/js/components/disqus-loader-e3cab293df-rev.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

2b1068aa007abf0e405b0840844c67718204a0073dc392337d78427a0dba6854

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 187330
vary: Accept-Encoding, Accept
content-length: 667
x-xss-protection: 1; mode=block
last-modified: Fri, 29 Jan 2021 14:23:49 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "2a46de9e3243d22181e8b8c20ff87084"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Feb 2021 11:27:00 GMT

GET
H2 200 ransomware-partnership.jpg
zdnet3.cbsistatic.com/hub/i/r/2021/02/04/6ad088dc-c136-4e9a-a9d9-9c178440dfa0/thumbnail/170x128/72d1d6f387977e26168d1df85c48d146/ 6 KB
6 KB 9ms
7ms Image
image/jpeg 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet3.cbsistatic.com/hub/i/r/2021/02/04/6ad088dc-c136-4e9a-a9d9-9c178440dfa0/thumbnail/170x128/72d1d6f387977e26168d1df85c48d146/ransomware-partnership.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

5069ab81fc8e416dd3a6acac9c05c95d03c837915753ad4055d7af93f09508b4

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:39 GMT
x-content-type-options: nosniff
age: 6359
vary: Accept-Encoding, Accept
content-length: 5663
x-xss-protection: 1; mode=block
last-modified: Thu, 04 Feb 2021 14:00:28 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"f7cd2c8fb512bd047ddf233a6c10c6c3"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Apr 2021 14:00:40 GMT

GET
H2 200 stormshield-logo.jpg
zdnet2.cbsistatic.com/hub/i/r/2021/02/04/599cb779-8c9e-4780-99a0-6f49ad98c147/thumbnail/170x128/659eab7ead6946381f239fa427332405/ 2 KB
3 KB 7ms
6ms Image
image/jpeg 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet2.cbsistatic.com/hub/i/r/2021/02/04/599cb779-8c9e-4780-99a0-6f49ad98c147/thumbnail/170x128/659eab7ead6946381f239fa427332405/stormshield-logo.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

0206ddc3620d13f5adb314f39bd454e0170bb0add44969dd816d7ec8467da6aa

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:39 GMT
x-content-type-options: nosniff
age: 8789
vary: Accept-Encoding, Accept
content-length: 2321
x-xss-protection: 1; mode=block
last-modified: Thu, 04 Feb 2021 13:20:02 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"659cd8dea7cc372c92d98a8bcad150c1"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Apr 2021 13:20:07 GMT

GET
H2 200 android.png
zdnet2.cbsistatic.com/hub/i/r/2019/10/29/8869fe03-a3ba-4470-933d-e8088f9521ff/thumbnail/170x128/d5a8c1f45098d3209778c0c91c154c95/ 23 KB
23 KB 8ms
7ms Image
image/png 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet2.cbsistatic.com/hub/i/r/2019/10/29/8869fe03-a3ba-4470-933d-e8088f9521ff/thumbnail/170x128/d5a8c1f45098d3209778c0c91c154c95/android.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

af88e0529d489ba014b7ad8db58a7ab39bfb9001185430db33870d797857d4f3

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:39 GMT
x-content-type-options: nosniff
age: 35170
vary: Accept-Encoding, Accept
content-length: 23877
x-xss-protection: 1; mode=block
last-modified: Sun, 06 Sep 2020 15:02:29 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"77eab09dc48d7d97ade588d8ac8da1db"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Apr 2021 06:00:29 GMT

GET
H2 200 zero-day.png
zdnet4.cbsistatic.com/hub/i/r/2019/09/05/41745ace-25ca-4092-8c34-2d0ab65924b2/thumbnail/170x128/2267ce65df36fa2610794a66834b005e/ 24 KB
24 KB 11ms
11ms Image
image/png 2a04:4e42:3::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet4.cbsistatic.com/hub/i/r/2019/09/05/41745ace-25ca-4092-8c34-2d0ab65924b2/thumbnail/170x128/2267ce65df36fa2610794a66834b005e/zero-day.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

c2f440d8ade1967f7325784906c8c64ac56ddd882e7aadb10a04f59cd13dbc8e

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:39 GMT
x-content-type-options: nosniff
age: 62560
vary: Accept-Encoding, Accept
content-length: 24477
x-xss-protection: 1; mode=block
last-modified: Wed, 03 Feb 2021 22:23:57 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"68f7953572783c52bda2d1eb82133cc0"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Apr 2021 22:23:59 GMT

GET
H2 200 / Show response
www.zdnet.com/newsletter/xhr/widget-login/ 2 KB
1006 B 158ms
158ms XHR
application/json 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/newsletter/xhr/widget-login/?topic=security

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/6b2e92-fly/js/main.default.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

13c0cadb41cea4ab39c414a2b0e631c264c1bbccd59ba234911fab60898a064c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .zdnet.com .ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' *.zdnet.com *.ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Thu, 04 Feb 2021 15:46:39 GMT
expect-ct: max-age=0, report-uri="https://7a8f8748a40805618a61b617481a6ebc.report-uri.com/r/d/ct/reportOnly"
x-frame-options: SAMEORIGIN
x-tx-id: 04d0d737-25aa-45d1-b490-a0cbc6868c99
content-type: application/json
cache-control: max-age=0, must-revalidate, private
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
x-xss-protection: 1; mode=block
expires: Thu, 04 Feb 2021 15:46:39 GMT

GET
H2 200 front-door-carousel-d989216481-rev.js Show response
zdnet1.cbsistatic.com/fly/js/components/ 5 KB
2 KB 6ms
6ms Script
application/javascript 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet1.cbsistatic.com/fly/js/components/front-door-carousel-d989216481-rev.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

a0aa48808ddef7604ba969db62e4af3a2ba001b7a8751823cf0ab2d430308ea5

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 183690
vary: Accept-Encoding, Accept
content-length: 1542
x-xss-protection: 1; mode=block
last-modified: Fri, 29 Jan 2021 14:23:50 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "5d1cca1f7547548cae454a50df3511ae"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Feb 2021 12:45:09 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet2.cbsistatic.com/hub/i/r/2021/02/04/599cb779-8c9e-4780-99a0-6f49ad98c147/thumbnail/170x128/659eab7ead6946381f239fa427332405/stormshield-logo.jpg

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/6b2e92-fly/js/main.default.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

0206ddc3620d13f5adb314f39bd454e0170bb0add44969dd816d7ec8467da6aa

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:39 GMT
x-content-type-options: nosniff
age: 8789
vary: Accept-Encoding, Accept
content-length: 2321
x-xss-protection: 1; mode=block
last-modified: Thu, 04 Feb 2021 13:20:02 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"659cd8dea7cc372c92d98a8bcad150c1"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Apr 2021 13:20:07 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet3.cbsistatic.com/hub/i/r/2021/02/04/6ad088dc-c136-4e9a-a9d9-9c178440dfa0/thumbnail/170x128/72d1d6f387977e26168d1df85c48d146/ransomware-partnership.jpg

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/6b2e92-fly/js/main.default.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

5069ab81fc8e416dd3a6acac9c05c95d03c837915753ad4055d7af93f09508b4

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:39 GMT
x-content-type-options: nosniff
age: 6359
vary: Accept-Encoding, Accept
content-length: 5663
x-xss-protection: 1; mode=block
last-modified: Thu, 04 Feb 2021 14:00:28 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"f7cd2c8fb512bd047ddf233a6c10c6c3"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Apr 2021 14:00:40 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet2.cbsistatic.com/hub/i/r/2019/10/29/8869fe03-a3ba-4470-933d-e8088f9521ff/thumbnail/170x128/d5a8c1f45098d3209778c0c91c154c95/android.png

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/6b2e92-fly/js/main.default.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

af88e0529d489ba014b7ad8db58a7ab39bfb9001185430db33870d797857d4f3

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:39 GMT
x-content-type-options: nosniff
age: 35170
vary: Accept-Encoding, Accept
content-length: 23877
x-xss-protection: 1; mode=block
last-modified: Sun, 06 Sep 2020 15:02:29 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"77eab09dc48d7d97ade588d8ac8da1db"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Apr 2021 06:00:29 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet4.cbsistatic.com/hub/i/r/2019/09/05/41745ace-25ca-4092-8c34-2d0ab65924b2/thumbnail/170x128/2267ce65df36fa2610794a66834b005e/zero-day.png

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/6b2e92-fly/js/main.default.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

c2f440d8ade1967f7325784906c8c64ac56ddd882e7aadb10a04f59cd13dbc8e

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:39 GMT
x-content-type-options: nosniff
age: 62560
vary: Accept-Encoding, Accept
content-length: 24477
x-xss-protection: 1; mode=block
last-modified: Wed, 03 Feb 2021 22:23:57 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"68f7953572783c52bda2d1eb82133cc0"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Apr 2021 22:23:59 GMT

GET
H2 200 show-hide-1.0-7bf562809f-rev.js Show response
zdnet3.cbsistatic.com/fly/js/components/ 2 KB
793 B 7ms
6ms Script
application/javascript 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet3.cbsistatic.com/fly/js/components/show-hide-1.0-7bf562809f-rev.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

cd715c0fa7d69e85432e8b08d0a02b9613edf40212cca2040bde31670167638e

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 195823
vary: Accept-Encoding, Accept
content-length: 671
x-xss-protection: 1; mode=block
last-modified: Fri, 29 Jan 2021 14:23:49 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "0d313e88a8f546029eddb39c1f70466f"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Feb 2021 09:22:55 GMT

GET
H/1.1 200
OK NRJS-04e0f5db0886b3b33ff Show response
bam-cell.nr-data.net/1/ 57 B
651 B 240ms
188ms Script
text/javascript 162.247.243.146
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/NRJS-04e0f5db0886b3b33ff?a=450235099&v=1194.94d5a62&to=ZFMHbUMCXktYWxJZX10ZJFpFCl9WFlkURFlQWgBmQgpeX1Vd&rst=1973&ck=1&ref=https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/&ap=236&be=146&fe=1866&dc=346&perf=%7B%22timing%22:%7B%22of%22:1612453597385,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:2,%22c%22:2,%22s%22:7,%22ce%22:16,%22rq%22:16,%22rp%22:131,%22rpe%22:145,%22dl%22:138,%22di%22:346,%22ds%22:346,%22de%22:347,%22dc%22:1865,%22l%22:1865,%22le%22:1886%7D,%22navigation%22:%7B%7D%7D&fp=342&fcp=342&at=SBQQGwsYTRQbWUQKS05L&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1194.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.146 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 15:46:39 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: text/javascript;charset=ISO-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 61c58694691a233d-ZRH
cf-request-id: 080f5270cc0000233d03337000000001
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 bcn
www.summerhamster.com/ 43 B
182 B 91ms
28ms Image
image/gif 18.194.108.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.summerhamster.com/bcn?fe=1612453599421&y=2.0.1105&elg=402354610&flg=68&x=zzz.cgqhw.frp%2Fduwlfoh%2Fplfurvriw-ghihqghu-dws-lv-ghwhfwlqj-bhvwhugdbv-fkurph-xsgdwh-dv-d-edfngrru%2F&vqwo=1&deo=0&g0=vg%3A%3Aer%2Cxd%3A%3Aqexd%3A%3Aqsu%7Cvg%3A%3Ask%3A%3Aqsk%3A%3Aqsu%7Cgisl%3A%3Alp%2Clqi%2Cqh%3A%3Aqoe%3A%3Aqsu%3A%3Axuo%3D%2F%2Fdg.grxeohfolfn.qhw%2Fggp%2Fdg%2Fsa%2Fsytnvygpr%2Fcq%2F%3Brug%3D1612453598264%3F%7Cjdg%3A%3Aho%2Ckl%2Cklg%2Clqi%3A%3Aqhk%3A%3Aqsu%3A%3Avho%3D.sodlqDg%7Cjdg%3A%3Aho%2Ckl%2Cklg%2Clqi%3A%3Aqhk%3A%3Aqsu%3A%3Avho%3D.sodlqDg%7Cddg%2Cjdg%3A%3Aho%2Ckl%2Cklg%2Clqi%3A%3Aqhk%3A%3Aqsu%3A%3Avho%3D.des_re_halvw%7Cdg%3A%3Adu%2Cklg%2Cvv%3A%3Aqvvs%3A%3Aqsu%7Cdg%3A%3Adu%2Cklg%2Cvv%3A%3Aqvvs%3A%3Aqsu%7Cdg%3A%3Adu%2Cklg%2Cvv%3A%3Aqvvs%3A%3Aqsu%7Cdg%3A%3Adu%2Cklg%2Cvv%3A%3Aqvvs%3A%3Aqsu%7Cdg%3A%3Adu%2Cklg%2Cvv%3A%3Aqvvs%3A%3Aqsu%7Csu%3A%3Aid%3A%3Auivv%3A%3Aqsu&hu=0&g2=0%3A%3A0%3A%3A0%3A%3A0%3A%3A0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.108.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-108-62.eu-central-1.compute.amazonaws.com
Software: Jetty(9.2.10.v20150310) /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 04 Feb 2021 15:46:39 GMT
server: Jetty(9.2.10.v20150310)
content-length: 43
access-control-allow-methods: *
content-type: image/gif

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 435B 0
0 63ms
62ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst25bDBVV7MZ0oPwOHiYw-cuGleTfo3FRX1B3VXMOW0_ZYZVnhBGPykGIZn_nP3FOHeAVTkFQD8s9iNywO1MtFmLuFnkfrZOCcxGIuSRWnDWWgtr1Blo_StirwztHNYFL2vdaokU_rI9AoFhASOm-aFwgzP1zEc-mGaZF1zCzKRW99cW1ZgDUutQdCSqj_ZcrSR5TNFdlwrT9cWR3mAxTNGgLELT8ywcA7CtdhSSqxJ46l0a6TadTrMk6tbUC-HCEgrB3fD_CW3eDvnI_b0vaKAnWpe7im3oDpKDG7lDY-aPMKdKemAhBKFFKuqLRZm&sig=Cg0ArKJSzBn8cNMJF6RJEAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Feb 2021 15:46:39 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 ad.js Show response
clipcentric-a.akamaihd.net/ad/B=244/F=1112443/C=117562/P=22/L=21/V=23/S=r29vzW_e/ Frame 435B 136 KB
37 KB 120ms
28ms Script
text/javascript 2.16.107.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://clipcentric-a.akamaihd.net/ad/B=244/F=1112443/C=117562/P=22/L=21/V=23/S=r29vzW_e/ad.js?q=1611946198
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.107.33 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-33.deploy.static.akamaitechnologies.com
Software: Apache/2.2.34 /
Resource Hash: ff55539431535d7f1d391b6bc0fecc41ea36aa7557097a63dc1f572f1bef7625

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:39 GMT
content-encoding: br
last-modified: Thu Jan 1 00:00:00 1970
server: Apache/2.2.34
cache-control: max-age=3600
content-length: 37890
content-type: text/javascript

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 435B 106 KB
33 KB 36ms
15ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1762ce2250a6a35a6fd892b054eec13df91cf939dca3e40ade35ae57d90b215

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1612182882448455"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 33332
x-xss-protection: 0
expires: Thu, 04 Feb 2021 15:46:39 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame 435B 322 KB
107 KB 35ms
35ms Script
application/x-javascript 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 88ea399bbde5869c452dff0a89d2f51fc07e552a881efec91030511665a6011e

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:39 GMT
content-encoding: gzip
last-modified: Wed, 13 Jan 2021 17:53:43 GMT
server: AmazonS3
x-amz-request-id: A52D1797819795F0
etag: "5cd96c1261df52e7d06bcc134eb6bdc8"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=9099
accept-ranges: bytes
content-length: 109470
x-amz-id-2: +R09H/KSrzGFTcaShXfchda3IZtDXVsG3EH6Tsy+iueo2fcNAxUSAZC0Oi80Y8+K6eKE0XRp518=

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/022010270040000/ Frame D6DB 180 KB
51 KB 37ms
7ms Script
text/javascript 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022010270040000/amp4ads-v0.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202102021841/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

700d1d900f10d454a72ce90127520d4ecbbc35725e63b2b2fe9a46e9c9d3fc02

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 10195
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51484
x-xss-protection: 0
server: sffe
date: Thu, 04 Feb 2021 12:56:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6d03694bae3d062c"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Feb 2022 12:56:44 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/022010270040000/v0/ Frame D6DB 13 KB
5 KB 46ms
17ms Script
text/javascript 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022010270040000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202102021841/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 21853
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4850
x-xss-protection: 0
server: sffe
date: Thu, 04 Feb 2021 09:42:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "77bd676d834aaa8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Feb 2022 09:42:26 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/022010270040000/v0/ Frame D6DB 90 KB
27 KB 47ms
18ms Script
text/javascript 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022010270040000/v0/amp-analytics-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202102021841/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 121831
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27668
x-xss-protection: 0
server: sffe
date: Wed, 03 Feb 2021 05:56:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1304c1c0caf7ca3c"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Feb 2022 05:56:08 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/022010270040000/v0/ Frame D6DB 3 KB
1 KB 48ms
19ms Script
text/javascript 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022010270040000/v0/amp-fit-text-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202102021841/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 10207
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1350
x-xss-protection: 0
server: sffe
date: Thu, 04 Feb 2021 12:56:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "12c034eb739190af"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Feb 2022 12:56:32 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/022010270040000/v0/ Frame D6DB 41 KB
13 KB 49ms
20ms Script
text/javascript 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022010270040000/v0/amp-form-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202102021841/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 10195
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13075
x-xss-protection: 0
server: sffe
date: Thu, 04 Feb 2021 12:56:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e8a1dae72af56cd"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Feb 2022 12:56:44 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D6DB 4 KB
702 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202102021841/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2190c16423c2557bcb20ccba2edc176fbeb16e6a3de2b2af297f650aae85a43e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 15:08:46 GMT
server: ESF
date: Thu, 04 Feb 2021 15:46:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 04 Feb 2021 15:46:39 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D6DB 4 KB
725 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&text=

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202102021841/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2190c16423c2557bcb20ccba2edc176fbeb16e6a3de2b2af297f650aae85a43e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 14:37:44 GMT
server: ESF
date: Thu, 04 Feb 2021 15:46:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 04 Feb 2021 15:46:39 GMT

GET
DATA 200
OK truncated
/ Frame D6DB 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e65fb95a84e15fdec4a1a5d44f126eed8150ef9e64d4369281699d5a79742bf

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/17850963379517095553/ Frame D6DB 39 KB
39 KB 69ms
54ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17850963379517095553/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoI2gMQ-AEYASABLQAAAD8w2gM4-AFFAACAPw&rs=AOga4qk-LkeWXnLJehWBAaYfmIC3y2gy4Q

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5238fe7c15c024cb03d094be9c0966d390b46236265e80d9f7b333c3812cac89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 08:10:57 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 14:14:34 GMT
server: sffe
age: 545742
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40336
x-xss-protection: 0
expires: Sat, 29 Jan 2022 08:10:57 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/652503062678389469/ Frame D6DB 18 KB
18 KB 69ms
53ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/652503062678389469/downsize_200k_v1?sqp=4sqPyQSLAUKIAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-Mg8I2AQQ2AQYASABLQAAAD8&rs=AOga4qkG7W93s-T2Gq4zBTzN-k-2dX7k6w

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03bf53604be4a80d4862e30b8a3810c71e551cc202b758b2258d21c1e9dfdd7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 13:39:35 GMT
x-content-type-options: nosniff
last-modified: Wed, 13 Mar 2019 08:45:00 GMT
server: sffe
age: 266824
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18297
x-xss-protection: 0
expires: Tue, 01 Feb 2022 13:39:35 GMT

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D6DB 0
0 71ms
69ms Image
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CmKmk3hYcYOuVNqqK7_UPgbu8oAWt76CiYf3xtfz6DID0tcu7IRABIMyRriJg9ZXOgeAEoAGkrJzJA8gBBqkCNB4AAUmYsj7gAgCoAwHIAwqqBLECT9Cyp_4W4tmTPP4slcnRGEg8-OrvqCGLbOTq2m5WzV7HlImMh3yy6lVG6C4f_ccTroSE_LjHGksHOpDOt8_pDBzhwEAHo9nmoiHowe6Nprw5FZt5QIuv-7vo0uI9ubRdVQfNEb7v59SXimR9Xht-odsvNnYDqC1YkcwAiS67RJVc5DjEuXnZFei9wf0f9AzjsZa4hsn5Yh8IMlw6VGm4oFsel2KGbeTUiaXYmf1sB3JlgaLki1DFlOpSmAojxLMdOxTFbK68u2i_d48V5YPbPa_ZkKGhTvO2ku81fAotQsSbppNgL7zh41pa8vcGO5n-v10Al7uc6yw3KkjEF-n0zbeUVCjHZqK4uyz2TkdEQ8hqRLpR7kN0UZ91mxV83X6P2efid-jy8c1r9TVMyI499_jABL7y1PPeAeAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAY3gAfE0-M2qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEJr8atIIBwiAYRABGB2ACgPICwHYEw2yFxoKGAgAEhRwdWItMTk5MTY3OTYyNDMzMTM2OQ&sigh=pEKenx0YKTs&template_id=492&tpd=AGWhJmuuT-12Lm9LKhAF_vGKVYE-jnfG4C8Dbuyf9_PKqVzTFA
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: mil04s23-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 204 l
www.google.com/ads/measurement/ Frame D6DB 0
0 16ms
14ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ8H4Wg6Hi1FS47trkEsjT655_z6TYF4J9wRtXIzHASGvTv73to_hjo0-D_OD25ohD9QReWSOY1KdDPU1Hj1-Zg5l0ehg
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D6DB 2 KB
3 KB 67ms
52ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Feb 2021 16:32:44 GMT
x-content-type-options: nosniff
server: cafe
age: 83635
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 04 Feb 2021 16:32:44 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D6DB 295 B
389 B 67ms
52ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Feb 2021 16:21:27 GMT
x-content-type-options: nosniff
server: cafe
age: 84312
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 04 Feb 2021 16:21:27 GMT

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 76ms
48ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

208dfab1fdcf1f4e57f80d6fd873265f0ff90c42c36cb25e38dff42695e383a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1612182870646033"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28348
x-xss-protection: 0
expires: Thu, 04 Feb 2021 15:46:39 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 33ms
33ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CBS_PREBID_HEADER1&hp=1&zMoatAdUnit1=uk-zdnet&zMoatAdUnit2=security&wf=1&vb=8&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=11&f=0&j=&t=1612453598920&de=698903687532&rx=699394027241&m=0&ar=a4c42fd81f5-clean&iw=953a59b&q=3&cb=0&cu=1612453598920&ll=2&lm=0&ln=0&em=0&en=0&d=25365849%3A465723849%3A4676441751%3A138290752599&zMoatAType=content_article&zMoatTest=zdnet&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&id=1&ii=4&bo=uk-zdnet&bd=security&gw=cbsprebidheader506831276743&fd=1&ac=1&it=500&pe=1%3A342%3A342%3A0%3A346&fs=188103&na=1961714299&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 15:46:39 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 04 Feb 2021 15:46:39 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame D6DB 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.zdnet.com
Referer: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 12:56:21 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 10218
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Fri, 04 Feb 2022 12:56:21 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame D6DB 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.zdnet.com
Referer: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 18:44:40 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 75719
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Thu, 03 Feb 2022 18:44:40 GMT

GET
H3-Q050 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/022010270040000/ Frame 8FAE 180 KB
51 KB 48ms
32ms Script
text/javascript 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022010270040000/amp4ads-v0.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202102021841/wrap.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

700d1d900f10d454a72ce90127520d4ecbbc35725e63b2b2fe9a46e9c9d3fc02

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 10195
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51484
x-xss-protection: 0
server: sffe
date: Thu, 04 Feb 2021 12:56:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6d03694bae3d062c"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Feb 2022 12:56:44 GMT

GET
H3-Q050 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/022010270040000/v0/ Frame 8FAE 13 KB
5 KB 55ms
39ms Script
text/javascript 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022010270040000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202102021841/wrap.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 21853
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4850
x-xss-protection: 0
server: sffe
date: Thu, 04 Feb 2021 09:42:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "77bd676d834aaa8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Feb 2022 09:42:26 GMT

GET
H3-Q050 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/022010270040000/v0/ Frame 8FAE 90 KB
27 KB 56ms
40ms Script
text/javascript 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022010270040000/v0/amp-analytics-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202102021841/wrap.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 121831
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27668
x-xss-protection: 0
server: sffe
date: Wed, 03 Feb 2021 05:56:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1304c1c0caf7ca3c"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Feb 2022 05:56:08 GMT

GET
H3-Q050 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/022010270040000/v0/ Frame 8FAE 3 KB
1 KB 59ms
44ms Script
text/javascript 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022010270040000/v0/amp-fit-text-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202102021841/wrap.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 10207
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1350
x-xss-protection: 0
server: sffe
date: Thu, 04 Feb 2021 12:56:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "12c034eb739190af"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Feb 2022 12:56:32 GMT

GET
H3-Q050 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/022010270040000/v0/ Frame 8FAE 41 KB
13 KB 53ms
38ms Script
text/javascript 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022010270040000/v0/amp-form-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202102021841/wrap.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 10195
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13075
x-xss-protection: 0
server: sffe
date: Thu, 04 Feb 2021 12:56:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e8a1dae72af56cd"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Feb 2022 12:56:44 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8FAE 2 KB
2 KB 8ms
6ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202102021841/wrap.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Feb 2021 16:32:44 GMT
x-content-type-options: nosniff
server: cafe
age: 83635
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 04 Feb 2021 16:32:44 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8FAE 295 B
320 B 9ms
6ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202102021841/wrap.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Feb 2021 16:21:27 GMT
x-content-type-options: nosniff
server: cafe
age: 84312
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 04 Feb 2021 16:21:27 GMT

GET
DATA 200
OK truncated
/ Frame 8FAE 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a125d5a77993fdf771ae3f64a02a2aca87c6962a6f204d5b24267de6b01dda52

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 container.html
b0e95de8a43c5af9d2065ccae6acb938.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 2E4F 0
0 55ms
41ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b0e95de8a43c5af9d2065ccae6acb938.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202102021841/wrap.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: b0e95de8a43c5af9d2065ccae6acb938.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Thu, 04 Feb 2021 15:46:38 GMT
expires: Fri, 04 Feb 2022 15:46:38 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame DD70 0
0 95ms
91ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstKowzkFEDlhlqWBwXNQHZJWiN_wMQy4z3JCuI60Q8JEF-7g-UHBjccaIq0Bluf2jTj1yxGCyQ8zGLSkW8Patidx7WT_LofKOPRDt4bRU9hmy4qp04wRkL8cGZIfHgtjIg4VsYEYkqxDVLGhtTCkKwcnvIe9pWXBNzq2WRHhndUxScqYXkMcFrNF-jB_mWEVXqyWcfhwizu2mvTxMpmdrbphPrVu6xOgGj0zQtf3HUO5lHBFA1JAnjDIvuszPhgXmYOKogMquh4Zuf4ACzv7_DjpAxQFeRZlPgb3BA8fcYVfw&sig=Cg0ArKJSzN3t2ew3ZuirEAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Feb 2021 15:46:39 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 adKit.min.js Show response
rev.cbsi.com/common/js/ Frame DD70 6 KB
2 KB 391ms
185ms Script
application/javascript 2a04:4e42:1c::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://rev.cbsi.com/common/js/adKit.min.js?1347121095

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1c::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2bf78db102c9d6e84c8e86cd2bd6134383688ae866a991028728b62f482358ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:40 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 0
x-cache: MISS
content-length: 2149
x-served-by: cache-bos4633-BOS
access-control-allow-origin: *
last-modified: Thu, 16 Apr 2020 15:02:48 GMT
server: AmazonS3
x-timer: S1612453600.122926,VS0,VE91
etag: "e524dc608d5c7c30eef57b6ed95dc6a8"
strict-transport-security: max-age=300
content-type: application/javascript
via: 1.1 varnish
accept-ranges: bytes
x-cache-hits: 0

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DD70 106 KB
33 KB 20ms
16ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1762ce2250a6a35a6fd892b054eec13df91cf939dca3e40ade35ae57d90b215

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1612182882448455"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 33332
x-xss-protection: 0
expires: Thu, 04 Feb 2021 15:46:39 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame DD70 322 KB
107 KB 37ms
33ms Script
application/x-javascript 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 88ea399bbde5869c452dff0a89d2f51fc07e552a881efec91030511665a6011e

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:39 GMT
content-encoding: gzip
last-modified: Wed, 13 Jan 2021 17:53:43 GMT
server: AmazonS3
x-amz-request-id: A52D1797819795F0
etag: "5cd96c1261df52e7d06bcc134eb6bdc8"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=9099
accept-ranges: bytes
content-length: 109470
x-amz-id-2: +R09H/KSrzGFTcaShXfchda3IZtDXVsG3EH6Tsy+iueo2fcNAxUSAZC0Oi80Y8+K6eKE0XRp518=

GET
H3-Q050 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/022010270040000/ Frame 8237 180 KB
50 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022010270040000/amp4ads-v0.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202102021841/wrap.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

700d1d900f10d454a72ce90127520d4ecbbc35725e63b2b2fe9a46e9c9d3fc02

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 10195
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51484
x-xss-protection: 0
server: sffe
date: Thu, 04 Feb 2021 12:56:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6d03694bae3d062c"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Feb 2022 12:56:44 GMT

GET
H3-Q050 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/022010270040000/v0/ Frame 8237 13 KB
5 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022010270040000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202102021841/wrap.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 21853
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4850
x-xss-protection: 0
server: sffe
date: Thu, 04 Feb 2021 09:42:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "77bd676d834aaa8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Feb 2022 09:42:26 GMT

GET
H3-Q050 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/022010270040000/v0/ Frame 8237 90 KB
27 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022010270040000/v0/amp-analytics-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202102021841/wrap.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 121831
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27668
x-xss-protection: 0
server: sffe
date: Wed, 03 Feb 2021 05:56:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1304c1c0caf7ca3c"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Feb 2022 05:56:08 GMT

GET
H3-Q050 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/022010270040000/v0/ Frame 8237 3 KB
1 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022010270040000/v0/amp-fit-text-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202102021841/wrap.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 10207
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1350
x-xss-protection: 0
server: sffe
date: Thu, 04 Feb 2021 12:56:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "12c034eb739190af"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Feb 2022 12:56:32 GMT

GET
H3-Q050 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/022010270040000/v0/ Frame 8237 41 KB
13 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022010270040000/v0/amp-form-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202102021841/wrap.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 10195
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13075
x-xss-protection: 0
server: sffe
date: Thu, 04 Feb 2021 12:56:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e8a1dae72af56cd"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Feb 2022 12:56:44 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 8237 4 KB
1 KB 90ms
74ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&lang=de

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202102021841/wrap.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2190c16423c2557bcb20ccba2edc176fbeb16e6a3de2b2af297f650aae85a43e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 15:44:38 GMT
server: ESF
date: Thu, 04 Feb 2021 15:46:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 04 Feb 2021 15:46:39 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 8237 4 KB
651 B 92ms
77ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&text=

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202102021841/wrap.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2190c16423c2557bcb20ccba2edc176fbeb16e6a3de2b2af297f650aae85a43e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 14:37:10 GMT
server: ESF
date: Thu, 04 Feb 2021 15:46:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 04 Feb 2021 15:46:39 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8237 2 KB
2 KB 9ms
8ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202102021841/wrap.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Feb 2021 16:32:44 GMT
x-content-type-options: nosniff
server: cafe
age: 83635
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 04 Feb 2021 16:32:44 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8237 295 B
320 B 9ms
8ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202102021841/wrap.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Feb 2021 16:21:27 GMT
x-content-type-options: nosniff
server: cafe
age: 84312
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 04 Feb 2021 16:21:27 GMT

GET
DATA 200
OK truncated
/ Frame 8237 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3c1428802610e9679ebb24ef784ea4e54ac3e542536b5ef80b43fbd5f30e5c4d

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 container.html
b0e95de8a43c5af9d2065ccae6acb938.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame DDC5 0
0 14ms
6ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b0e95de8a43c5af9d2065ccae6acb938.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202102021841/wrap.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: b0e95de8a43c5af9d2065ccae6acb938.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Thu, 04 Feb 2021 15:46:38 GMT
expires: Fri, 04 Feb 2022 15:46:38 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 11439878865123501431
tpc.googlesyndication.com/simgad/ Frame 8FAE 19 KB
19 KB 51ms
48ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11439878865123501431?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnbwMXsfpr_lI8oZQLC3BI6TCPEMQ

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3778af4b6ae34d64fe1cbb2e410ed8b50ec70f92858441da55eb52fa13d39ed2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 20:04:45 GMT
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 21:09:29 GMT
server: sffe
age: 243714
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19274
x-xss-protection: 0
expires: Tue, 01 Feb 2022 20:04:45 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 8FAE 0
0 52ms
49ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT0CDILktD2gFJME5X_a7thCzuKa5yBlh-AIdyki0RL2jPj5mVjNxEUxh4UejjQtmBCa4Y6cESuwz_JxHRJQANY0bIqlA
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 8FAE 0
0 66ms
63ms Image
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CJHts3hYcYOyVNqqK7_UPgbu8oAXSvfmCYfyQv8eEDaD42vTxCRABIMyRriJg9ZXOgeAEoAH_24rIA8gBAuACAKgDAcgDCKoErAJP0KX8xAHomJ2V4T2OCCZeA6KxfXVsQd2095mlwVyn0r6PHcsR9Y_1hvvZVeSMbBQEWc5rlRrgyLvZM3dvbZ4Pk6q3sQRD1RmoBg5eEyIz2hK3ZdOa0AH-r3KfdBGu7yreyjselpfh8np_ao_xSApLXo_fRlq8q5BjP1fgOKrk5mDz44bEMCpgSIi2-GJvU9gvGqHhgfRcipeCWgn-r_iBlciYaIdxWuWJazc1PQJd4x_Yln57n6fBVhSlxNHc3TyRXTkqsFjN2mjE0E_cEKdI5L7wTdNomzuf-QvtG5FDrza_PULtbXgsNZOoIhsEC6-p8faeDk8Q5006vVTbV5lQErYiHkGT_p1tKTEJIsePUT9y3kHjbMgtOfyYtH-8cJMF8Fdkke4N68qXn7jABMO_zvfCA-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAfw7qyiAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBC6kyzSCAcIgGEQARgdgAoDyAsB2BMMshcaChgIABIUcHViLTE5OTE2Nzk2MjQzMzEzNjk&sigh=ETILyzr-CtY&tpd=AGWhJmt22J-ptVKDGGbIYjaVCva-iJOICB43J-L2BFTfiHBVZg
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: mil04s23-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/12729429937137397730/ Frame 8237 12 KB
12 KB 51ms
48ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12729429937137397730/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIrAIQnQEYASABLQAAAD8wrAI4nQFFAACAPw&rs=AOga4qkpC6mwqueVnT8AjwEiX1ud-yo6-g

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aea43db32581f639bde8e00ddc5e9309004edd9daafb4c4208f9a7d2ddb76978

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 17:41:46 GMT
x-content-type-options: nosniff
last-modified: Thu, 15 Oct 2020 08:04:14 GMT
server: sffe
age: 252293
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12504
x-xss-protection: 0
expires: Tue, 01 Feb 2022 17:41:46 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/2755785066977218372/ Frame 8237 9 KB
10 KB 51ms
48ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2755785066977218372/downsize_200k_v1?sqp=4sqPyQSLAUKIAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-Mg8I2AQQ2AQYASABLQAAAD8&rs=AOga4qkkXor9Z_FhtAan7i7Kb-gYjeIcHA

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9cfc271df3fde61f0a0b1f78b6d4993c7144adbfba1955872bf899f91736f4b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 16:21:28 GMT
x-content-type-options: nosniff
last-modified: Thu, 08 Oct 2020 12:08:36 GMT
server: sffe
age: 257111
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9696
x-xss-protection: 0
expires: Tue, 01 Feb 2022 16:21:28 GMT

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 8237 0
0 67ms
64ms Image
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C0w8z3hYcYO6VNqqK7_UPgbu8oAWXvtrEYJDRsoeQDZaCzYWIFhABIMyRriJg9ZXOgeAEoAGF-fH7A8gBBqkCARRWMUwctD7gAgCoAwHIAwqqBLQCT9D-GycJMrMr3kOquDUfqKVAGhG-fND66cc8ZX4CzHfjR1DF7s7BltD3LF9kx-rS-dHycqLDGL5iGMc2YSiAAgnrhXxlDNB6SYm3SzqZSPHcYvYyWR4U-bzSufdiSKmGSSaWnZe3OA279us1irWTZpYtAiFYjCvjx1XgCj0yB2JeIlLpVoVQ4Wlh1l_qg9ufF_XpoRHZZFoWXdZUFtVBnhVq_POuGJa7ExcmODSI7zV7fAGQc4Glmb8_n2tiL7pKtqqex3FpKZMC09gN0HXgl5pfOc4EcXJi6rCWcQM1Yt3xoOUSuPzaFJ3mRblPrtbLQLxJ--39x3pS1lA9jgOlDym_svoXlDUFCzd6kI2a0E9a6Uztngnnz9Icj7zVkXsakcgqV2GNr1r9kcRqVwt2YRbOvf7ABN73z4-vA-AEAZIFBAgEGAGSBQQIBRgEoAY3gAet5aEyqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEILxCNIIBwiAYRABGB2ACgPICwHYEw2IFAOyFxoKGAgAEhRwdWItMTk5MTY3OTYyNDMzMTM2OQ&sigh=gS_OsrUfT4E&template_id=492&tpd=AGWhJms6GM9n57F1K_QaB86b1TAURZrdPzGa0me2sSwYqybFoQ
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: mil04s23-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 8237 43 B
1 KB 147ms
38ms Image
image/gif 85.14.248.72
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=5&extPu=sixt-gaw&extLi=11813200541&rnd=4008106613

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

85.14.248.72 Cologne, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection: close
Content-Length: 43
Pragma: no-cache
X-ET-Code: 0
Last-Modified: Do, 04 Feb 2021 03:46:39 GMT
Server: Microsoft-IIS/8.5
Date: Thu, 04 Feb 2021 15:46:39 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.zdnet.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 1751
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 8237 0
0 51ms
49ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR9gke5Nz50hDNgUvZKgKskXpkTuEcFQxsrGA0Cy49XKO4Sz8klPi3KGZKdaG7yndBUOE7a8B_M5ABcA_7Dt_R4nvM9NQ
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 52ms
32ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021012801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c155d29cdcd72b7e415c32860d5312fb8cd8f7aecfcaac718f0220e314ab4262

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Feb 2021 15:46:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6816
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 435B 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99fe3ea13acb42f42666effc07ae01873bbb31ced10ef6303eb552405f42f957

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 8237 11 KB
11 KB 73ms
7ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=de

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.zdnet.com
Referer: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=de
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 12:56:21 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 10219
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Fri, 04 Feb 2022 12:56:21 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 8237 11 KB
11 KB 16ms
10ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=de

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.zdnet.com
Referer: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=de
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 18:44:40 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 75720
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Thu, 03 Feb 2022 18:44:40 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 47ms
40ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Thu, 04 Feb 2021 15:46:40 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 57ms
46ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CBS_PREBID_HEADER1&hp=1&zMoatAdUnit1=uk-zdnet&zMoatAdUnit2=security&wf=1&vb=8&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=11&f=0&j=&t=1612453598920&de=235522032531&rx=699394027241&m=0&ar=a4c42fd81f5-clean&iw=953a59b&q=4&cb=0&cu=1612453598920&ll=2&lm=0&ln=0&em=0&en=0&d=25365849%3A465723849%3A4676441751%3A138290752599&zMoatAType=content_article&zMoatTest=zdnet&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&id=1&ii=4&bo=uk-zdnet&bd=security&gw=cbsprebidheader506831276743&fd=1&ac=1&it=500&pe=1%3A342%3A342%3A0%3A346&fs=188103&na=370822277&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 15:46:40 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 04 Feb 2021 15:46:40 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 152ms
44ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=110&fi=1&apd=219&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=25365849&L2id=465723849&L3id=4676441751&L4id=138290752599&S1id=uk-zdnet&S2id=security&ord=1612453598920&r=698903687532&t=meas&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=0&zMoatCURL=zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor&zMoatPS=0&zMoatPT=0&bedc=1&q=1&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Feb 2021 15:46:40 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Thu, 04 Feb 2021 15:46:40 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 153ms
44ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=110&fi=1&apd=219&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=25365849&L2id=465723849&L3id=4676441751&L4id=138290752599&S1id=uk-zdnet&S2id=security&ord=1612453598920&r=698903687532&t=fv&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=0&zMoatCURL=zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor&zMoatPS=0&zMoatPT=0&bedc=1&q=2&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Feb 2021 15:46:40 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Thu, 04 Feb 2021 15:46:40 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 151ms
43ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=110&fi=1&apd=219&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=25365849&L2id=465723849&L3id=4676441751&L4id=138290752599&S1id=uk-zdnet&S2id=security&ord=1612453598920&r=698903687532&t=nht&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=0&zMoatCURL=zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor&zMoatPS=0&zMoatPT=0&bedc=1&q=3&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Feb 2021 15:46:40 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Thu, 04 Feb 2021 15:46:40 GMT

GET
H3-Q050

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame D6DB
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

57ms
56ms

Image
text/html

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Thu, 04 Feb 2021 15:46:40 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 104ms
43ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=219&fi=1&apd=328&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=25365849&L2id=465723849&L3id=4676441751&L4id=138290752599&S1id=uk-zdnet&S2id=security&ord=1612453598920&r=698903687532&t=hdn&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=0&zMoatCURL=zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor&zMoatPS=0&zMoatPT=0&bedc=1&q=4&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Feb 2021 15:46:40 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Thu, 04 Feb 2021 15:46:40 GMT

GET
H2 200 store.phtml
ad.clipcentric.com/user-9/resources/ Frame 6317 0
0 122ms
54ms Document
text/html 143.204.93.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.clipcentric.com/user-9/resources/store.phtml?v200530
Requested by: Host: clipcentric-a.akamaihd.net
URL: https://clipcentric-a.akamaihd.net/ad/B=244/F=1112443/C=117562/P=22/L=21/V=23/S=r29vzW_e/ad.js?q=1611946198
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.117 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-117.fra50.r.cloudfront.net
Software: Apache/2.2.34 /
Resource Hash

Request headers

:method: GET
:authority: ad.clipcentric.com
:scheme: https
:path: /user-9/resources/store.phtml?v200530
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/

Response headers

content-type: text/html; charset=UTF-8
content-length: 2976
date: Fri, 22 Jan 2021 02:01:46 GMT
server: Apache/2.2.34
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Hit from cloudfront
via: 1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: JGn4HlK_y4iQvC75ct7nKW_hzq14ll2by5_wAYXI4-T_c_E2vEmWRA==
age: 1172694

GET
H2 200 cbsi_ads_skyboxKit.js Show response
rev.cbsi.com/common/js/ Frame 435B 12 KB
3 KB 94ms
93ms Script
application/javascript 2a04:4e42:1c::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://rev.cbsi.com/common/js/cbsi_ads_skyboxKit.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1c::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2027d157b4d000e990c70568b172a37286343036208cb304f43dc784dc5c87f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:40 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 1179
x-cache: HIT
content-length: 2777
x-served-by: cache-bos4633-BOS
access-control-allow-origin: *
last-modified: Wed, 03 Feb 2021 21:26:31 GMT
server: AmazonS3
x-timer: S1612453601.634035,VS0,VE0
etag: "d1421c6a5c3a6608248993ae2f1b873b"
strict-transport-security: max-age=300
content-type: application/javascript
via: 1.1 varnish
accept-ranges: bytes
x-cache-hits: 53

GET
DATA 200
OK truncated
/ Frame 8268 750 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e9cac3eeba1fc86e06fdc013a4c52742e9b4bd14b7be6517321127d4515095ce

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 E=in,im,fi
tr.clipcentric.com/s/B=244/F=1112443/C=117562/P=22/L=21/V=23/S=r29vzW_e/Z=1/I=120.058626.1612453600511/U=www.zdnet.com/T=62/M=i/D=d/PO=zdnet.com/LO=5609845120/VO=138338738264/ Frame 435B 35 B
136 B 390ms
136ms Image
image/gif 52.205.20.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.clipcentric.com/s/B=244/F=1112443/C=117562/P=22/L=21/V=23/S=r29vzW_e/Z=1/I=120.058626.1612453600511/U=www.zdnet.com/T=62/M=i/D=d/PO=zdnet.com/LO=5609845120/VO=138338738264/E=in,im,fi
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.20.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-20-149.compute-1.amazonaws.com
Software: Apache/2.2.34 /
Resource Hash: 6c63cc5063ac82d8bbc925f9a31adf3a87f1510c021e0fde51854d60484b5019

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:40 GMT
cache-control: no-cache
server: Apache/2.2.34
content-length: 35
content-type: image/gif

GET
H2 200 kjPabYs0.webp
clipcentric-a.akamaihd.net/file/1116318/ad_q75/1612297278/ Frame 435B 54 KB
54 KB 41ms
35ms Image
image/webp 2.16.107.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clipcentric-a.akamaihd.net/file/1116318/ad_q75/1612297278/kjPabYs0.webp
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.107.33 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-33.deploy.static.akamaitechnologies.com
Software: Apache/2.2.34 /
Resource Hash: ecbe7aac72ac63357cf4d4170b12390d893b1eccd1fe786dc64086df6a55a337

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 04 Feb 2021 15:46:40 GMT
cache-control: max-age=31536000
last-modified: Tue, 02 Feb 2021 20:22:15 GMT
server: Apache/2.2.34
content-length: 55156
content-type: image/webp

GET
H2 200 bK8Ly54Z.webp
clipcentric-a.akamaihd.net/file/1114375/ad_q75/1611946130/ Frame 435B 35 KB
35 KB 95ms
90ms Image
image/webp 2.16.107.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clipcentric-a.akamaihd.net/file/1114375/ad_q75/1611946130/bK8Ly54Z.webp
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.107.33 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-33.deploy.static.akamaitechnologies.com
Software: Apache/2.2.34 /
Resource Hash: c8c0acb9b1a7f9c6dbb7d98266ea53b17f1dd80f1b1498d50f75d47b43192ca2

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 04 Feb 2021 15:46:40 GMT
cache-control: max-age=31536000
last-modified: Fri, 29 Jan 2021 18:50:01 GMT
server: Apache/2.2.34
content-length: 35698
content-type: image/webp

GET
H2 200 E=ls:js%20remove%20controls.0,li
tr.clipcentric.com/s/B=244/F=1112443/C=117562/P=22/L=21/V=23/S=r29vzW_e/Z=1/I=120.058626.1612453600511/U=www.zdnet.com/T=72/M=i/D=d/PO=zdnet.com/LO=5609845120/VO=138338738264/ Frame 435B 35 B
136 B 471ms
220ms Image
image/gif 52.205.20.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.clipcentric.com/s/B=244/F=1112443/C=117562/P=22/L=21/V=23/S=r29vzW_e/Z=1/I=120.058626.1612453600511/U=www.zdnet.com/T=72/M=i/D=d/PO=zdnet.com/LO=5609845120/VO=138338738264/E=ls:js%20remove%20controls.0,li
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.20.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-20-149.compute-1.amazonaws.com
Software: Apache/2.2.34 /
Resource Hash: 6c63cc5063ac82d8bbc925f9a31adf3a87f1510c021e0fde51854d60484b5019

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:40 GMT
cache-control: no-cache
server: Apache/2.2.34
content-length: 35
content-type: image/gif

GET
H2 200 E=ls:load%20CBSi%20js%20file.0
tr.clipcentric.com/s/B=244/F=1112443/C=117562/P=22/L=21/V=23/S=r29vzW_e/Z=1/I=120.058626.1612453600511/U=www.zdnet.com/T=73/M=i/D=d/PO=zdnet.com/LO=5609845120/VO=138338738264/ Frame 435B 35 B
137 B 387ms
135ms Image
image/gif 52.205.20.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.clipcentric.com/s/B=244/F=1112443/C=117562/P=22/L=21/V=23/S=r29vzW_e/Z=1/I=120.058626.1612453600511/U=www.zdnet.com/T=73/M=i/D=d/PO=zdnet.com/LO=5609845120/VO=138338738264/E=ls:load%20CBSi%20js%20file.0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.20.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-20-149.compute-1.amazonaws.com
Software: Apache/2.2.34 /
Resource Hash: 6c63cc5063ac82d8bbc925f9a31adf3a87f1510c021e0fde51854d60484b5019

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:40 GMT
cache-control: no-cache
server: Apache/2.2.34
content-length: 35
content-type: image/gif

GET
H2 200 E=ls:video%20auto.0
tr.clipcentric.com/s/B=244/F=1112443/C=117562/P=22/L=21/V=23/S=r29vzW_e/Z=1/I=120.058626.1612453600511/U=www.zdnet.com/T=80/M=i/D=d/PO=zdnet.com/LO=5609845120/VO=138338738264/ Frame 435B 35 B
136 B 471ms
219ms Image
image/gif 52.205.20.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.clipcentric.com/s/B=244/F=1112443/C=117562/P=22/L=21/V=23/S=r29vzW_e/Z=1/I=120.058626.1612453600511/U=www.zdnet.com/T=80/M=i/D=d/PO=zdnet.com/LO=5609845120/VO=138338738264/E=ls:video%20auto.0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.20.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-20-149.compute-1.amazonaws.com
Software: Apache/2.2.34 /
Resource Hash: 6c63cc5063ac82d8bbc925f9a31adf3a87f1510c021e0fde51854d60484b5019

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:40 GMT
cache-control: no-cache
server: Apache/2.2.34
content-length: 35
content-type: image/gif

GET
H2 200 E=ls:Super%20Billboard.0
tr.clipcentric.com/s/B=244/F=1112443/C=117562/P=22/L=21/V=23/S=r29vzW_e/Z=1/I=120.058626.1612453600511/U=www.zdnet.com/T=82/M=i/D=d/PO=zdnet.com/LO=5609845120/VO=138338738264/ Frame 435B 35 B
136 B 471ms
220ms Image
image/gif 52.205.20.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.clipcentric.com/s/B=244/F=1112443/C=117562/P=22/L=21/V=23/S=r29vzW_e/Z=1/I=120.058626.1612453600511/U=www.zdnet.com/T=82/M=i/D=d/PO=zdnet.com/LO=5609845120/VO=138338738264/E=ls:Super%20Billboard.0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.20.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-20-149.compute-1.amazonaws.com
Software: Apache/2.2.34 /
Resource Hash: 6c63cc5063ac82d8bbc925f9a31adf3a87f1510c021e0fde51854d60484b5019

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:40 GMT
cache-control: no-cache
server: Apache/2.2.34
content-length: 35
content-type: image/gif

GET
H2 200 E=ls:hotspots%20collapsed.0
tr.clipcentric.com/s/B=244/F=1112443/C=117562/P=22/L=21/V=23/S=r29vzW_e/Z=1/I=120.058626.1612453600511/U=www.zdnet.com/T=112/M=i/D=d/PO=zdnet.com/LO=5609845120/VO=138338738264/ Frame 435B 35 B
136 B 387ms
137ms Image
image/gif 52.205.20.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.clipcentric.com/s/B=244/F=1112443/C=117562/P=22/L=21/V=23/S=r29vzW_e/Z=1/I=120.058626.1612453600511/U=www.zdnet.com/T=112/M=i/D=d/PO=zdnet.com/LO=5609845120/VO=138338738264/E=ls:hotspots%20collapsed.0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.20.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-20-149.compute-1.amazonaws.com
Software: Apache/2.2.34 /
Resource Hash: 6c63cc5063ac82d8bbc925f9a31adf3a87f1510c021e0fde51854d60484b5019

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:40 GMT
cache-control: no-cache
server: Apache/2.2.34
content-length: 35
content-type: image/gif

GET
H2 200 E=ls:on%20scroll%20full%20collapse.0
tr.clipcentric.com/s/B=244/F=1112443/C=117562/P=22/L=21/V=23/S=r29vzW_e/Z=1/I=120.058626.1612453600511/U=www.zdnet.com/T=112/M=i/D=d/PO=zdnet.com/LO=5609845120/VO=138338738264/ Frame 435B 35 B
136 B 172ms
171ms Image
image/gif 52.205.20.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.clipcentric.com/s/B=244/F=1112443/C=117562/P=22/L=21/V=23/S=r29vzW_e/Z=1/I=120.058626.1612453600511/U=www.zdnet.com/T=112/M=i/D=d/PO=zdnet.com/LO=5609845120/VO=138338738264/E=ls:on%20scroll%20full%20collapse.0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.20.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-20-149.compute-1.amazonaws.com
Software: Apache/2.2.34 /
Resource Hash: 6c63cc5063ac82d8bbc925f9a31adf3a87f1510c021e0fde51854d60484b5019

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:41 GMT
cache-control: no-cache
server: Apache/2.2.34
content-length: 35
content-type: image/gif

GET
H2 200 E=ls:custom%20ad%20controls.0
tr.clipcentric.com/s/B=244/F=1112443/C=117562/P=22/L=21/V=23/S=r29vzW_e/Z=1/I=120.058626.1612453600511/U=www.zdnet.com/T=114/M=i/D=d/PO=zdnet.com/LO=5609845120/VO=138338738264/ Frame 435B 35 B
136 B 171ms
171ms Image
image/gif 52.205.20.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.clipcentric.com/s/B=244/F=1112443/C=117562/P=22/L=21/V=23/S=r29vzW_e/Z=1/I=120.058626.1612453600511/U=www.zdnet.com/T=114/M=i/D=d/PO=zdnet.com/LO=5609845120/VO=138338738264/E=ls:custom%20ad%20controls.0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.20.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-20-149.compute-1.amazonaws.com
Software: Apache/2.2.34 /
Resource Hash: 6c63cc5063ac82d8bbc925f9a31adf3a87f1510c021e0fde51854d60484b5019

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:41 GMT
cache-control: no-cache
server: Apache/2.2.34
content-length: 35
content-type: image/gif

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/17850963379517095553/ Frame D6DB 39 KB
40 KB 10ms
8ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/022010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5238fe7c15c024cb03d094be9c0966d390b46236265e80d9f7b333c3812cac89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 08:10:57 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 14:14:34 GMT
server: sffe
age: 545743
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40336
x-xss-protection: 0
expires: Sat, 29 Jan 2022 08:10:57 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/652503062678389469/ Frame D6DB 18 KB
18 KB 11ms
8ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/022010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03bf53604be4a80d4862e30b8a3810c71e551cc202b758b2258d21c1e9dfdd7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 13:39:35 GMT
x-content-type-options: nosniff
last-modified: Wed, 13 Mar 2019 08:45:00 GMT
server: sffe
age: 266825
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18297
x-xss-protection: 0
expires: Tue, 01 Feb 2022 13:39:35 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D6DB 2 KB
3 KB 11ms
9ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/022010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Feb 2021 16:32:44 GMT
x-content-type-options: nosniff
server: cafe
age: 83636
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 04 Feb 2021 16:32:44 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D6DB 295 B
389 B 11ms
9ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/022010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Feb 2021 16:21:27 GMT
x-content-type-options: nosniff
server: cafe
age: 84313
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 04 Feb 2021 16:21:27 GMT

GET
H3-Q050 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame DD70 56 KB
19 KB 31ms
26ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: rev.cbsi.com
URL: https://rev.cbsi.com/common/js/adKit.min.js?1347121095

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99bf85fb6eb7ed4e84949e0e430c8815c1852a3c04f7d27690ff4988d0fd75c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "773 / 645 of 1000 / last-modified: 1612441202"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 19183
x-xss-protection: 0
expires: Thu, 04 Feb 2021 15:46:40 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 45ms
44ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=210&fi=0&apd=420&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=25365849&L2id=465723849&L3id=4676441751&L4id=138290752599&S1id=uk-zdnet&S2id=security&ord=1612453598920&r=235522032531&t=meas&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=0&zMoatCURL=zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor&zMoatPS=0&zMoatPT=0&bedc=1&q=1&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Feb 2021 15:46:40 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Thu, 04 Feb 2021 15:46:40 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 43ms
43ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=210&fi=0&apd=420&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=25365849&L2id=465723849&L3id=4676441751&L4id=138290752599&S1id=uk-zdnet&S2id=security&ord=1612453598920&r=235522032531&t=nht&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=0&zMoatCURL=zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor&zMoatPS=0&zMoatPT=0&bedc=1&q=2&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Feb 2021 15:46:40 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Thu, 04 Feb 2021 15:46:40 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 43ms
42ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=250&fi=0&apd=460&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=25365849&L2id=465723849&L3id=4676441751&L4id=138290752599&S1id=uk-zdnet&S2id=security&ord=1612453598920&r=235522032531&t=hdn&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=0&zMoatCURL=zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor&zMoatPS=0&zMoatPT=0&bedc=1&q=3&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Feb 2021 15:46:40 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Thu, 04 Feb 2021 15:46:40 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 43ms
43ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=40&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=25365849&L2id=465723849&L3id=4676441751&L4id=138290752599&S1id=uk-zdnet&S2id=security&ord=1612453598920&r=767266563991&t=meas&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=0&zMoatCURL=zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor&zMoatPS=0&zMoatPT=0&bedc=1&q=1&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Feb 2021 15:46:40 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Thu, 04 Feb 2021 15:46:40 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 50ms
49ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=40&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=25365849&L2id=465723849&L3id=4676441751&L4id=138290752599&S1id=uk-zdnet&S2id=security&ord=1612453598920&r=767266563991&t=nht&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=0&zMoatCURL=zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor&zMoatPS=0&zMoatPT=0&bedc=1&q=2&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Feb 2021 15:46:40 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Thu, 04 Feb 2021 15:46:40 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 44ms
43ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=45&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=25365849&L2id=465723849&L3id=4676441751&L4id=138290752599&S1id=uk-zdnet&S2id=security&ord=1612453598920&r=767266563991&t=hdn&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=0&zMoatCURL=zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor&zMoatPS=0&zMoatPT=0&bedc=1&q=3&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Feb 2021 15:46:40 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Thu, 04 Feb 2021 15:46:40 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 48ms
48ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=5&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=25365849&L2id=465723849&L3id=4676441751&L4id=138290752599&S1id=uk-zdnet&S2id=security&ord=1612453598920&r=528807815879&t=meas&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=0&zMoatCURL=zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor&zMoatPS=0&zMoatPT=0&bedc=1&q=1&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Feb 2021 15:46:41 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Thu, 04 Feb 2021 15:46:41 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 48ms
47ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=5&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=25365849&L2id=465723849&L3id=4676441751&L4id=138290752599&S1id=uk-zdnet&S2id=security&ord=1612453598920&r=528807815879&t=nht&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=0&zMoatCURL=zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor&zMoatPS=0&zMoatPT=0&bedc=1&q=2&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Feb 2021 15:46:41 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Thu, 04 Feb 2021 15:46:41 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 43ms
42ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=17&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=25365849&L2id=465723849&L3id=4676441751&L4id=138290752599&S1id=uk-zdnet&S2id=security&ord=1612453598920&r=528807815879&t=hdn&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=0&zMoatCURL=zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor&zMoatPS=0&zMoatPT=0&bedc=1&q=3&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Feb 2021 15:46:41 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Thu, 04 Feb 2021 15:46:41 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 43ms
43ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=12&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=25365849&L2id=465723849&L3id=4676441751&L4id=138290752599&S1id=uk-zdnet&S2id=security&ord=1612453598920&r=16301345252&t=meas&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=0&zMoatCURL=zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor&zMoatPS=0&zMoatPT=0&bedc=1&q=1&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Feb 2021 15:46:41 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Thu, 04 Feb 2021 15:46:41 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 49ms
43ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=12&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=25365849&L2id=465723849&L3id=4676441751&L4id=138290752599&S1id=uk-zdnet&S2id=security&ord=1612453598920&r=16301345252&t=nht&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=0&zMoatCURL=zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor&zMoatPS=0&zMoatPT=0&bedc=1&q=2&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Feb 2021 15:46:41 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Thu, 04 Feb 2021 15:46:41 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 46ms
42ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=300&fi=1&apd=600&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=25477209&L2id=2730704593&L3id=5609845120&L4id=138338738264&S1id=23605329&S2id=23619609&ord=1612453600067&r=922630261575&t=meas&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=66471301-4b3f-419f-b5f3-8c1921e8da02&zMoatCURL=zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor&zMoatPS=nav&zMoatPT=article&zMoatSL=nav-ad%3FT-1000&bedc=1&q=1&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Feb 2021 15:46:41 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Thu, 04 Feb 2021 15:46:41 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 47ms
44ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=300&fi=1&apd=600&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=25477209&L2id=2730704593&L3id=5609845120&L4id=138338738264&S1id=23605329&S2id=23619609&ord=1612453600067&r=922630261575&t=fv&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=66471301-4b3f-419f-b5f3-8c1921e8da02&zMoatCURL=zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor&zMoatPS=nav&zMoatPT=article&zMoatSL=nav-ad%3FT-1000&bedc=1&q=2&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Feb 2021 15:46:41 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Thu, 04 Feb 2021 15:46:41 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 46ms
43ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=300&fi=1&apd=600&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=25477209&L2id=2730704593&L3id=5609845120&L4id=138338738264&S1id=23605329&S2id=23619609&ord=1612453600067&r=922630261575&t=nht&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=66471301-4b3f-419f-b5f3-8c1921e8da02&zMoatCURL=zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor&zMoatPS=nav&zMoatPT=article&zMoatSL=nav-ad%3FT-1000&bedc=1&q=3&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Feb 2021 15:46:41 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Thu, 04 Feb 2021 15:46:41 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 85ms
45ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=353&fi=1&apd=653&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=25477209&L2id=2730704593&L3id=5609845120&L4id=138338738264&S1id=23605329&S2id=23619609&ord=1612453600067&r=922630261575&t=hdn&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=66471301-4b3f-419f-b5f3-8c1921e8da02&zMoatCURL=zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor&zMoatPS=nav&zMoatPT=article&zMoatSL=nav-ad%3FT-1000&bedc=1&q=4&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Feb 2021 15:46:41 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Thu, 04 Feb 2021 15:46:41 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 76ms
45ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=108&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=25365849&L2id=465723849&L3id=4676441751&L4id=138290752599&S1id=uk-zdnet&S2id=security&ord=1612453598920&r=16301345252&t=hdn&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=0&zMoatCURL=zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor&zMoatPS=0&zMoatPT=0&bedc=1&q=3&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Feb 2021 15:46:41 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Thu, 04 Feb 2021 15:46:41 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 48ms
47ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CBS_PREBID_HEADER1&hp=1&zMoatAdUnit1=uk-zdnet&zMoatAdUnit2=security&wf=1&vb=8&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=11&f=0&j=&t=1612453598920&de=767266563991&rx=699394027241&m=0&ar=a4c42fd81f5-clean&iw=953a59b&q=5&cb=0&cu=1612453598920&ll=2&lm=0&ln=0&em=0&en=0&d=25365849%3A465723849%3A4676441751%3A138290752599&zMoatAType=content_article&zMoatTest=zdnet&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&id=1&ii=4&bo=uk-zdnet&bd=security&gw=cbsprebidheader506831276743&fd=1&ac=1&it=500&pe=1%3A342%3A342%3A0%3A346&fs=188103&na=163685776&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 15:46:41 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 04 Feb 2021 15:46:41 GMT

GET
H3-Q050

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 8FAE
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

39ms
38ms

Image
text/html

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Thu, 04 Feb 2021 15:46:41 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-Q050

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 8237
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

197ms
197ms

Image
text/html

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Thu, 04 Feb 2021 15:46:41 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H2 200 E=ls:on%20scroll%20full%20collapse.1
tr.clipcentric.com/s/B=244/F=1112443/C=117562/P=22/L=21/V=23/S=r29vzW_e/Z=1/I=120.058626.1612453600511/U=www.zdnet.com/T=598/M=i/D=d/PO=zdnet.com/LO=5609845120/VO=138338738264/ Frame 435B 35 B
136 B 125ms
120ms Image
image/gif 52.205.20.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.clipcentric.com/s/B=244/F=1112443/C=117562/P=22/L=21/V=23/S=r29vzW_e/Z=1/I=120.058626.1612453600511/U=www.zdnet.com/T=598/M=i/D=d/PO=zdnet.com/LO=5609845120/VO=138338738264/E=ls:on%20scroll%20full%20collapse.1
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.20.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-20-149.compute-1.amazonaws.com
Software: Apache/2.2.34 /
Resource Hash: 6c63cc5063ac82d8bbc925f9a31adf3a87f1510c021e0fde51854d60484b5019

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:41 GMT
cache-control: no-cache
server: Apache/2.2.34
content-length: 35
content-type: image/gif

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 3C7D 0
0 6ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Thu, 04 Feb 2021 13:39:46 GMT
expires: Fri, 04 Feb 2022 13:39:46 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 7615
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 206 video.high.mp4
clipcentric-a.akamaihd.net/video/F=1112453/V=ad_800x450_w1220_ch0/T=1611763118/S=PW0ZeNho/ Frame 435B 1 MB
1 MB 41ms
41ms Media
video/mp4 2.16.107.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://clipcentric-a.akamaihd.net/video/F=1112453/V=ad_800x450_w1220_ch0/T=1611763118/S=PW0ZeNho/video.high.mp4
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.107.33 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-33.deploy.static.akamaitechnologies.com
Software: Apache/2.2.34 /
Resource Hash: 0ee9821943a5f04f63aa05a0c19b4ca11456e9c085daef754f16c8ab4575bdc3

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 04 Feb 2021 15:46:41 GMT
last-modified: Wed, 27 Jan 2021 16:01:58 GMT
server: Apache/2.2.34
access-control-allow-origin: *
content-type: video/mp4
Content-Range: bytes 0-1210906/1210907
cache-control: max-age=2592000
Content-Length: 1210907

GET
H3-Q050 200 11439878865123501431
tpc.googlesyndication.com/simgad/ Frame 8FAE 19 KB
19 KB 7ms
6ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11439878865123501431?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnbwMXsfpr_lI8oZQLC3BI6TCPEMQ

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/022010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3778af4b6ae34d64fe1cbb2e410ed8b50ec70f92858441da55eb52fa13d39ed2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 20:04:45 GMT
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 21:09:29 GMT
server: sffe
age: 243716
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19274
x-xss-protection: 0
expires: Tue, 01 Feb 2022 20:04:45 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8FAE 2 KB
2 KB 10ms
9ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/022010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Feb 2021 16:32:44 GMT
x-content-type-options: nosniff
server: cafe
age: 83637
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 04 Feb 2021 16:32:44 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8FAE 295 B
325 B 10ms
9ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/022010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Feb 2021 16:21:27 GMT
x-content-type-options: nosniff
server: cafe
age: 84314
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 04 Feb 2021 16:21:27 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/12729429937137397730/ Frame 8237 12 KB
12 KB 10ms
9ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/022010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aea43db32581f639bde8e00ddc5e9309004edd9daafb4c4208f9a7d2ddb76978

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 17:41:46 GMT
x-content-type-options: nosniff
last-modified: Thu, 15 Oct 2020 08:04:14 GMT
server: sffe
age: 252295
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12504
x-xss-protection: 0
expires: Tue, 01 Feb 2022 17:41:46 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/2755785066977218372/ Frame 8237 9 KB
10 KB 10ms
9ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/022010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9cfc271df3fde61f0a0b1f78b6d4993c7144adbfba1955872bf899f91736f4b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 16:21:28 GMT
x-content-type-options: nosniff
last-modified: Thu, 08 Oct 2020 12:08:36 GMT
server: sffe
age: 257113
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9696
x-xss-protection: 0
expires: Tue, 01 Feb 2022 16:21:28 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8237 2 KB
2 KB 9ms
9ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/022010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Feb 2021 16:32:44 GMT
x-content-type-options: nosniff
server: cafe
age: 83637
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 04 Feb 2021 16:32:44 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8237 295 B
320 B 9ms
9ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/022010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Feb 2021 16:21:27 GMT
x-content-type-options: nosniff
server: cafe
age: 84314
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 04 Feb 2021 16:21:27 GMT

GET
DATA 200
OK truncated
/ Frame 8268 801 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2b526196d510bc11f40effba13f1b9e1792120b1f40b453695e8d7dcc05cf38d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 video.high.mp4
tr.clipcentric.com/s/B=244/F=1112453/R=1112443/C=117562/P=22/L=21/V=23/S=5tnKQa1G/Z=1/I=120.058626.1612453600511/U=www.zdnet.com/T=632/M=i/D=d/PO=zdnet.com/LO=5609845120/VO=138338738264/E=vimpressi... Frame 435B 35 B
136 B 124ms
119ms Image
image/gif 52.205.20.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.clipcentric.com/s/B=244/F=1112453/R=1112443/C=117562/P=22/L=21/V=23/S=5tnKQa1G/Z=1/I=120.058626.1612453600511/U=www.zdnet.com/T=632/M=i/D=d/PO=zdnet.com/LO=5609845120/VO=138338738264/E=vimpression:video%20auto/!https://clipcentric-a.akamaihd.net/video/F=1112453/V=ad_800x450_w1220_ch0/T=1611763118/S=PW0ZeNho/video.high.mp4
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.20.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-20-149.compute-1.amazonaws.com
Software: Apache/2.2.34 /
Resource Hash: 6c63cc5063ac82d8bbc925f9a31adf3a87f1510c021e0fde51854d60484b5019

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:41 GMT
cache-control: no-cache
server: Apache/2.2.34
content-length: 35
content-type: image/gif

GET
H2 200 E=vi
tr.clipcentric.com/s/B=244/F=1112443/C=117562/P=22/L=21/V=23/S=r29vzW_e/Z=1/I=120.058626.1612453600511/U=www.zdnet.com/T=633/M=i/D=d/PO=zdnet.com/LO=5609845120/VO=138338738264/ Frame 435B 35 B
136 B 126ms
120ms Image
image/gif 52.205.20.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.clipcentric.com/s/B=244/F=1112443/C=117562/P=22/L=21/V=23/S=r29vzW_e/Z=1/I=120.058626.1612453600511/U=www.zdnet.com/T=633/M=i/D=d/PO=zdnet.com/LO=5609845120/VO=138338738264/E=vi
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.20.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-20-149.compute-1.amazonaws.com
Software: Apache/2.2.34 /
Resource Hash: 6c63cc5063ac82d8bbc925f9a31adf3a87f1510c021e0fde51854d60484b5019

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:41 GMT
cache-control: no-cache
server: Apache/2.2.34
content-length: 35
content-type: image/gif

GET
H2 200 pubads_impl_2021020101.js Show response
securepubads.g.doubleclick.net/gpt/ Frame DD70 275 KB
97 KB 34ms
33ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020101.js?31060001

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

sffe /

Resource Hash

c7736f6538aca3fcafdd33667cdcbb4baaf13cb9217f11c95fd00f01d788c6f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 01 Feb 2021 09:41:46 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99427
x-xss-protection: 0
expires: Thu, 04 Feb 2021 15:46:41 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 35ms
34ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CBS_PREBID_HEADER1&hp=1&zMoatAdUnit1=uk-zdnet&zMoatAdUnit2=security&wf=1&vb=8&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=11&f=0&j=&t=1612453598920&de=528807815879&rx=699394027241&m=0&ar=a4c42fd81f5-clean&iw=953a59b&q=6&cb=0&cu=1612453598920&ll=2&lm=0&ln=0&em=0&en=0&d=25365849%3A465723849%3A4676441751%3A138290752599&zMoatAType=content_article&zMoatTest=zdnet&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&id=1&ii=4&bo=uk-zdnet&bd=security&gw=cbsprebidheader506831276743&fd=1&ac=1&it=500&pe=1%3A342%3A342%3A0%3A346&fs=188103&na=445654202&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 15:46:41 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 04 Feb 2021 15:46:41 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 73ms
73ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CBS_PREBID_HEADER1&hp=1&zMoatAdUnit1=uk-zdnet&zMoatAdUnit2=security&wf=1&vb=8&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=11&f=0&j=&t=1612453598920&de=16301345252&rx=699394027241&m=0&ar=a4c42fd81f5-clean&iw=953a59b&q=7&cb=0&cu=1612453598920&ll=2&lm=0&ln=0&em=0&en=0&d=25365849%3A465723849%3A4676441751%3A138290752599&zMoatAType=content_article&zMoatTest=zdnet&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&id=1&ii=4&bo=uk-zdnet&bd=security&gw=cbsprebidheader506831276743&fd=1&ac=1&it=500&pe=1%3A342%3A342%3A0%3A346&fs=188103&na=553061957&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 15:46:41 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 04 Feb 2021 15:46:41 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 44ms
44ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=901&tet=1003&fi=1&apd=1112&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=25365849&L2id=465723849&L3id=4676441751&L4id=138290752599&S1id=uk-zdnet&S2id=security&ord=1612453598920&r=698903687532&t=iv&os=1&fi2=0&div1=1&ait=574&zMoatVGUID=0&zMoatCURL=zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor&zMoatPS=0&zMoatPT=0&bedc=1&q=5&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Feb 2021 15:46:41 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Thu, 04 Feb 2021 15:46:41 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 435B 0
0 122ms
67ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu6G09R35kd91Jb87pNNBlbLMhY1c3eQN_3O4uYU8gmK6Pe-qHZNCqqR6pdnFfV9AL5R3I_TO35wR5pQsQIX_nLJxygjCK1FpOWg9cf-G-G799uomvx7tUrNWv8LpoMq3k3mFbRfKBxXQDiF2s5qvLYXOREtjKImIQGn2BViLC_n1KK4HcNaVPFjI298Ux8Z4oaFJ9kmo3P8XGQSENEDQtsm--hwLl7BZZEn5wcaU-xY75ETkF4izWE7S3cdi2PUEApntQ_Wcvm2CrOw1280vYZNWsXNl1rWiL63GSn4r3NeF9N&sig=Cg0ArKJSzJ9Jxmnzt7oqEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Feb 2021 15:46:41 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 04 Feb 2021 15:46:41 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame DD70 109 B
803 B 62ms
28ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.zdnet.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020101.js?31060001

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Feb 2021 15:46:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame DD70 109 B
169 B 31ms
31ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.zdnet.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020101.js?31060001

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Feb 2021 15:46:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame DD70 17 KB
5 KB 86ms
84ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3341659706507691&correlator=1181590372645855&output=ldjh&impl=fifs&eid=21068529%2C21068773%2C21068891%2C21069918%2C31060001%2C21068030&vrg=2021020101&ptt=17&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210204&iu_parts=8264%2Cuk-zdnet%2Csecurity&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=372x142%2C372x142&prev_scp=env%3Dprod%26session%3Da%26subses%3D4%26ptype%3Darticle%26vguid%3D66471301-4b3f-419f-b5f3-8c1921e8da02%7Cenv%3Dprod%26session%3Da%26subses%3D4%26ptype%3Darticle%26vguid%3D66471301-4b3f-419f-b5f3-8c1921e8da02&cookie_enabled=1&cdm=www.zdnet.com&bc=31&abxe=1&lmt=1612453601&dt=1612453601363&dlt=1612453599833&idt=1480&frm=23&biw=1600&bih=1200&isw=371&ish=771&oid=3&adxs=-12245933%2C-12245933&adys=-12245933%2C-12245933&adks=3261246841%2C3261246840&ucis=ty1e3lxyol59%7Ctti8mmvsax76&ifi=1&ifk=1445307459&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&top=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0%7C0x0&msz=0x0%7C0x0&ga_vid=1301540559.1612453601&ga_sid=1612453601&ga_hid=1881116255&fws=256%2C256&ohw=0%2C0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020101.js?31060001

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

018877305ed322a9c2623d5f3f828c2755c86234c072bfa5dc633e6db56ec16d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4830
x-xss-protection: 0
google-lineitem-id: 4746066197,4746066197
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138239375540,138239375180
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.zdnet.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
a6ad4cd7075bd7b9cf8d04ff410873ae.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame DD70 0
0 29ms
13ms Other
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a6ad4cd7075bd7b9cf8d04ff410873ae.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020101.js?31060001
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame DD70 0
0 7ms
6ms Other
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020101.js?31060001
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 39ms
39ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CBSDFPCW2&hp=1&wf=1&vb=8&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1612453600067&de=922630261575&m=0&ar=a4c42fd81f5-clean&iw=0d5b00f&q=11&cb=0&ym=0&cu=1612453600067&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=25477209%3A2730704593%3A5609845120%3A138338738264&zMoatPS=nav&zMoatPT=article&zMoatW=5&zMoatH=5&zMoatVGUID=66471301-4b3f-419f-b5f3-8c1921e8da02&zMoatSN=a&zMoatSL=nav-ad%3FT-1000&zMoatAType=content_article&zMoatTest=zdnet&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&id=1&ii=4&bo=23605329&bp=23619609&bd=nav&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatFT=Not%20Specified&zMoatSZ=5x5&zMoatSZPS=5x5%20%7C%20nav&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAB=content_article-zdnet&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&gw=cbsdfp5832910442&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A342%3A342%3A1886%3A346&iq=na&tt=na&tu=&tp=&fs=188103&na=697706049&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 15:46:41 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 04 Feb 2021 15:46:41 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame DD70 0
0 62ms
62ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssRjPyxU85Yro9S2FhRRq23fq8HGzXdXV34Qo8kUmkEFXAFDTGAxeMItBAlFMDaEnLwjwHDgq2jMsgajTHPpYsHnaKBKpu6glv_0Fh8isoGL5qUyBM1UsHC0xMN0wWbq_B98QbpyNdy5-m0azqj4pfVCIy2X523OOHkct77TVLgI09u7_n-QFdoaeryo1WOQusABaVY9O4ibGXUXoSa6YLt0WyEo8mi_i3yl_F1QFQ5idazU3cVIYV6a4FqP2tOZfR6KN1a4RUkObA5zM4K0bIo0pTu8bx4bKCWkI5Iv9iSP3rS&sig=Cg0ArKJSzHYR3zp0MedbEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Feb 2021 15:46:41 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 04 Feb 2021 15:46:41 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
196 B 43ms
42ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021012801&jk=446324754840027&bg=!s7ClsPPNAAWnsTPUpzsAKQB2-Dxalme0zCkhY7t44F69JNjUSSnA7SYGSlAwlz-gpbNHsDH1q3wLAgAAAI5SAAAAFWgBBwoAw3DEVwO6vgg5BXPa-tcTbskq0IF3v5BIXqiArHpXhGJ0dATW1ALR7gPuJUb5aDH42Ww-OLRbZpf0l7YMWyobFjRwhPuLoGeY89sQrEXpDkZBGK1uJjTSbYimsybvgVdqjTzaIx2ndKGpf5iTtYwZeQuXHOS2MpbiutCDgrXlgWXVkbm8mCOKv9upGWisd_ZZBWbd7llG0p4jxXjynUsovo0WVEUsp1MoAVH6McBPEowUsN7rvh0LNoA3Qw5ghzFwR7F85pkB3hOvStV8y7SvNOXECNy4npL5l6-z2S4FI27cgTvXz06qaU771FBSjOHfBZZxyMoHxm_dTBLsJ5FYYwAPG2lZ5cUMJodLDlfP-5vxZlfJzeabrn9gd-Mi3FZtuXTxRDS6bLcLoroowwYJbUQSnEAjkpMrO_eFERWpWkOPNaJityAoFfdfxsEa3IksTYRjRrB9CHkopqqphp01PaSeDjeCOK67ToOcvRO21w6KvFL76-5RKFD0-TB69GlGyVLfNyFfaA-SUuY2jacnFvwgD281pGGVdbglurjTJMVAknmaBJqajydSNkuECJG3olb3TIFvpJusmQ09NqWBZe2O0VuE3eSXytNPlzNdEH_U7HcnKas68HygMEnQOPFuivosgSJcKOqyjQKOStCSpzMmUrIqpYBDC4r90e9Q46yoLNk4AbCQByv4x0MOZ9DGs1ZNpriKNl9sbe66DLrp6OIuXyyRHpkNJnpE5d1LHjft-eZa2d80Myra2s1Mcah4U1uLaDOIvMpr5Nop4SbFJcdYlGjimdZaLMHnV0zrzaWMQ66AnE5lxJtaLI8YfBFGOs4TiWse_1wYM4TKI1TbaCOclVsTP5dz4WUe6BZuPL9qbgho8eiPE0YrwHWO9ckdTMyfsw8

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 15:46:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 35ms
35ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatAdUnit1=uk-zdnet&zMoatAdUnit2=security&wf=1&vb=8&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F17850963379517095553%2Fdownsize_200k_v1%3Fsqp%3D4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoI2gMQ-AEYASABLQAAAD8w2gM4-AFFAACAPw%26rs%3DAOga4qk-LkeWXnLJehWBAaYfmIC3y2gy4Q&i=CBS_PREBID_HEADER1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=1801734898&tf=Id8O-DxRgoC-xFQTS-CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-YtJRcnFITyNasGPVCywBEAhKBRM3uwndnCs78ABRGBCPEpDfmAqnEVFZ&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=11&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=248&w=474&rm=1&fy=1&gp=1&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&id=1&ii=4&f=0&j=&t=1612453598920&de=698903687532&rx=699394027241&cu=1612453598920&m=1488&ar=a4c42fd81f5-clean&iw=953a59b&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=1&lb=4936&le=1&lf=196&lg=1&lh=27&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A342%3A342%3A0%3A346&as=0&ag=110&an=0&gf=110&gg=0&ix=110&ic=110&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=110&bx=0&dj=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=219&cd=0&ah=219&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=25365849%3A465723849%3A4676441751%3A138290752599&bo=uk-zdnet&bd=security&gw=cbsprebidheader506831276743&zMoatAType=content_article&zMoatTest=zdnet&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=188103&na=920675771&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 15:46:41 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 04 Feb 2021 15:46:41 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame CD0A 0
0 63ms
63ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssDgqCmqnYUlWNGEQ7EjrXqCyRHoHqIj5sAGhoKKIpNXpT6VqCr0EeneS2Zd2c6gAqWxUAecJOJjPpWvpsw3qf6ZjdhQlfAJw0PyR6tERhi3DGwIEfoYr8v0dlwbuM_sZUQ41d_TUdbZ84b4W45cmb8YubhGMEr0qpB0XEkWrO6gS6dG_x0K1O4eo1BpJeO5xVMK_MvA2AnI0xNPDM35ybksMZ1h5okBb99CBJO2spvXolZ42mfMrHLaP19vFqFxy4MTRWc4JvBZCtlNhC3OxwRaU8bpRSheBb3FtoVZEbx1Q&sig=Cg0ArKJSzAttEDWIVMMWEAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Feb 2021 15:46:41 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CD0A 106 KB
33 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020101.js?31060001

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1762ce2250a6a35a6fd892b054eec13df91cf939dca3e40ade35ae57d90b215

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1612182882448455"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 33332
x-xss-protection: 0
expires: Thu, 04 Feb 2021 15:46:41 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame CD0A 322 KB
107 KB 43ms
42ms Script
application/x-javascript 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020101.js?31060001
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 88ea399bbde5869c452dff0a89d2f51fc07e552a881efec91030511665a6011e

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:41 GMT
content-encoding: gzip
last-modified: Wed, 13 Jan 2021 17:53:43 GMT
server: AmazonS3
x-amz-request-id: A52D1797819795F0
etag: "5cd96c1261df52e7d06bcc134eb6bdc8"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=9097
accept-ranges: bytes
content-length: 109470
x-amz-id-2: +R09H/KSrzGFTcaShXfchda3IZtDXVsG3EH6Tsy+iueo2fcNAxUSAZC0Oi80Y8+K6eKE0XRp518=

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 33A1 0
0 62ms
61ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsup9pTztM0AAwhz5T-EoG2CXHFaYU-UaGaf81upwSgMInk3t7gJDn_94lKl-J7Z_id_NQAE6nDQVtC6uHPwIIxXIqw5fZeYvzAmb1y6CXaq1Uap8JjV9pGEBzZ0abpGjhYT1ZA30R6KPxypXB-igDs4rjFNa8da7YZTUWLk0rzBCo-gwW2THBRE-15FQEnMduW5oVyORDG4B-NNpkZrQcrP7g0wZlZp1kBf3Y245FvSK7yY2AG9lMu9drm5uAi6zI05dBp-doJ3iXdzg70t8x02RiKGzxpE7RVD_heSsN3vww&sig=Cg0ArKJSzC3vPBFuaLCsEAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Feb 2021 15:46:41 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 33A1 106 KB
33 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020101.js?31060001

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1762ce2250a6a35a6fd892b054eec13df91cf939dca3e40ade35ae57d90b215

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1612182882448455"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 33332
x-xss-protection: 0
expires: Thu, 04 Feb 2021 15:46:41 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame 33A1 322 KB
107 KB 45ms
45ms Script
application/x-javascript 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020101.js?31060001
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 88ea399bbde5869c452dff0a89d2f51fc07e552a881efec91030511665a6011e

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:41 GMT
content-encoding: gzip
last-modified: Wed, 13 Jan 2021 17:53:43 GMT
server: AmazonS3
x-amz-request-id: A52D1797819795F0
etag: "5cd96c1261df52e7d06bcc134eb6bdc8"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=9097
accept-ranges: bytes
content-length: 109470
x-amz-id-2: +R09H/KSrzGFTcaShXfchda3IZtDXVsG3EH6Tsy+iueo2fcNAxUSAZC0Oi80Y8+K6eKE0XRp518=

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame DD70 74 KB
28 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020101.js?31060001

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

208dfab1fdcf1f4e57f80d6fd873265f0ff90c42c36cb25e38dff42695e383a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1612182870646033"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28348
x-xss-protection: 0
expires: Thu, 04 Feb 2021 15:46:41 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame DD70 9 KB
7 KB 52ms
38ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021020101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020101.js?31060001

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e4cf453b4d6bafa795f33029be877e735ab706423d35c38c2dc29dfe3c6677d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Feb 2021 15:46:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6630
x-xss-protection: 0

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 45ms
44ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CBSDFPCW2&hp=1&wf=1&vb=8&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1612453600888&de=738707079230&m=0&ar=a4c42fd81f5-clean&iw=0d5b00f&q=15&cb=0&ym=0&cu=1612453600888&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=25477209%3A2356361194%3A4825966980%3A138247024569&zMoatPS=top&zMoatPT=article&zMoatW=371&zMoatH=771&zMoatVGUID=66471301-4b3f-419f-b5f3-8c1921e8da02&zMoatSN=a&zMoatSL=dynamic-showcase-top%3FT-1000&zMoatAType=content_article&zMoatTest=zdnet&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&id=1&ii=4&bo=23605329&bp=23619609&bd=top&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatFT=Not%20Specified&zMoatSZ=371x771&zMoatSZPS=371x771%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAB=content_article-zdnet&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&gw=cbsdfp5832910442&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A342%3A342%3A1886%3A346&iq=na&tt=na&tu=&tp=&fs=188103&na=229032188&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 15:46:41 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 04 Feb 2021 15:46:41 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame DD70 17 KB
6 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020101.js?31060001

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Thu, 04 Feb 2021 15:46:41 GMT

GET
H2 200 E=wi
tr.clipcentric.com/s/B=244/F=1112443/C=117562/P=22/L=21/V=23/S=r29vzW_e/Z=1/I=120.058626.1612453600511/U=www.zdnet.com/T=1036/M=i/D=d/PO=zdnet.com/LO=5609845120/VO=138338738264/ Frame 435B 35 B
136 B 124ms
124ms Image
image/gif 52.205.20.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.clipcentric.com/s/B=244/F=1112443/C=117562/P=22/L=21/V=23/S=r29vzW_e/Z=1/I=120.058626.1612453600511/U=www.zdnet.com/T=1036/M=i/D=d/PO=zdnet.com/LO=5609845120/VO=138338738264/E=wi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.20.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-20-149.compute-1.amazonaws.com
Software: Apache/2.2.34 /
Resource Hash: 6c63cc5063ac82d8bbc925f9a31adf3a87f1510c021e0fde51854d60484b5019

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:41 GMT
cache-control: no-cache
server: Apache/2.2.34
content-length: 35
content-type: image/gif

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 39ms
38ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatAdUnit1=uk-zdnet&zMoatAdUnit2=security&wf=1&vb=8&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F11439878865123501431%3Fsqp%3D4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg%26rs%3DAOga4qnbwMXsfpr_lI8oZQLC3BI6TCPEMQ&i=CBS_PREBID_HEADER1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=1801734898&tf=Id8O-DxRgoC-xFQTS-CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-YtJRcnFITyNasGPVCywBEAhKBRM3uwndnCs78ABRGBCPEpDfmAqnEVFZ&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=11&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=600&w=300&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&id=1&ii=4&f=0&j=&t=1612453598920&de=235522032531&rx=699394027241&cu=1612453598920&m=2007&ar=a4c42fd81f5-clean&iw=953a59b&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4215&le=1&lf=196&lg=1&lh=27&ch=0&vv=1&vw=1%3A0%3A0&vp=72&vx=72%3A-%3A-&pe=1%3A342%3A342%3A0%3A346&as=0&ag=210&an=0&gf=0&gg=0&ix=0&ic=0&ez=1&aj=1&pg=72&pf=0&ib=1&cc=0&bw=210&bx=0&dj=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=420&cd=0&ah=420&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=25365849%3A465723849%3A4676441751%3A138290752599&bo=uk-zdnet&bd=security&gw=cbsprebidheader506831276743&zMoatAType=content_article&zMoatTest=zdnet&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&tc=0&fs=188103&na=1673871743&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 15:46:41 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 04 Feb 2021 15:46:41 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 33A1 0
0 68ms
67ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvsXw1TZG8MBFD-e6hzTaKUrSpZ_JsSbhNR4ohQ4r2ajRo_8dlAwKzhx-KDvWfwzZKfBa_4ysv28FdSytHhwq_qJwref0-q2bloZsIiwXGuombhp8_pITHOR-p756zwEths6qQYtAujXUn1NzAoYWZd7mtt_GX9L3xi-y-cnWwEmz6Qt7hyIu8ee5nuPQVpvosCoJKfiL93_BY2CA8RKLkz7LrOfWIS_9W5oZ42WfWxtjgqOuNQBvRmIdf9DWFS2HxCRqGNBfCJ9uabH32QklnZKdoZp47DYc66MD9C9KvppMEQ&sig=Cg0ArKJSzK4UVtd5x6fWEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Feb 2021 15:46:41 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 04 Feb 2021 15:46:41 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame CD0A 0
0 63ms
62ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssIUDNvDUKPKsgd9W1bL8TM3QHPV9u31FSrBCdk6-IIM2Z9NgxDyxW2kuMeTrPzI4IAmItOjh8_co1Un34R7bd5F882BVBAOSyLL4DSWOoJ77QDrkz9pH6H_-cIc7ReG0KYoZl1pPbfEy0kbwIrLWQWs6pn2mJxwWjAbtQBVD7ljPdPEirW1CsbDVwPh3GhviTbgheDBWtYcvkorY42BElDUG3pRi8XByvem4Vuevi4qL5Vk0V7R7kW93zfn1Ba9cgmXRV1Tih9FeJEvG00L2rWN-R1r0-lTKT9nnc_-9dYt390&sig=Cg0ArKJSzPXuwdDvUgDxEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Feb 2021 15:46:41 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 04 Feb 2021 15:46:41 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 61ms
59ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatAdUnit1=uk-zdnet&zMoatAdUnit2=security&wf=1&vb=8&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fb0e95de8a43c5af9d2065ccae6acb938.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-37%2Fhtml%2Fcontainer.html&i=CBS_PREBID_HEADER1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=1801734898&tf=Id8O-DxRgoC-xFQTS-CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-YtJRcnFITyNasGPVCywBEAhKBRM3uwndnCs78ABRGBCPEpDfmAqnEVFZ&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=11&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&rm=1&fy=1050&gp=2346&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&id=1&ii=4&f=0&j=&t=1612453598920&de=767266563991&rx=699394027241&cu=1612453598920&m=2047&ar=a4c42fd81f5-clean&iw=953a59b&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=2346&lb=4466&le=1&lf=196&lg=1&lh=27&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A342%3A342%3A0%3A346&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=40&cd=0&ah=40&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=25365849%3A465723849%3A4676441751%3A138290752599&bo=uk-zdnet&bd=security&gw=cbsprebidheader506831276743&zMoatAType=content_article&zMoatTest=zdnet&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=188103&na=1817963272&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 15:46:41 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 04 Feb 2021 15:46:41 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 081F 0
0 6ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Thu, 04 Feb 2021 13:39:46 GMT
expires: Fri, 04 Feb 2022 13:39:46 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 7615
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 35ms
35ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatAdUnit1=uk-zdnet&zMoatAdUnit2=security&wf=1&vb=8&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F12729429937137397730%2Fdownsize_200k_v1%3Fsqp%3D4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIrAIQnQEYASABLQAAAD8wrAI4nQFFAACAPw%26rs%3DAOga4qkpC6mwqueVnT8AjwEiX1ud-yo6-g&i=CBS_PREBID_HEADER1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=1801734898&tf=Id8O-DxRgoC-xFQTS-CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-YtJRcnFITyNasGPVCywBEAhKBRM3uwndnCs78ABRGBCPEpDfmAqnEVFZ&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=11&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=157&w=300&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&id=1&ii=4&f=0&j=&t=1612453598920&de=528807815879&rx=699394027241&cu=1612453598920&m=2053&ar=a4c42fd81f5-clean&iw=953a59b&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4466&le=1&lf=196&lg=1&lh=27&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A342%3A342%3A0%3A346&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5&cd=0&ah=5&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=25365849%3A465723849%3A4676441751%3A138290752599&bo=uk-zdnet&bd=security&gw=cbsprebidheader506831276743&zMoatAType=content_article&zMoatTest=zdnet&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=188103&na=65433606&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 15:46:41 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 04 Feb 2021 15:46:41 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 49ms
49ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=1012&tet=1004&fi=0&apd=1214&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=25365849&L2id=465723849&L3id=4676441751&L4id=138290752599&S1id=uk-zdnet&S2id=security&ord=1612453598920&r=235522032531&t=iv&os=1&fi2=0&div1=0&ait=101&zMoatVGUID=0&zMoatCURL=zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor&zMoatPS=0&zMoatPT=0&bedc=1&q=4&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Feb 2021 15:46:41 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Thu, 04 Feb 2021 15:46:41 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 40ms
40ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatAdUnit1=uk-zdnet&zMoatAdUnit2=security&wf=1&vb=8&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fb0e95de8a43c5af9d2065ccae6acb938.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-37%2Fhtml%2Fcontainer.html&i=CBS_PREBID_HEADER1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=1801734898&tf=Id8O-DxRgoC-xFQTS-CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-YtJRcnFITyNasGPVCywBEAhKBRM3uwndnCs78ABRGBCPEpDfmAqnEVFZ&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=11&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=970&rm=1&fy=315&gp=3846.390625&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&id=1&ii=4&f=0&j=&t=1612453598920&de=16301345252&rx=699394027241&cu=1612453598920&m=2066&ar=a4c42fd81f5-clean&iw=953a59b&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=3846.390625&lb=4466&le=1&lf=196&lg=1&lh=27&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A342%3A342%3A0%3A346&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&im=0&in=0&pd=0&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=12&cd=0&ah=12&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=25365849%3A465723849%3A4676441751%3A138290752599&bo=uk-zdnet&bd=security&gw=cbsprebidheader506831276743&zMoatAType=content_article&zMoatTest=zdnet&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=188103&na=660963691&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 15:46:41 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 04 Feb 2021 15:46:41 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 41ms
40ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&vb=8&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fwww.zdnet.com%2F%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F-&i=CBSDFPCW2&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=1801734898&tf=Id8O-DxRgoC-xFQTS-CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-YtJRcnFITyNasGPVCywBEAhKBRM3uwndnCs78ABRGBCPEpDfmAqnEVFZ&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=105&w=1600&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&id=1&ii=4&f=0&j=&t=1612453600067&de=922630261575&cu=1612453600067&m=993&ar=a4c42fd81f5-clean&iw=0d5b00f&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4466&le=1&lf=0&lg=1&lh=300&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A342%3A342%3A1886%3A346&as=0&ag=300&an=0&gf=300&gg=0&ix=300&ic=300&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=300&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=600&cd=0&ah=600&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=25477209%3A2730704593%3A5609845120%3A138338738264&bo=23605329&bp=23619609&bd=nav&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=5x5&zMoatPS=nav&zMoatSZPS=5x5%20%7C%20nav&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsdfp5832910442&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&zMoatW=5&zMoatH=5&zMoatVGUID=66471301-4b3f-419f-b5f3-8c1921e8da02&zMoatSN=a&zMoatSL=nav-ad%3FT-1000&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor&zMoatDev=Desktop&zMoatDfpSlotId=nav-ad&hv=DOMSEARCH&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=nav-ad&iq=na&tt=na&tu=&tp=&tc=0&fs=188103&na=381109857&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 15:46:41 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 04 Feb 2021 15:46:41 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 44ms
44ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&zMoatAdUnit1=uk-zdnet&zMoatAdUnit2=security&wf=1&vb=8&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBS_PREBID_HEADER1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=1801734898&tf=Id8O-DxRgoC-xFQTS-CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-YtJRcnFITyNasGPVCywBEAhKBRM3uwndnCs78ABRGBCPEpDfmAqnEVFZ&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=11&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=248&w=474&rm=1&fy=1&gp=1&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&id=1&ii=4&f=0&j=&t=1612453598920&de=698903687532&rx=699394027241&cu=1612453598920&m=2370&ar=a4c42fd81f5-clean&iw=953a59b&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=1&lb=4774&le=1&lf=196&lg=1&lh=27&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A342%3A342%3A0%3A346&as=1&ag=1003&an=110&gi=1&gf=1003&gg=110&ix=1003&ic=1003&ez=1&ck=1003&kw=901&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1003&bx=110&ci=1003&jz=901&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=901&cd=219&ah=901&am=219&rf=0&re=1&ft=574&fv=0&fw=574&wb=1&cl=0&at=0&d=25365849%3A465723849%3A4676441751%3A138290752599&bo=uk-zdnet&bd=security&gw=cbsprebidheader506831276743&zMoatAType=content_article&zMoatTest=zdnet&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=188103&na=833555870&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 15:46:41 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 04 Feb 2021 15:46:41 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DD70 0
23 B 40ms
40ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021020101&jk=3341659706507691&bg=!b2ylbC_NAAWnsTPUpzsAKQB2-DxaEENEsCRHfItc5Kz8bT8UXqiP1CQ14bhSntnSCmMD1gIbHCTwAgAAAHdSAAAAFGgBBwoAV729cSlT3vtd_GD6evbAC8I67gEe26Zr2ftiHqIfKB_i7pbfRQuv4S3eIrtaXSEze4CvklNIMWXJamAVq_TPKZbf0uUyjjr6S6DQcXOY2IXsZPKz5s2IA5kBz7cgOBEUohucWhzJH7klARdI2sjFZ1vzHo1-uDLE9zYKr6AB-G7CpvJnFCXNJVtQu7mWPxTo3n6vR0vL57S5uh4_wGRvt-9Rt0vqqzLRdQ9g_ZxH_TNDDSzRZ7foo0ZBkF3sYET1brEZIk9ycbWAVmyWbOtxMTtnmEGVPXLsGoJ-lujqOOIPIkG5W8d39sdejJCBU-aLIhyCxWWK7vr-kNM5R2bNp7r_feNnJh4H2FDiPsHksB2UpWxJBMAy3Czi1mW0XKIP268rhluvclHNAEu_05JqSF2Dbr9qb9-at8eAaqpW5aylkROq80v0-Ny7GEJgj5hB9vwVGe149ImAF2e_yia49bJ0TfRvsOOD6EaJpL_MUFM4pv-PbcDHgkn-1oK1V1VfHTz22x0A7y9yftW6FM58r5Na-seLBsf1eOe5iDoCVkazsAPomzclV598DXZ3E8IsKKBwflWSQ1aFL2z2Kz8T618nWjC74HZTUO4U-M3eOCDKoAy_4bPMWNF0kmB40Sb1QCkCxZl4LzZWako9gMK662-RPQAr_fX_56pTo_tsjJ_tFsBBxGI7YrFTfgE7nAIRqsnQKObOm-_ZcftN6TZlKIvb0VdCny3g_q0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 15:46:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 38ms
38ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&zMoatAdUnit1=uk-zdnet&zMoatAdUnit2=security&wf=1&vb=8&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBS_PREBID_HEADER1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=1801734898&tf=Id8O-DxRgoC-xFQTS-CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-YtJRcnFITyNasGPVCywBEAhKBRM3uwndnCs78ABRGBCPEpDfmAqnEVFZ&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=11&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=248&w=474&rm=1&fy=1&gp=1&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&id=1&ii=4&f=0&j=&t=1612453598920&de=698903687532&rx=699394027241&cu=1612453598920&m=2371&ar=a4c42fd81f5-clean&iw=953a59b&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=1&lb=4774&le=1&lf=196&lg=1&lh=27&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A342%3A342%3A0%3A346&as=1&ag=1003&an=1003&gi=1&gf=1003&gg=1003&ix=1003&ic=1003&ez=1&ck=1003&kw=901&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1003&bx=1003&ci=1003&jz=901&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=901&cd=901&ah=901&am=901&rf=0&re=1&ft=574&fv=574&fw=574&wb=1&cl=0&at=0&d=25365849%3A465723849%3A4676441751%3A138290752599&bo=uk-zdnet&bd=security&gw=cbsprebidheader506831276743&zMoatAType=content_article&zMoatTest=zdnet&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=188103&na=1952877371&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 15:46:41 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 04 Feb 2021 15:46:41 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 42ms
42ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=1273&tet=1174&fi=1&apd=1474&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=25477209&L2id=2730704593&L3id=5609845120&L4id=138338738264&S1id=23605329&S2id=23619609&ord=1612453600067&r=922630261575&t=iv&os=1&fi2=0&div1=1&ait=302&zMoatVGUID=66471301-4b3f-419f-b5f3-8c1921e8da02&zMoatCURL=zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor&zMoatPS=nav&zMoatPT=article&zMoatSL=nav-ad%3FT-1000&bedc=1&q=5&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Feb 2021 15:46:41 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Thu, 04 Feb 2021 15:46:41 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 40ms
40ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&zMoatAdUnit1=uk-zdnet&zMoatAdUnit2=security&wf=1&vb=8&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBS_PREBID_HEADER1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=1801734898&tf=Id8O-DxRgoC-xFQTS-CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-YtJRcnFITyNasGPVCywBEAhKBRM3uwndnCs78ABRGBCPEpDfmAqnEVFZ&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=11&g=3&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=248&w=474&rm=1&fy=1&gp=1&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&id=1&ii=4&f=0&j=&t=1612453598920&de=698903687532&rx=699394027241&cu=1612453598920&m=2372&ar=a4c42fd81f5-clean&iw=953a59b&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=1&lb=4774&le=1&lf=196&lg=1&lh=27&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A342%3A342%3A0%3A346&as=1&ag=1003&an=1003&gi=1&gf=1003&gg=1003&ix=1003&ic=1003&ez=1&ck=1003&kw=901&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1003&bx=1003&ci=1003&jz=901&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=901&cd=901&ah=901&am=901&rf=0&re=1&ft=574&fv=574&fw=574&wb=1&cl=0&at=0&d=25365849%3A465723849%3A4676441751%3A138290752599&bo=uk-zdnet&bd=security&gw=cbsprebidheader506831276743&zMoatAType=content_article&zMoatTest=zdnet&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=188103&na=1804175965&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 15:46:41 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 04 Feb 2021 15:46:41 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 34ms
33ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CBSDFPCW2&hp=1&wf=1&vb=8&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1612453601564&de=385619064654&m=0&ar=a4c42fd81f5-clean&iw=0d5b00f&q=19&cb=0&ym=0&cu=1612453601564&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=25477209%3A2356361194%3A4746066197%3A138239375180&zMoatPT=article&zMoatW=372&zMoatH=142&zMoatVGUID=66471301-4b3f-419f-b5f3-8c1921e8da02&zMoatSN=a&zMoatAType=content_article&zMoatTest=zdnet&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&id=1&ii=4&bo=23605329&bp=23619609&bd=-&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatFT=Not%20Specified&zMoatSZ=372x142&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAB=content_article-zdnet&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&gw=cbsdfp5832910442&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A342%3A342%3A1886%3A346&iq=na&tt=na&tu=&tp=&fs=188103&na=988400491&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 15:46:41 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 04 Feb 2021 15:46:41 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 45ms
45ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CBSDFPCW2&hp=1&wf=1&vb=8&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1612453601582&de=125267642961&m=0&ar=a4c42fd81f5-clean&iw=0d5b00f&q=23&cb=0&ym=0&cu=1612453601582&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=25477209%3A2356361194%3A4746066197%3A138239375540&zMoatPT=article&zMoatW=372&zMoatH=142&zMoatVGUID=66471301-4b3f-419f-b5f3-8c1921e8da02&zMoatSN=a&zMoatAType=content_article&zMoatTest=zdnet&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&id=1&ii=4&bo=23605329&bp=23619609&bd=-&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatFT=Not%20Specified&zMoatSZ=372x142&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAB=content_article-zdnet&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&gw=cbsdfp5832910442&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A342%3A342%3A1886%3A346&iq=na&tt=na&tu=&tp=&fs=188103&na=1239464116&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 15:46:42 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 04 Feb 2021 15:46:42 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 34ms
33ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&zMoatAdUnit1=uk-zdnet&zMoatAdUnit2=security&wf=1&vb=8&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBS_PREBID_HEADER1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=1801734898&tf=Id8O-DxRgoC-xFQTS-CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-YtJRcnFITyNasGPVCywBEAhKBRM3uwndnCs78ABRGBCPEpDfmAqnEVFZ&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=11&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=600&w=300&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&id=1&ii=4&f=0&j=&t=1612453598920&de=235522032531&rx=699394027241&cu=1612453598920&m=2800&ar=a4c42fd81f5-clean&iw=953a59b&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4774&le=1&lf=196&lg=1&lh=27&ch=0&vv=1&vw=1%3A0%3A0&vp=72&vx=72%3A-%3A-&pe=1%3A342%3A342%3A0%3A346&as=1&ag=1004&an=210&gf=0&gg=0&ix=0&ic=0&ez=1&ck=1004&kw=1012&aj=1&pg=72&pf=72&ib=1&cc=1&bw=1004&bx=210&ci=1004&jz=1012&dj=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1012&cd=420&ah=1012&am=420&rf=0&re=1&ft=101&fv=0&fw=101&wb=1&cl=0&at=0&d=25365849%3A465723849%3A4676441751%3A138290752599&bo=uk-zdnet&bd=security&gw=cbsprebidheader506831276743&zMoatAType=content_article&zMoatTest=zdnet&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&tc=0&fs=188103&na=634890826&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 15:46:42 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 04 Feb 2021 15:46:42 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 35ms
34ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&vb=8&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBSDFPCW2&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=1801734898&tf=Id8O-DxRgoC-xFQTS-CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-YtJRcnFITyNasGPVCywBEAhKBRM3uwndnCs78ABRGBCPEpDfmAqnEVFZ&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=105&w=1600&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&id=1&ii=4&f=0&j=&t=1612453600067&de=922630261575&cu=1612453600067&m=1827&ar=a4c42fd81f5-clean&iw=0d5b00f&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4774&le=1&lf=0&lg=1&lh=300&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A342%3A342%3A1886%3A346&as=1&ag=1174&an=300&gi=1&gf=1174&gg=300&ix=1174&ic=1174&ez=1&ck=1174&kw=1273&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1174&bx=300&ci=1174&jz=1273&dj=1&aa=0&ad=713&cn=0&gk=713&gl=0&ik=713&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1273&cd=600&ah=1273&am=600&rf=0&re=1&ft=302&fv=0&fw=302&wb=1&cl=0&at=0&d=25477209%3A2730704593%3A5609845120%3A138338738264&bo=23605329&bp=23619609&bd=nav&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=5x5&zMoatPS=nav&zMoatSZPS=5x5%20%7C%20nav&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsdfp5832910442&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&zMoatW=5&zMoatH=5&zMoatVGUID=66471301-4b3f-419f-b5f3-8c1921e8da02&zMoatSN=a&zMoatSL=nav-ad%3FT-1000&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor&zMoatDev=Desktop&zMoatDfpSlotId=nav-ad&hv=CBS%20Attribute&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=nav-ad&iq=na&tt=na&tu=&tp=&tc=0&fs=188103&na=1575336403&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 15:46:42 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 04 Feb 2021 15:46:42 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 37ms
34ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&vb=8&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBSDFPCW2&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=1801734898&tf=Id8O-DxRgoC-xFQTS-CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-YtJRcnFITyNasGPVCywBEAhKBRM3uwndnCs78ABRGBCPEpDfmAqnEVFZ&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=105&w=1600&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&id=1&ii=4&f=0&j=&t=1612453600067&de=922630261575&cu=1612453600067&m=1829&ar=a4c42fd81f5-clean&iw=0d5b00f&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4774&le=1&lf=0&lg=1&lh=300&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A342%3A342%3A1886%3A346&as=1&ag=1174&an=1174&gi=1&gf=1174&gg=1174&ix=1174&ic=1174&ez=1&ck=1174&kw=1273&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1174&bx=1174&ci=1174&jz=1273&dj=1&aa=0&ad=713&cn=713&gk=713&gl=713&ik=713&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1273&cd=1273&ah=1273&am=1273&rf=0&re=1&ft=302&fv=302&fw=302&wb=1&cl=0&at=0&d=25477209%3A2730704593%3A5609845120%3A138338738264&bo=23605329&bp=23619609&bd=nav&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=5x5&zMoatPS=nav&zMoatSZPS=5x5%20%7C%20nav&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsdfp5832910442&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&zMoatW=5&zMoatH=5&zMoatVGUID=66471301-4b3f-419f-b5f3-8c1921e8da02&zMoatSN=a&zMoatSL=nav-ad%3FT-1000&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor&zMoatDev=Desktop&zMoatDfpSlotId=nav-ad&hv=CBS%20Attribute&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=nav-ad&iq=na&tt=na&tu=&tp=&tc=0&fs=188103&na=2057569010&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 15:46:42 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 04 Feb 2021 15:46:42 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame D6DB 42 B
92 B 46ms
45ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvo3lTwOCsp-4xq6Mc3fMBNLZjR4k8hR3QYSEMEQe9532czsdvDr3KGZnrNMnMrB-p_Gp2wIOlOobLLb2H-4EgGswarjQcJqPF3CgiUeXkUeb-kdC4LUEKjgBzkNGfaMLWIskAwvDeAnJC5QBB7vA&sai=AMfl-YRIkNgTIYNJC9IuyyNuoEp4Rqy2-fufr254X4cpgIyzZWLVTjkBSCxAEpf7Ahv8e_KUvoeUFQ3hNMVBafOizwImPoFcJD6DYQUWZ1ThDRM05vyvYNrrQq26wNaZ&sig=Cg0ArKJSzLf3ipJY72KrEAE&cid=CAASFeRobHV4zEWEpOeyHwoNpG64wQhRuw&id=ampim&o=315,395&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1011&mtos=0,0,0,1011,1011&tos=0,0,0,1011,0&tfs=864&tls=1875&g=100&h=100&tt=1876&r=v&avms=ampa&adk=3581870410

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 15:46:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 40ms
40ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&vb=8&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBSDFPCW2&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=1801734898&tf=Id8O-DxRgoC-xFQTS-CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-YtJRcnFITyNasGPVCywBEAhKBRM3uwndnCs78ABRGBCPEpDfmAqnEVFZ&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=0&g=3&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=105&w=1600&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&id=1&ii=4&f=0&j=&t=1612453600067&de=922630261575&cu=1612453600067&m=1830&ar=a4c42fd81f5-clean&iw=0d5b00f&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4774&le=1&lf=0&lg=1&lh=300&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A342%3A342%3A1886%3A346&as=1&ag=1174&an=1174&gi=1&gf=1174&gg=1174&ix=1174&ic=1174&ez=1&ck=1174&kw=1273&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1174&bx=1174&ci=1174&jz=1273&dj=1&aa=0&ad=713&cn=713&gk=713&gl=713&ik=713&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1273&cd=1273&ah=1273&am=1273&rf=0&re=1&ft=302&fv=302&fw=302&wb=1&cl=0&at=0&d=25477209%3A2730704593%3A5609845120%3A138338738264&bo=23605329&bp=23619609&bd=nav&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=5x5&zMoatPS=nav&zMoatSZPS=5x5%20%7C%20nav&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsdfp5832910442&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&zMoatW=5&zMoatH=5&zMoatVGUID=66471301-4b3f-419f-b5f3-8c1921e8da02&zMoatSN=a&zMoatSL=nav-ad%3FT-1000&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor&zMoatDev=Desktop&zMoatDfpSlotId=nav-ad&hv=CBS%20Attribute&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=nav-ad&iq=na&tt=na&tu=&tp=&tc=0&fs=188103&na=408624069&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 15:46:42 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 04 Feb 2021 15:46:42 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 8FAE 42 B
66 B 52ms
49ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuEvz1nfBOsUDzOTNWcfDgGinn3SX8XrtaSVKOVlhTu_9OvC-1Pb0sYdqWmnOYg4b_kpItK2H4x7SrmpF7acTT27eIRdyJsl6O8o8h71TDnmXYWtVSJxRLbgKs&sai=AMfl-YQhzBRY0P75n07pCrvyT1e4Zuqv9Qs0WBokhH1DbKqDAuTnuvksLGlkcFcyvFjCwfcVka-JxAYT6IJArZN4MmNZIqAKEqhxDw4qjZkPtzWWbmsQnlwvgrM6PjHr&sig=Cg0ArKJSzHPbwkajMKQ7EAE&cid=CAASFeRoX4zerTYaBbRJJS88EvrTsGb_9g&id=ampim&o=1050,770&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=453&tls=1453&g=71.66666388511658&h=71.66666388511658&tt=1453&r=v&avms=ampa&adk=1925781520

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 15:46:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 435B 42 B
155 B 39ms
38ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstzXKH-eA7PUBdRZjDmYBAP_CuV90GFxbmB8xssJ_RJbhltXsB8_Yz77fYHzpNmGiGtMjYVESgyh5XvXagyioEEuMq0irAhDUao1G7z-xM&sig=Cg0ArKJSzEQX4aeWNULGEAE&id=osdim&mcvt=1002&p=29,0,134,1600&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20210201&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=2072725681&rs=4&met=ce&la=0&cr=0&osd=0&vs=4&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 15:46:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 36ms
35ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&wf=1&vb=8&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBSDFPCW2&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=1801734898&tf=Id8O-DxRgoC-xFQTS-CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-YtJRcnFITyNasGPVCywBEAhKBRM3uwndnCs78ABRGBCPEpDfmAqnEVFZ&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=0&g=4&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=105&w=1600&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&id=1&ii=4&f=0&j=&t=1612453600067&de=922630261575&cu=1612453600067&m=2276&ar=a4c42fd81f5-clean&iw=0d5b00f&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4774&le=1&lf=0&lg=1&lh=300&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A342%3A342%3A1886%3A346&as=1&ag=1624&an=1174&gi=1&gf=1624&gg=1174&ix=1624&ic=1624&ez=1&ck=1174&kw=1273&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1624&bx=1174&ci=1174&jz=1273&dj=1&aa=1&ad=1163&cn=713&gn=1&gk=1163&gl=713&ik=1163&co=1163&cp=1719&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1719&cd=1273&ah=1719&am=1273&rf=0&re=1&ft=752&fv=302&fw=302&wb=1&cl=0&at=0&d=25477209%3A2730704593%3A5609845120%3A138338738264&bo=23605329&bp=23619609&bd=nav&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=5x5&zMoatPS=nav&zMoatSZPS=5x5%20%7C%20nav&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsdfp5832910442&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&zMoatW=5&zMoatH=5&zMoatVGUID=66471301-4b3f-419f-b5f3-8c1921e8da02&zMoatSN=a&zMoatSL=nav-ad%3FT-1000&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor&zMoatDev=Desktop&zMoatDfpSlotId=nav-ad&hv=CBS%20Attribute&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=nav-ad&iq=na&tt=na&tu=&tp=&tc=0&fs=188103&na=1161298157&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 15:46:42 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 04 Feb 2021 15:46:42 GMT

POST
H2 204 /
685b391d.akstat.io/ 0
201 B 33ms
30ms Other
image/gif 2a02:26f0:6c00:2a3::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://685b391d.akstat.io/

Requested by

Host: c.go-mpulse.net
URL: https://c.go-mpulse.net/boomerang/YZ2TK-PC7PJ-K64DL-L53CR-P2G4E

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00:2a3::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 15:46:42 GMT
content-type: image/gif
access-control-allow-origin: https://www.zdnet.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 0
expires: Thu, 04 Feb 2021 15:46:42 GMT

GET
H2 200 video.high.mp4
tr.clipcentric.com/s/B=244/F=1112453/R=1112443/C=117562/P=22/L=21/V=23/S=5tnKQa1G/Z=1/I=120.058626.1612453600511/U=www.zdnet.com/T=2332/M=i/D=d/PO=zdnet.com/LO=5609845120/VO=138338738264/E=vprogres... Frame 435B 35 B
136 B 121ms
121ms Image
image/gif 52.205.20.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.clipcentric.com/s/B=244/F=1112453/R=1112443/C=117562/P=22/L=21/V=23/S=5tnKQa1G/Z=1/I=120.058626.1612453600511/U=www.zdnet.com/T=2332/M=i/D=d/PO=zdnet.com/LO=5609845120/VO=138338738264/E=vprogress_1:video%20auto/!https://clipcentric-a.akamaihd.net/video/F=1112453/V=ad_800x450_w1220_ch0/T=1611763118/S=PW0ZeNho/video.high.mp4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.20.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-20-149.compute-1.amazonaws.com
Software: Apache/2.2.34 /
Resource Hash: 6c63cc5063ac82d8bbc925f9a31adf3a87f1510c021e0fde51854d60484b5019

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:42 GMT
cache-control: no-cache
server: Apache/2.2.34
content-length: 35
content-type: image/gif

GET
H2 200 video.high.mp4
tr.clipcentric.com/s/B=244/F=1112453/R=1112443/C=117562/P=22/L=21/V=23/S=5tnKQa1G/Z=1/I=120.058626.1612453600511/U=www.zdnet.com/T=3832/M=i/D=d/PO=zdnet.com/LO=5609845120/VO=138338738264/E=vprogres... Frame 435B 35 B
136 B 120ms
120ms Image
image/gif 52.205.20.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.clipcentric.com/s/B=244/F=1112453/R=1112443/C=117562/P=22/L=21/V=23/S=5tnKQa1G/Z=1/I=120.058626.1612453600511/U=www.zdnet.com/T=3832/M=i/D=d/PO=zdnet.com/LO=5609845120/VO=138338738264/E=vprogress_2:video%20auto/!https://clipcentric-a.akamaihd.net/video/F=1112453/V=ad_800x450_w1220_ch0/T=1611763118/S=PW0ZeNho/video.high.mp4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.20.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-20-149.compute-1.amazonaws.com
Software: Apache/2.2.34 /
Resource Hash: 6c63cc5063ac82d8bbc925f9a31adf3a87f1510c021e0fde51854d60484b5019

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:44 GMT
cache-control: no-cache
server: Apache/2.2.34
content-length: 35
content-type: image/gif

GET
H2 200 video.high.mp4
tr.clipcentric.com/s/B=244/F=1112453/R=1112443/C=117562/P=22/L=21/V=23/S=5tnKQa1G/Z=1/I=120.058626.1612453600511/U=www.zdnet.com/T=4532/M=i/D=d/PO=zdnet.com/LO=5609845120/VO=138338738264/E=vprogres... Frame 435B 35 B
136 B 120ms
120ms Image
image/gif 52.205.20.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.clipcentric.com/s/B=244/F=1112453/R=1112443/C=117562/P=22/L=21/V=23/S=5tnKQa1G/Z=1/I=120.058626.1612453600511/U=www.zdnet.com/T=4532/M=i/D=d/PO=zdnet.com/LO=5609845120/VO=138338738264/E=vprogress_2p5:video%20auto/!https://clipcentric-a.akamaihd.net/video/F=1112453/V=ad_800x450_w1220_ch0/T=1611763118/S=PW0ZeNho/video.high.mp4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.20.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-20-149.compute-1.amazonaws.com
Software: Apache/2.2.34 /
Resource Hash: 6c63cc5063ac82d8bbc925f9a31adf3a87f1510c021e0fde51854d60484b5019

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:45 GMT
cache-control: no-cache
server: Apache/2.2.34
content-length: 35
content-type: image/gif

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 48ms
46ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&zMoatAdUnit1=uk-zdnet&zMoatAdUnit2=security&wf=1&vb=8&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBS_PREBID_HEADER1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=1801734898&tf=Id8O-DxRgoC-xFQTS-CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-YtJRcnFITyNasGPVCywBEAhKBRM3uwndnCs78ABRGBCPEpDfmAqnEVFZ&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=11&g=4&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=248&w=474&rm=1&fy=1&gp=1&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&id=1&ii=4&f=0&j=&t=1612453598920&de=698903687532&rx=699394027241&cu=1612453598920&m=6464&ar=a4c42fd81f5-clean&iw=953a59b&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=1&lb=4774&le=1&lf=196&lg=1&lh=27&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A342%3A342%3A0%3A346&as=1&ag=5098&an=1003&gi=1&gf=5098&gg=1003&ix=5098&ic=5098&ez=1&ck=1003&kw=901&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5098&bx=1003&ci=1003&jz=901&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5003&cd=901&ah=5003&am=901&rf=0&re=1&ft=4669&fv=574&fw=574&wb=2&cl=0&at=0&d=25365849%3A465723849%3A4676441751%3A138290752599&bo=uk-zdnet&bd=security&gw=cbsprebidheader506831276743&zMoatAType=content_article&zMoatTest=zdnet&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=188103&na=1473684204&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 15:46:45 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 04 Feb 2021 15:46:45 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 40ms
39ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&zMoatAdUnit1=uk-zdnet&zMoatAdUnit2=security&wf=1&vb=8&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBS_PREBID_HEADER1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=1801734898&tf=Id8O-DxRgoC-xFQTS-CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-YtJRcnFITyNasGPVCywBEAhKBRM3uwndnCs78ABRGBCPEpDfmAqnEVFZ&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=11&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=600&w=300&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&id=1&ii=4&f=0&j=&t=1612453598920&de=235522032531&rx=699394027241&cu=1612453598920&m=6872&ar=a4c42fd81f5-clean&iw=953a59b&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4774&le=1&lf=196&lg=1&lh=27&ch=0&vv=1&vw=1%3A0%3A0&vp=72&vx=72%3A-%3A-&pe=1%3A342%3A342%3A0%3A346&as=1&ag=5075&an=1004&gf=0&gg=0&ix=0&ic=0&ez=1&ck=1004&kw=1012&aj=1&pg=72&pf=72&ib=1&cc=1&bw=5075&bx=1004&ci=1004&jz=1012&dj=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5082&cd=1012&ah=5082&am=1012&rf=0&re=1&ft=4172&fv=101&fw=101&wb=1&cl=0&at=0&d=25365849%3A465723849%3A4676441751%3A138290752599&bo=uk-zdnet&bd=security&gw=cbsprebidheader506831276743&zMoatAType=content_article&zMoatTest=zdnet&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&tc=0&fs=188103&na=1637667204&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 15:46:45 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 04 Feb 2021 15:46:45 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 63ms
62ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&vb=8&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBSDFPCW2&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=1801734898&tf=Id8O-DxRgoC-xFQTS-CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-YtJRcnFITyNasGPVCywBEAhKBRM3uwndnCs78ABRGBCPEpDfmAqnEVFZ&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=0&g=5&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=105&w=1600&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&id=1&ii=4&f=0&j=&t=1612453600067&de=922630261575&cu=1612453600067&m=5737&ar=a4c42fd81f5-clean&iw=0d5b00f&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4774&le=1&lf=0&lg=1&lh=300&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A342%3A342%3A1886%3A346&as=1&ag=5084&an=1624&gi=1&gf=5084&gg=1624&ix=5084&ic=5084&ez=1&ck=1174&kw=1273&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5084&bx=1624&ci=1174&jz=1273&dj=1&aa=1&ad=4623&cn=1163&gn=1&gk=4623&gl=1163&ik=4623&co=1163&cp=1719&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5175&cd=1719&ah=5175&am=1719&rf=0&re=1&ft=4212&fv=752&fw=302&wb=2&cl=0&at=0&d=25477209%3A2730704593%3A5609845120%3A138338738264&bo=23605329&bp=23619609&bd=nav&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=5x5&zMoatPS=nav&zMoatSZPS=5x5%20%7C%20nav&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsdfp5832910442&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&zMoatW=5&zMoatH=5&zMoatVGUID=66471301-4b3f-419f-b5f3-8c1921e8da02&zMoatSN=a&zMoatSL=nav-ad%3FT-1000&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor&zMoatDev=Desktop&zMoatDfpSlotId=nav-ad&hv=CBS%20Attribute&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=nav-ad&iq=na&tt=na&tu=&tp=&tc=0&fs=188103&na=456500489&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 15:46:45 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 04 Feb 2021 15:46:45 GMT

GET
H2 200 video.high.mp4
tr.clipcentric.com/s/B=244/F=1112453/R=1112443/C=117562/P=22/L=21/V=23/S=5tnKQa1G/Z=1/I=120.058626.1612453600511/U=www.zdnet.com/T=5333/M=i/D=d/PO=zdnet.com/LO=5609845120/VO=138338738264/E=vprogres... Frame 435B 35 B
136 B 119ms
119ms Image
image/gif 52.205.20.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.clipcentric.com/s/B=244/F=1112453/R=1112443/C=117562/P=22/L=21/V=23/S=5tnKQa1G/Z=1/I=120.058626.1612453600511/U=www.zdnet.com/T=5333/M=i/D=d/PO=zdnet.com/LO=5609845120/VO=138338738264/E=vprogress_3:video%20auto/!https://clipcentric-a.akamaihd.net/video/F=1112453/V=ad_800x450_w1220_ch0/T=1611763118/S=PW0ZeNho/video.high.mp4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.20.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-20-149.compute-1.amazonaws.com
Software: Apache/2.2.34 /
Resource Hash: 6c63cc5063ac82d8bbc925f9a31adf3a87f1510c021e0fde51854d60484b5019

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:45 GMT
cache-control: no-cache
server: Apache/2.2.34
content-length: 35
content-type: image/gif

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 85ms
69ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&zMoatAdUnit1=uk-zdnet&zMoatAdUnit2=security&wf=1&vb=8&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBS_PREBID_HEADER1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=1801734898&tf=Id8O-DxRgoC-xFQTS-CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-YtJRcnFITyNasGPVCywBEAhKBRM3uwndnCs78ABRGBCPEpDfmAqnEVFZ&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=11&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&rm=1&fy=1050&gp=2346&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&id=1&ii=4&f=0&j=&t=1612453598920&de=767266563991&rx=699394027241&cu=1612453598920&m=7278&ar=a4c42fd81f5-clean&iw=953a59b&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=2346&lb=4774&le=1&lf=196&lg=1&lh=27&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A342%3A342%3A0%3A346&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5069&cd=40&ah=5069&am=40&rf=0&re=1&wb=1&cl=0&at=0&d=25365849%3A465723849%3A4676441751%3A138290752599&bo=uk-zdnet&bd=security&gw=cbsprebidheader506831276743&zMoatAType=content_article&zMoatTest=zdnet&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=188103&na=1282588034&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 15:46:46 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 04 Feb 2021 15:46:46 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 60ms
59ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&zMoatAdUnit1=uk-zdnet&zMoatAdUnit2=security&wf=1&vb=8&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBS_PREBID_HEADER1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=1801734898&tf=Id8O-DxRgoC-xFQTS-CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-YtJRcnFITyNasGPVCywBEAhKBRM3uwndnCs78ABRGBCPEpDfmAqnEVFZ&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=11&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=157&w=300&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&id=1&ii=4&f=0&j=&t=1612453598920&de=528807815879&rx=699394027241&cu=1612453598920&m=7279&ar=a4c42fd81f5-clean&iw=953a59b&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4774&le=1&lf=196&lg=1&lh=27&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A342%3A342%3A0%3A346&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5029&cd=5&ah=5029&am=5&rf=0&re=1&wb=1&cl=0&at=0&d=25365849%3A465723849%3A4676441751%3A138290752599&bo=uk-zdnet&bd=security&gw=cbsprebidheader506831276743&zMoatAType=content_article&zMoatTest=zdnet&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=188103&na=516383722&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 15:46:46 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 04 Feb 2021 15:46:46 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 43ms
43ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&zMoatAdUnit1=uk-zdnet&zMoatAdUnit2=security&wf=1&vb=8&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBS_PREBID_HEADER1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=1801734898&tf=Id8O-DxRgoC-xFQTS-CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-YtJRcnFITyNasGPVCywBEAhKBRM3uwndnCs78ABRGBCPEpDfmAqnEVFZ&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=11&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=970&rm=1&fy=315&gp=4154.390625&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&id=1&ii=4&f=0&j=&t=1612453598920&de=16301345252&rx=699394027241&cu=1612453598920&m=7280&ar=a4c42fd81f5-clean&iw=953a59b&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=4154.390625&lb=4774&le=1&lf=196&lg=1&lh=27&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A342%3A342%3A0%3A346&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&im=0&in=0&pd=0&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5024&cd=12&ah=5024&am=12&rf=0&re=1&wb=1&cl=0&at=0&d=25365849%3A465723849%3A4676441751%3A138290752599&bo=uk-zdnet&bd=security&gw=cbsprebidheader506831276743&zMoatAType=content_article&zMoatTest=zdnet&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=188103&na=1131095929&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 15:46:46 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 04 Feb 2021 15:46:46 GMT

GET
H2 200 video.high.mp4
tr.clipcentric.com/s/B=244/F=1112453/R=1112443/C=117562/P=22/L=21/V=23/S=5tnKQa1G/Z=1/I=120.058626.1612453600511/U=www.zdnet.com/T=6847/M=i/D=d/PO=zdnet.com/LO=5609845120/VO=138338738264/E=vprogres... Frame 435B 35 B
136 B 122ms
118ms Image
image/gif 52.205.20.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.clipcentric.com/s/B=244/F=1112453/R=1112443/C=117562/P=22/L=21/V=23/S=5tnKQa1G/Z=1/I=120.058626.1612453600511/U=www.zdnet.com/T=6847/M=i/D=d/PO=zdnet.com/LO=5609845120/VO=138338738264/E=vprogress_4:video%20auto/!https://clipcentric-a.akamaihd.net/video/F=1112453/V=ad_800x450_w1220_ch0/T=1611763118/S=PW0ZeNho/video.high.mp4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.20.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-20-149.compute-1.amazonaws.com
Software: Apache/2.2.34 /
Resource Hash: 6c63cc5063ac82d8bbc925f9a31adf3a87f1510c021e0fde51854d60484b5019

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:47 GMT
cache-control: no-cache
server: Apache/2.2.34
content-length: 35
content-type: image/gif

GET
H2 200 video.high.mp4
tr.clipcentric.com/s/B=244/F=1112453/R=1112443/C=117562/P=22/L=21/V=23/S=5tnKQa1G/Z=1/I=120.058626.1612453600511/U=www.zdnet.com/T=8332/M=i/D=d/PO=zdnet.com/LO=5609845120/VO=138338738264/E=vprogres... Frame 435B 35 B
136 B 119ms
119ms Image
image/gif 52.205.20.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.clipcentric.com/s/B=244/F=1112453/R=1112443/C=117562/P=22/L=21/V=23/S=5tnKQa1G/Z=1/I=120.058626.1612453600511/U=www.zdnet.com/T=8332/M=i/D=d/PO=zdnet.com/LO=5609845120/VO=138338738264/E=vprogress_5:video%20auto/!https://clipcentric-a.akamaihd.net/video/F=1112453/V=ad_800x450_w1220_ch0/T=1611763118/S=PW0ZeNho/video.high.mp4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.20.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-20-149.compute-1.amazonaws.com
Software: Apache/2.2.34 /
Resource Hash: 6c63cc5063ac82d8bbc925f9a31adf3a87f1510c021e0fde51854d60484b5019

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:48 GMT
cache-control: no-cache
server: Apache/2.2.34
content-length: 35
content-type: image/gif

POST
H/1.1 200
OK NRJS-04e0f5db0886b3b33ff Show response
bam-cell.nr-data.net/events/1/ 24 B
489 B 153ms
153ms XHR
image/gif 162.247.243.146
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/events/1/NRJS-04e0f5db0886b3b33ff?a=450235099&v=1194.94d5a62&to=ZFMHbUMCXktYWxJZX10ZJFpFCl9WFlkURFlQWgBmQgpeX1Vd&rst=11974&ck=1&ref=https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1194.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.146 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: text/plain

Response headers

Date: Thu, 04 Feb 2021 15:46:49 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.zdnet.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
CF-Ray: 61c586d29a52233d-ZRH
Content-Length: 24
cf-request-id: 080f52979f0000233dfb00e000000001

GET
H2 200 video.high.mp4
tr.clipcentric.com/s/B=244/F=1112453/R=1112443/C=117562/P=22/L=21/V=23/S=5tnKQa1G/Z=1/I=120.058626.1612453600511/U=www.zdnet.com/T=9832/M=i/D=d/PO=zdnet.com/LO=5609845120/VO=138338738264/E=vprogres... Frame 435B 35 B
136 B 124ms
124ms Image
image/gif 52.205.20.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.clipcentric.com/s/B=244/F=1112453/R=1112443/C=117562/P=22/L=21/V=23/S=5tnKQa1G/Z=1/I=120.058626.1612453600511/U=www.zdnet.com/T=9832/M=i/D=d/PO=zdnet.com/LO=5609845120/VO=138338738264/E=vprogress_6:video%20auto/!https://clipcentric-a.akamaihd.net/video/F=1112453/V=ad_800x450_w1220_ch0/T=1611763118/S=PW0ZeNho/video.high.mp4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.20.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-20-149.compute-1.amazonaws.com
Software: Apache/2.2.34 /
Resource Hash: 6c63cc5063ac82d8bbc925f9a31adf3a87f1510c021e0fde51854d60484b5019

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:50 GMT
cache-control: no-cache
server: Apache/2.2.34
content-length: 35
content-type: image/gif

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 37ms
37ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&zMoatAdUnit1=uk-zdnet&zMoatAdUnit2=security&wf=1&vb=8&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBS_PREBID_HEADER1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=1801734898&tf=Id8O-DxRgoC-xFQTS-CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-YtJRcnFITyNasGPVCywBEAhKBRM3uwndnCs78ABRGBCPEpDfmAqnEVFZ&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=11&g=5&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=248&w=474&rm=1&fy=1&gp=1&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&id=1&ii=4&f=0&j=&t=1612453598920&de=698903687532&rx=699394027241&cu=1612453598920&m=11537&ar=a4c42fd81f5-clean&iw=953a59b&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=1&lb=4774&le=1&lf=196&lg=1&lh=27&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A342%3A342%3A0%3A346&as=1&ag=10170&an=5098&gi=1&gf=10170&gg=5098&ix=10170&ic=10170&ez=1&ck=1003&kw=901&aj=1&pg=100&pf=100&ib=0&cc=1&bw=10170&bx=5098&ci=1003&jz=901&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10077&cd=5003&ah=10077&am=5003&rf=0&re=1&ft=5177&fv=4669&fw=574&wb=2&cl=0&at=0&d=25365849%3A465723849%3A4676441751%3A138290752599&bo=uk-zdnet&bd=security&gw=cbsprebidheader506831276743&zMoatAType=content_article&zMoatTest=zdnet&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=188103&na=409494892&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 15:46:50 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 04 Feb 2021 15:46:50 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 36ms
35ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=25&q=2&hp=1&zMoatAdUnit1=uk-zdnet&zMoatAdUnit2=security&wf=1&vb=8&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F17850963379517095553%2Fdownsize_200k_v1%3Fsqp%3D4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoI2gMQ-AEYASABLQAAAD8w2gM4-AFFAACAPw%26rs%3DAOga4qk-LkeWXnLJehWBAaYfmIC3y2gy4Q&i=CBS_PREBID_HEADER1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=1801734898&tf=Id8O-DxRgoC-xFQTS-CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-YtJRcnFITyNasGPVCywBEAhKBRM3uwndnCs78ABRGBCPEpDfmAqnEVFZ&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=11&g=6&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=248&w=474&rm=1&fy=1&gp=1&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&id=1&ii=4&f=0&j=&t=1612453598920&de=698903687532&rx=699394027241&cu=1612453598920&m=11739&ar=a4c42fd81f5-clean&iw=953a59b&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=1&lb=4774&le=1&lf=196&lg=1&lh=27&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A342%3A342%3A0%3A346&as=1&ag=10373&an=10170&gi=1&gf=10373&gg=10170&ix=10373&ic=10373&ez=1&ck=1003&kw=901&aj=1&pg=100&pf=100&ib=0&cc=1&bw=10373&bx=10170&ci=1003&jz=901&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10279&cd=10077&ah=10279&am=10077&rf=0&re=1&ft=5177&fv=5177&fw=574&wb=2&cl=0&at=0&d=25365849%3A465723849%3A4676441751%3A138290752599&bo=uk-zdnet&bd=security&gw=cbsprebidheader506831276743&zMoatAType=content_article&zMoatTest=zdnet&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=188103&zsqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoI2gMQ-AEYASABLQAAAD8w2gM4-AFFAACAPw&zrs=AOga4qk-LkeWXnLJehWBAaYfmIC3y2gy4Q&na=141100622&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 15:46:50 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 04 Feb 2021 15:46:50 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 33ms
32ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&zMoatAdUnit1=uk-zdnet&zMoatAdUnit2=security&wf=1&vb=8&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBS_PREBID_HEADER1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=1801734898&tf=Id8O-DxRgoC-xFQTS-CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-YtJRcnFITyNasGPVCywBEAhKBRM3uwndnCs78ABRGBCPEpDfmAqnEVFZ&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=11&g=3&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=600&w=300&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&id=1&ii=4&f=0&j=&t=1612453598920&de=235522032531&rx=699394027241&cu=1612453598920&m=11942&ar=a4c42fd81f5-clean&iw=953a59b&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4774&le=1&lf=196&lg=1&lh=27&ch=0&vv=1&vw=1%3A0%3A0&vp=72&vx=72%3A-%3A-&pe=1%3A342%3A342%3A0%3A346&as=1&ag=10146&an=5075&gf=0&gg=0&ix=0&ic=0&ez=1&ck=1004&kw=1012&aj=1&pg=72&pf=72&ib=1&cc=1&bw=10146&bx=5075&ci=1004&jz=1012&dj=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10154&cd=5082&ah=10154&am=5082&rf=0&re=1&ft=4885&fv=4172&fw=101&wb=1&cl=0&at=0&d=25365849%3A465723849%3A4676441751%3A138290752599&bo=uk-zdnet&bd=security&gw=cbsprebidheader506831276743&zMoatAType=content_article&zMoatTest=zdnet&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&tc=0&fs=188103&na=340063421&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 15:46:50 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 04 Feb 2021 15:46:50 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 33ms
32ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&wf=1&vb=8&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBSDFPCW2&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=1801734898&tf=Id8O-DxRgoC-xFQTS-CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-YtJRcnFITyNasGPVCywBEAhKBRM3uwndnCs78ABRGBCPEpDfmAqnEVFZ&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=0&g=6&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=105&w=1600&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&id=1&ii=4&f=0&j=&t=1612453600067&de=922630261575&cu=1612453600067&m=10798&ar=a4c42fd81f5-clean&iw=0d5b00f&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4774&le=1&lf=0&lg=1&lh=300&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A342%3A342%3A1886%3A346&as=1&ag=10146&an=5084&gi=1&gf=10146&gg=5084&ix=10146&ic=10146&ez=1&ck=1174&kw=1273&aj=1&pg=100&pf=100&ib=0&cc=1&bw=10146&bx=5084&ci=1174&jz=1273&dj=1&aa=1&ad=9685&cn=4623&gn=1&gk=9685&gl=4623&ik=9685&co=1163&cp=1719&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10243&cd=5175&ah=10243&am=5175&rf=0&re=1&ft=4923&fv=4212&fw=302&wb=2&cl=0&at=0&d=25477209%3A2730704593%3A5609845120%3A138338738264&bo=23605329&bp=23619609&bd=nav&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=5x5&zMoatPS=nav&zMoatSZPS=5x5%20%7C%20nav&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsdfp5832910442&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&zMoatW=5&zMoatH=5&zMoatVGUID=66471301-4b3f-419f-b5f3-8c1921e8da02&zMoatSN=a&zMoatSL=nav-ad%3FT-1000&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor&zMoatDev=Desktop&zMoatDfpSlotId=nav-ad&hv=CBS%20Attribute&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=nav-ad&iq=na&tt=na&tu=&tp=&tc=0&fs=188103&na=344643860&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 15:46:50 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 04 Feb 2021 15:46:50 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 46ms
46ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=25&q=2&hp=1&zMoatAdUnit1=uk-zdnet&zMoatAdUnit2=security&wf=1&vb=8&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F11439878865123501431%3Fsqp%3D4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg%26rs%3DAOga4qnbwMXsfpr_lI8oZQLC3BI6TCPEMQ&i=CBS_PREBID_HEADER1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=1801734898&tf=Id8O-DxRgoC-xFQTS-CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-YtJRcnFITyNasGPVCywBEAhKBRM3uwndnCs78ABRGBCPEpDfmAqnEVFZ&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=11&g=4&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=600&w=300&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&id=1&ii=4&f=0&j=&t=1612453598920&de=235522032531&rx=699394027241&cu=1612453598920&m=12145&ar=a4c42fd81f5-clean&iw=953a59b&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4774&le=1&lf=196&lg=1&lh=27&ch=0&vv=1&vw=1%3A0%3A0&vp=72&vx=72%3A-%3A-&pe=1%3A342%3A342%3A0%3A346&as=1&ag=10349&an=10146&gf=0&gg=0&ix=0&ic=0&ez=1&ck=1004&kw=1012&aj=1&pg=72&pf=72&ib=1&cc=1&bw=10349&bx=10146&ci=1004&jz=1012&dj=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10356&cd=10154&ah=10356&am=10154&rf=0&re=1&ft=4885&fv=4885&fw=101&wb=1&cl=0&at=0&d=25365849%3A465723849%3A4676441751%3A138290752599&bo=uk-zdnet&bd=security&gw=cbsprebidheader506831276743&zMoatAType=content_article&zMoatTest=zdnet&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&tc=0&fs=188103&zsqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&zrs=AOga4qnbwMXsfpr_lI8oZQLC3BI6TCPEMQ&na=1131825905&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 15:46:51 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 04 Feb 2021 15:46:51 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 36ms
36ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&zMoatAdUnit1=uk-zdnet&zMoatAdUnit2=security&wf=1&vb=8&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBS_PREBID_HEADER1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=1801734898&tf=Id8O-DxRgoC-xFQTS-CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-YtJRcnFITyNasGPVCywBEAhKBRM3uwndnCs78ABRGBCPEpDfmAqnEVFZ&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=11&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&rm=1&fy=1050&gp=2346&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&id=1&ii=4&f=0&j=&t=1612453598920&de=767266563991&rx=699394027241&cu=1612453598920&m=12348&ar=a4c42fd81f5-clean&iw=953a59b&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=2346&lb=4774&le=1&lf=196&lg=1&lh=27&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A342%3A342%3A0%3A346&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10139&cd=5069&ah=10139&am=5069&rf=0&re=1&wb=1&cl=0&at=0&d=25365849%3A465723849%3A4676441751%3A138290752599&bo=uk-zdnet&bd=security&gw=cbsprebidheader506831276743&zMoatAType=content_article&zMoatTest=zdnet&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=188103&na=925144080&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 15:46:51 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 04 Feb 2021 15:46:51 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 38ms
37ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&zMoatAdUnit1=uk-zdnet&zMoatAdUnit2=security&wf=1&vb=8&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBS_PREBID_HEADER1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=1801734898&tf=Id8O-DxRgoC-xFQTS-CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-YtJRcnFITyNasGPVCywBEAhKBRM3uwndnCs78ABRGBCPEpDfmAqnEVFZ&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=11&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=157&w=300&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&id=1&ii=4&f=0&j=&t=1612453598920&de=528807815879&rx=699394027241&cu=1612453598920&m=12349&ar=a4c42fd81f5-clean&iw=953a59b&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4774&le=1&lf=196&lg=1&lh=27&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A342%3A342%3A0%3A346&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10099&cd=5029&ah=10099&am=5029&rf=0&re=1&wb=1&cl=0&at=0&d=25365849%3A465723849%3A4676441751%3A138290752599&bo=uk-zdnet&bd=security&gw=cbsprebidheader506831276743&zMoatAType=content_article&zMoatTest=zdnet&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=188103&na=1815279602&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 15:46:51 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 04 Feb 2021 15:46:51 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 35ms
34ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&zMoatAdUnit1=uk-zdnet&zMoatAdUnit2=security&wf=1&vb=8&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBS_PREBID_HEADER1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=1801734898&tf=Id8O-DxRgoC-xFQTS-CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-YtJRcnFITyNasGPVCywBEAhKBRM3uwndnCs78ABRGBCPEpDfmAqnEVFZ&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=11&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=970&rm=1&fy=315&gp=4154.390625&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&id=1&ii=4&f=0&j=&t=1612453598920&de=16301345252&rx=699394027241&cu=1612453598920&m=12349&ar=a4c42fd81f5-clean&iw=953a59b&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=4154.390625&lb=4774&le=1&lf=196&lg=1&lh=27&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A342%3A342%3A0%3A346&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&im=0&in=0&pd=0&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10094&cd=5024&ah=10094&am=5024&rf=0&re=1&wb=1&cl=0&at=0&d=25365849%3A465723849%3A4676441751%3A138290752599&bo=uk-zdnet&bd=security&gw=cbsprebidheader506831276743&zMoatAType=content_article&zMoatTest=zdnet&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=188103&na=1387700717&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 15:46:51 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 04 Feb 2021 15:46:51 GMT

GET
H2 200 video.high.mp4
tr.clipcentric.com/s/B=244/F=1112453/R=1112443/C=117562/P=22/L=21/V=23/S=5tnKQa1G/Z=1/I=120.058626.1612453600511/U=www.zdnet.com/T=11332/M=i/D=d/PO=zdnet.com/LO=5609845120/VO=138338738264/E=vprogre... Frame 435B 35 B
136 B 120ms
119ms Image
image/gif 52.205.20.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.clipcentric.com/s/B=244/F=1112453/R=1112443/C=117562/P=22/L=21/V=23/S=5tnKQa1G/Z=1/I=120.058626.1612453600511/U=www.zdnet.com/T=11332/M=i/D=d/PO=zdnet.com/LO=5609845120/VO=138338738264/E=vprogress_7:video%20auto/!https://clipcentric-a.akamaihd.net/video/F=1112453/V=ad_800x450_w1220_ch0/T=1611763118/S=PW0ZeNho/video.high.mp4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.20.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-20-149.compute-1.amazonaws.com
Software: Apache/2.2.34 /
Resource Hash: 6c63cc5063ac82d8bbc925f9a31adf3a87f1510c021e0fde51854d60484b5019

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:51 GMT
cache-control: no-cache
server: Apache/2.2.34
content-length: 35
content-type: image/gif

GET
H2 200 video.high.mp4
tr.clipcentric.com/s/B=244/F=1112453/R=1112443/C=117562/P=22/L=21/V=23/S=5tnKQa1G/Z=1/I=120.058626.1612453600511/U=www.zdnet.com/T=12134/M=i/D=d/PO=zdnet.com/LO=5609845120/VO=138338738264/E=vprogre... Frame 435B 35 B
136 B 121ms
120ms Image
image/gif 52.205.20.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.clipcentric.com/s/B=244/F=1112453/R=1112443/C=117562/P=22/L=21/V=23/S=5tnKQa1G/Z=1/I=120.058626.1612453600511/U=www.zdnet.com/T=12134/M=i/D=d/PO=zdnet.com/LO=5609845120/VO=138338738264/E=vprogress_7p5:video%20auto/!https://clipcentric-a.akamaihd.net/video/F=1112453/V=ad_800x450_w1220_ch0/T=1611763118/S=PW0ZeNho/video.high.mp4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.20.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-20-149.compute-1.amazonaws.com
Software: Apache/2.2.34 /
Resource Hash: 6c63cc5063ac82d8bbc925f9a31adf3a87f1510c021e0fde51854d60484b5019

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:52 GMT
cache-control: no-cache
server: Apache/2.2.34
content-length: 35
content-type: image/gif

GET
H2 200 video.high.mp4
tr.clipcentric.com/s/B=244/F=1112453/R=1112443/C=117562/P=22/L=21/V=23/S=5tnKQa1G/Z=1/I=120.058626.1612453600511/U=www.zdnet.com/T=12832/M=i/D=d/PO=zdnet.com/LO=5609845120/VO=138338738264/E=vprogre... Frame 435B 35 B
136 B 119ms
119ms Image
image/gif 52.205.20.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.clipcentric.com/s/B=244/F=1112453/R=1112443/C=117562/P=22/L=21/V=23/S=5tnKQa1G/Z=1/I=120.058626.1612453600511/U=www.zdnet.com/T=12832/M=i/D=d/PO=zdnet.com/LO=5609845120/VO=138338738264/E=vprogress_8:video%20auto/!https://clipcentric-a.akamaihd.net/video/F=1112453/V=ad_800x450_w1220_ch0/T=1611763118/S=PW0ZeNho/video.high.mp4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.20.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-20-149.compute-1.amazonaws.com
Software: Apache/2.2.34 /
Resource Hash: 6c63cc5063ac82d8bbc925f9a31adf3a87f1510c021e0fde51854d60484b5019

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:53 GMT
cache-control: no-cache
server: Apache/2.2.34
content-length: 35
content-type: image/gif

GET
H2 200 video.high.mp4
tr.clipcentric.com/s/B=244/F=1112453/R=1112443/C=117562/P=22/L=21/V=23/S=5tnKQa1G/Z=1/I=120.058626.1612453600511/U=www.zdnet.com/T=14432/M=i/D=d/PO=zdnet.com/LO=5609845120/VO=138338738264/E=vprogre... Frame 435B 35 B
136 B 128ms
127ms Image
image/gif 52.205.20.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.clipcentric.com/s/B=244/F=1112453/R=1112443/C=117562/P=22/L=21/V=23/S=5tnKQa1G/Z=1/I=120.058626.1612453600511/U=www.zdnet.com/T=14432/M=i/D=d/PO=zdnet.com/LO=5609845120/VO=138338738264/E=vprogress_9:video%20auto/!https://clipcentric-a.akamaihd.net/video/F=1112453/V=ad_800x450_w1220_ch0/T=1611763118/S=PW0ZeNho/video.high.mp4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.20.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-20-149.compute-1.amazonaws.com
Software: Apache/2.2.34 /
Resource Hash: 6c63cc5063ac82d8bbc925f9a31adf3a87f1510c021e0fde51854d60484b5019

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:55 GMT
cache-control: no-cache
server: Apache/2.2.34
content-length: 35
content-type: image/gif

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 39ms
37ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=3&hp=1&zMoatAdUnit1=uk-zdnet&zMoatAdUnit2=security&wf=1&vb=8&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBS_PREBID_HEADER1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=1801734898&tf=Id8O-DxRgoC-xFQTS-CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-YtJRcnFITyNasGPVCywBEAhKBRM3uwndnCs78ABRGBCPEpDfmAqnEVFZ&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=11&g=7&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=248&w=474&rm=1&fy=1&gp=1&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&id=1&ii=4&f=0&j=&t=1612453598920&de=698903687532&rx=699394027241&cu=1612453598920&m=16436&ar=a4c42fd81f5-clean&iw=953a59b&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=1&lb=4774&le=1&lf=196&lg=1&lh=27&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A342%3A342%3A0%3A346&as=1&ag=15069&an=10373&gi=1&gf=15069&gg=10373&ix=15069&ic=15069&ez=1&ck=1003&kw=901&aj=1&pg=100&pf=100&ib=0&cc=1&bw=15069&bx=10373&ci=1003&jz=901&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=14976&cd=10279&ah=14976&am=10279&rf=0&re=1&ft=5177&fv=5177&fw=574&wb=2&cl=0&at=0&d=25365849%3A465723849%3A4676441751%3A138290752599&bo=uk-zdnet&bd=security&gw=cbsprebidheader506831276743&zMoatAType=content_article&zMoatTest=zdnet&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=188103&na=1587003088&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 15:46:55 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 04 Feb 2021 15:46:55 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 35ms
34ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=3&hp=1&zMoatAdUnit1=uk-zdnet&zMoatAdUnit2=security&wf=1&vb=8&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBS_PREBID_HEADER1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=1801734898&tf=Id8O-DxRgoC-xFQTS-CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-YtJRcnFITyNasGPVCywBEAhKBRM3uwndnCs78ABRGBCPEpDfmAqnEVFZ&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=11&g=5&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=600&w=300&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&id=1&ii=4&f=0&j=&t=1612453598920&de=235522032531&rx=699394027241&cu=1612453598920&m=16845&ar=a4c42fd81f5-clean&iw=953a59b&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4774&le=1&lf=196&lg=1&lh=27&ch=0&vv=1&vw=1%3A0%3A0&vp=72&vx=72%3A-%3A-&pe=1%3A342%3A342%3A0%3A346&as=1&ag=15049&an=10349&gf=0&gg=0&ix=0&ic=0&ez=1&ck=1004&kw=1012&aj=1&pg=72&pf=72&ib=1&cc=1&bw=15049&bx=10349&ci=1004&jz=1012&dj=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=15054&cd=10356&ah=15054&am=10356&rf=0&re=1&ft=4885&fv=4885&fw=101&wb=1&cl=0&at=0&d=25365849%3A465723849%3A4676441751%3A138290752599&bo=uk-zdnet&bd=security&gw=cbsprebidheader506831276743&zMoatAType=content_article&zMoatTest=zdnet&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&tc=0&fs=188103&na=1559439289&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 15:46:55 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 04 Feb 2021 15:46:55 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 35ms
34ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=25&q=2&hp=1&wf=1&vb=8&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fwww.zdnet.com%2F%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F-&i=CBSDFPCW2&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=1801734898&tf=Id8O-DxRgoC-xFQTS-CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-YtJRcnFITyNasGPVCywBEAhKBRM3uwndnCs78ABRGBCPEpDfmAqnEVFZ&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=0&g=7&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=105&w=1600&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&id=1&ii=4&f=0&j=&t=1612453600067&de=922630261575&cu=1612453600067&m=15701&ar=a4c42fd81f5-clean&iw=0d5b00f&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4774&le=1&lf=0&lg=1&lh=300&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A342%3A342%3A1886%3A346&as=1&ag=15049&an=10146&gi=1&gf=15049&gg=10146&ix=15049&ic=15049&ez=1&ck=1174&kw=1273&aj=1&pg=100&pf=100&ib=0&cc=1&bw=15049&bx=10146&ci=1174&jz=1273&dj=1&aa=1&ad=14588&cn=9685&gn=1&gk=14588&gl=9685&ik=14588&co=1163&cp=1719&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=15143&cd=10243&ah=15143&am=10243&rf=0&re=1&ft=4923&fv=4923&fw=302&wb=2&cl=0&at=0&d=25477209%3A2730704593%3A5609845120%3A138338738264&bo=23605329&bp=23619609&bd=nav&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=5x5&zMoatPS=nav&zMoatSZPS=5x5%20%7C%20nav&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsdfp5832910442&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&zMoatW=5&zMoatH=5&zMoatVGUID=66471301-4b3f-419f-b5f3-8c1921e8da02&zMoatSN=a&zMoatSL=nav-ad%3FT-1000&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor&zMoatDev=Desktop&zMoatDfpSlotId=nav-ad&hv=CBS%20Attribute&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=nav-ad&iq=na&tt=na&tu=&tp=&tc=0&fs=188103&na=1668668258&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 15:46:55 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 04 Feb 2021 15:46:55 GMT

GET
H2 200 video.high.mp4
tr.clipcentric.com/s/B=244/F=1112453/R=1112443/C=117562/P=22/L=21/V=23/S=5tnKQa1G/Z=1/I=120.058626.1612453600511/U=www.zdnet.com/T=15845/M=i/D=d/PO=zdnet.com/LO=5609845120/VO=138338738264/E=vprogre... Frame 435B 35 B
136 B 121ms
120ms Image
image/gif 52.205.20.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.clipcentric.com/s/B=244/F=1112453/R=1112443/C=117562/P=22/L=21/V=23/S=5tnKQa1G/Z=1/I=120.058626.1612453600511/U=www.zdnet.com/T=15845/M=i/D=d/PO=zdnet.com/LO=5609845120/VO=138338738264/E=vprogress_10:video%20auto/!https://clipcentric-a.akamaihd.net/video/F=1112453/V=ad_800x450_w1220_ch0/T=1611763118/S=PW0ZeNho/video.high.mp4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.20.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-20-149.compute-1.amazonaws.com
Software: Apache/2.2.34 /
Resource Hash: 6c63cc5063ac82d8bbc925f9a31adf3a87f1510c021e0fde51854d60484b5019

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:46:56 GMT
cache-control: no-cache
server: Apache/2.2.34
content-length: 35
content-type: image/gif

GET
H2 200 eGONnBkh.webp
clipcentric-a.akamaihd.net/file/1112449/ad_q75/1611763101/ Frame 435B 32 KB
33 KB 30ms
29ms Image
image/webp 2.16.107.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clipcentric-a.akamaihd.net/file/1112449/ad_q75/1611763101/eGONnBkh.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.107.33 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-33.deploy.static.akamaitechnologies.com
Software: Apache/2.2.34 /
Resource Hash: 39c0ef0125cc45f652abda7c9efe2cdd68620ab9e9a16b2fba745eececc632f6

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 04 Feb 2021 15:46:56 GMT
cache-control: max-age=31536000
last-modified: Wed, 27 Jan 2021 16:04:40 GMT
server: Apache/2.2.34
content-length: 33242
content-type: image/webp

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 38ms
37ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=25&q=2&hp=1&zMoatAdUnit1=uk-zdnet&zMoatAdUnit2=security&wf=1&vb=8&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fb0e95de8a43c5af9d2065ccae6acb938.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-37%2Fhtml%2Fcontainer.html&i=CBS_PREBID_HEADER1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=1801734898&tf=Id8O-DxRgoC-xFQTS-CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-YtJRcnFITyNasGPVCywBEAhKBRM3uwndnCs78ABRGBCPEpDfmAqnEVFZ&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=11&g=3&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=970&rm=1&fy=315&gp=4154.390625&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&id=1&ii=4&f=0&j=&t=1612453598920&de=16301345252&rx=699394027241&cu=1612453598920&m=17452&ar=a4c42fd81f5-clean&iw=953a59b&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=4154.390625&lb=4774&le=1&lf=196&lg=1&lh=27&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A342%3A342%3A0%3A346&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&im=0&in=0&pd=0&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=15198&cd=10094&ah=15198&am=10094&rf=0&re=1&wb=1&cl=0&at=0&d=25365849%3A465723849%3A4676441751%3A138290752599&bo=uk-zdnet&bd=security&gw=cbsprebidheader506831276743&zMoatAType=content_article&zMoatTest=zdnet&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=188103&na=1902311570&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 15:46:56 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 04 Feb 2021 15:46:56 GMT

GET
H2 200 eGONnBkh.webp
clipcentric-a.akamaihd.net/file/1112449/ad_q75/1611763101/ Frame 435B 32 KB
33 KB 40ms
39ms Image
image/webp 2.16.107.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clipcentric-a.akamaihd.net/file/1112449/ad_q75/1611763101/eGONnBkh.webp
Requested by: Host: clipcentric-a.akamaihd.net
URL: https://clipcentric-a.akamaihd.net/ad/B=244/F=1112443/C=117562/P=22/L=21/V=23/S=r29vzW_e/ad.js?q=1611946198
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.107.33 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-33.deploy.static.akamaitechnologies.com
Software: Apache/2.2.34 /
Resource Hash: 39c0ef0125cc45f652abda7c9efe2cdd68620ab9e9a16b2fba745eececc632f6

Request headers

Referer: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 04 Feb 2021 15:46:56 GMT
cache-control: max-age=31536000
last-modified: Wed, 27 Jan 2021 16:04:40 GMT
server: Apache/2.2.34
content-length: 33242
content-type: image/webp

Verdicts & Comments Add Verdict or Comment

164 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.zdnet.com/	1970-01-19 15:54:15	Name: tglr_ref Value:
.www.zdnet.com/	1970-01-20 09:25:25	Name: cohsn_xs_id Value: c785ce1a-4f43-4f79-b290-5a526070ae3b
.www.zdnet.com/	1970-01-20 09:25:25	Name: tglr_sess_count Value: 1
.www.zdnet.com/	1970-01-19 15:54:15	Name: tglr_sess_id Value: 42952af4-db5d-4115-8881-aaf402dcd8b3
.zdnet.com/	1970-01-19 16:37:25	Name: zdnetSessionCount Value: 1
.zdnet.com/	1969-12-31 23:59:59	Name: zdnetSessionStarted Value: true
.www.zdnet.com/	1970-01-19 15:54:15	Name: tglr_req Value: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
.zdnet.com/	1970-01-19 16:37:25	Name: arrowImpCnt Value: 1
.cohesionapps.com/	1970-01-20 09:25:25	Name: cohsn_xs_id Value: c785ce1a-4f43-4f79-b290-5a526070ae3b
.www.zdnet.com/	1970-01-20 09:25:25	Name: tglr_anon_id Value: b130265b-a0be-4ad6-805b-0f8325c699c9
.zdnet.com/	1970-01-19 16:04:18	Name: RT Value: "z=1&dm=zdnet.com&si=528910a9-9184-4123-9b20-bfc34b1d9750&ss=kkr18mh5&sl=0&tt=0&bcn=%2F%2F685b391d.akstat.io%2F"
www.zdnet.com/	1970-01-20 00:39:49	Name: _mfuuid_ Value: 6265aeec-b224-4642-976e-ea226218dca7
.zdnet.com/	1969-12-31 23:59:59	Name: fly_preferred_edition Value: eu
www.zdnet.com/	1969-12-31 23:59:59	Name: viewGuid Value: 66471301-4b3f-419f-b5f3-8c1921e8da02
.spotify.com/	1970-01-19 17:20:37	Name: sp_t Value: f7bd514668e9830d780181b34937c740
.zdnet.com/	1970-01-20 00:39:49	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Thu+Feb+04+2021+16%3A46%3A38+GMT%2B0100+(Central+European+Standard+Time)&version=6.7.0&hosts=&consentId=9ba36292-17a6-4c49-805a-0ab8ebaa8470&interactionCount=0&landingPath=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor%2F&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0
.zdnet.com/	1969-12-31 23:59:59	Name: fly_default_edition Value: eu
.zdnet.com/	1970-01-19 16:04:18	Name: fly_geo Value: {"countryCode": "de"}
.www.zdnet.com/	1970-01-20 09:25:25	Name: tglr_tenant_id Value: src_1kYsAcdpfzbZ8UlNLYht1RPg3m2
www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor	1970-01-19 15:55:01	Name: pv Value: 1
.zdnet.com/	1970-01-19 16:04:18	Name: fly_device Value: desktop
.spotify.com/	1970-01-19 15:55:39	Name: sp_landing Value: https%3A%2F%2Fopen.spotify.com%2Fembed-podcast%2Fepisode%2F67MN69BePw5NMiBI3HIfLf
www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor	1969-12-31 23:59:59	Name: zdnet_ad Value: %7B%22type%22%3A%22gpt%22%2C%22region%22%3A%22uk%22%2C%22subses%22%3A%224%22%2C%22session%22%3A%22a%22%7D
.zdnet.com/	1970-01-19 16:37:25	Name: arrowImp Value: true

38 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/(Line 399) Message: Found registered service worker: [object ServiceWorkerRegistration]
console-api	info	URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/(Line 384) Message: Registration of service worker /service-worker.js successful with scope:https://www.zdnet.com/
console-api	log	URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/(Line 242) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: _injectQueryStringGCP functional
console-api	log	URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/(Line 242) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_chartbeat performance
console-api	log	URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/(Line 242) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_tealium functional
console-api	log	URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/(Line 94) Message: Loading iframes
console-api	log	URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/(Line 94) Message: Loading iframes
console-api	log	URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/(Line 242) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Service loaded: script_sourcepoint with class optanon-category-4
console-api	log	URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/(Line 242) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Service loaded: script_cohesion with class optanon-category-2
console-api	log	URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/(Line 242) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Service loaded: script_twitterwidgets with class optanon-category-5
console-api	log	URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/(Line 242) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Service loaded: script_twitterwidgets with class optanon-category-5
console-api	log	URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/(Line 242) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Service loaded: script_twitterwidgets with class optanon-category-5
console-api	log	URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/(Line 242) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_urban_airship targeting
console-api	log	URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/(Line 242) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_medusa_recommendation targeting
console-api	log	URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/(Line 242) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_medusa_recommendation targeting
console-api	log	URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/(Line 242) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_medusa_recommendation targeting
console-api	log	URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/(Line 242) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_medusa_recommendation targeting
console-api	log	URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/(Line 242) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_medusa_async_load targeting
console-api	log	URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/(Line 242) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_medusa_recommendation targeting
console-api	log	URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/(Line 242) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_medusa_recommendation targeting
console-api	log	(Line 21) Message: Skybox - ClipCentric ::: creative id = 138338738264, pos = nav
console-api	info	URL: https://cdn.ampproject.org/rtv/022010270040000/amp4ads-v0.mjs(Line 9) Message: Powered by AMP ⚡ HTML – Version 2010270040000 https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
console-api	log	(Line 57) Message: %c CBSi Skybox v2.3.015 background:#0080ff; color:#fff; border-radius:2px;
console-api	log	(Line 64) Message: [s] loaded
console-api	log	(Line 64) Message: [s] collapsed
console-api	info	URL: https://cdn.ampproject.org/rtv/022010270040000/amp4ads-v0.mjs(Line 9) Message: Powered by AMP ⚡ HTML – Version 2010270040000 https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
console-api	info	URL: https://cdn.ampproject.org/rtv/022010270040000/amp4ads-v0.mjs(Line 9) Message: Powered by AMP ⚡ HTML – Version 2010270040000 https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/
console-api	log	URL: https://www.zdnet.com/article/microsoft-defender-atp-is-detecting-yesterdays-chrome-update-as-a-backdoor/(Line 164) Message: Dynamic Showcase Center container ::: creative id = 138247024569
console-api	log	(Line 64) Message: [s] video auto listeners set
console-api	log	(Line 64) Message: [s] collapsed
console-api	log	(Line 64) Message: [s] video auto muted
console-api	log	(Line 64) Message: [s] video auto playing
console-api	log	(Line 64) Message: [s] video auto muted
console-api	log	URL: https://rev.cbsi.com/common/js/cbsi_ads_skyboxKit.js(Line 1) Message: %c CBSi Skybox Kit v4.29 background:#369; color:#fff; border-radius:2px;
console-api	log	(Line 86) Message: blank creative loaded: 138239375540 (372 x 142, pos=, slot=dynamic_showcase__0)
console-api	log	(Line 86) Message: blank creative loaded: 138239375180 (372 x 142, pos=, slot=dynamic_showcase__1)
console-api	log	(Line 64) Message: [s] video auto paused
console-api	log	(Line 64) Message: [s] video auto ended

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' .zdnet.com .ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

364bf52c.akstat.io
685b391d.akstat.io
a.myfidevs.io
a6ad4cd7075bd7b9cf8d04ff410873ae.safeframe.googlesyndication.com
ad.clipcentric.com
ad.doubleclick.net
adservice.google.ch
adservice.google.com
adservice.google.de
at.cbsi.com
b0e95de8a43c5af9d2065ccae6acb938.safeframe.googlesyndication.com
bam-cell.nr-data.net
c.go-mpulse.net
cbsdfp5832910442.s.moatpixel.com
cdn.ampproject.org
cdn.cohesionapps.com
cdn.cookielaw.org
clipcentric-a.akamaihd.net
cmg1.cbsistatic.com
confiant-integrations.global.ssl.fastly.net
fonts.googleapis.com
fonts.gstatic.com
geo.moatads.com
geolocation.onetrust.com
googleads.g.doubleclick.net
js-agent.newrelic.com
m.exactag.com
make.cohesionapps.com
mb.moatads.com
open.spotify.com
pagead2.googlesyndication.com
platform.twitter.com
px.moatads.com
rev.cbsi.com
securepubads.g.doubleclick.net
static.myfinance.com
tpc.googlesyndication.com
tr.clipcentric.com
urs.zdnet.com
vidtech.cbsinteractive.com
www.google.com
www.googletagservices.com
www.myfinance.com
www.summerhamster.com
www.zdnet.com
z.moatads.com
zdnet1.cbsistatic.com
zdnet2.cbsistatic.com
zdnet3.cbsistatic.com
zdnet4.cbsistatic.com
104.108.145.172
142.250.185.198
143.204.93.117
151.101.1.188
151.101.113.194
151.101.14.110
162.247.243.146
172.217.23.98
18.194.108.62
2.16.107.33
23.210.250.213
2600:1901:1:c36::
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6814:b844
2606:4700:20::681a:eb9
2606:4700::6810:9540
2a00:1450:4001:803::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2003
2a00:1450:4001:812::2001
2a00:1450:4001:821::2001
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2004
2a02:26f0:6c00:192::11a6
2a02:26f0:6c00:2a3::11a6
2a04:4e42:1b::444
2a04:4e42:1b::645
2a04:4e42:1c::444
2a04:4e42:3::444
3.221.156.227
34.102.213.242
34.224.144.97
52.205.20.149
52.212.194.196
52.215.254.97
65.9.58.19
85.14.248.72
018877305ed322a9c2623d5f3f828c2755c86234c072bfa5dc633e6db56ec16d
0206ddc3620d13f5adb314f39bd454e0170bb0add44969dd816d7ec8467da6aa
03bf53604be4a80d4862e30b8a3810c71e551cc202b758b2258d21c1e9dfdd7b
04446c6509e4513c239c7803cf8a8c3727e8cef843c8537e48d5e05e1fa723cd
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
06b10167b8d0ac41c1b681a2cce2977f08c4bb49f3261d7ff2fce60b0e59f7c0
0844bd3c4baeabefa82df5e7dab5789c384a63f93799d25d325923c87941b79b
088a2bd1eceaf52ee1148e164370cbf7adabb0fd9fbbf6d7400ae6024b5de52e
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0ee9821943a5f04f63aa05a0c19b4ca11456e9c085daef754f16c8ab4575bdc3
13c0cadb41cea4ab39c414a2b0e631c264c1bbccd59ba234911fab60898a064c
1724d7fd70903754d6f29172f2ac879dc6dab79df6c4c78ed06f45c0f117e15c
1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f
1c0ccb11374e2374cb7a52c792ffe07d9203d28d4ad97623bcf27bc58d2513f9
1df152c5f79010dd701eceeabbf5fae49f8b375b625f2a5d7f8a8fbe11b92f2b
1e65fb95a84e15fdec4a1a5d44f126eed8150ef9e64d4369281699d5a79742bf
2027d157b4d000e990c70568b172a37286343036208cb304f43dc784dc5c87f1
208dfab1fdcf1f4e57f80d6fd873265f0ff90c42c36cb25e38dff42695e383a4
2190c16423c2557bcb20ccba2edc176fbeb16e6a3de2b2af297f650aae85a43e
21c9c7889404394d4e4c780022b56b5fa39e83b19c34eb0508561a115a1dcc6a
2b1068aa007abf0e405b0840844c67718204a0073dc392337d78427a0dba6854
2b418a10ba4680c77fa07fb0e736eec6306cba0dbbbc8deac94a25e679178e15
2b526196d510bc11f40effba13f1b9e1792120b1f40b453695e8d7dcc05cf38d
2bf78db102c9d6e84c8e86cd2bd6134383688ae866a991028728b62f482358ab
2ebfb85493384515f05a653fb626cb7d64cb0d810d63a3d7d11b5f0f1b783a78
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3778af4b6ae34d64fe1cbb2e410ed8b50ec70f92858441da55eb52fa13d39ed2
39c0ef0125cc45f652abda7c9efe2cdd68620ab9e9a16b2fba745eececc632f6
3c1428802610e9679ebb24ef784ea4e54ac3e542536b5ef80b43fbd5f30e5c4d
41546115179501d1b52563177d4927809e384c24a83b263d3c1cc5146e307cbd
431817fa21d4c16dc23ff06237191f5c72b9f960d6f3231f7898be40c34cdd2b
453c962002dc745e53f6b3b7542a3a4cb6e7b1783c19b380b2761ba1b661fc4e
477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb
4814dcfae9edca14230204d0f1bf984f9c35b2abeb1a00acb01a53161b64c424
4935a7d49d45be5d5682d364c17ffb3a02548dc4f8a51082e250153ef0c29702
4a0d0532f2e2c10a53a59d2fdb7f2b262ecbbb01c80e7b0f7056ef468d744d43
4c04a9f2fe75dd7aeff2eeff4a51e6fa91fe1d7c4d940c93c122a966a47d45e0
5069ab81fc8e416dd3a6acac9c05c95d03c837915753ad4055d7af93f09508b4
5238fe7c15c024cb03d094be9c0966d390b46236265e80d9f7b333c3812cac89
586176dad3c2dae383086f7f1502b9218f8299c38d4932790ccbd8b6c7308b4d
5baed5248c9dec0518095be43727171579492c181b3ef3c75a707884cef037b2
5c32e7709e9594c76e5b8c8d689b696f88237d60df0b1f6dd0b28d361469332c
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
69721aa2f1085046c84d1943a1daa0515be8e2f060c21063024ea117789e425c
6c63cc5063ac82d8bbc925f9a31adf3a87f1510c021e0fde51854d60484b5019
6de238f4ea5c7f7dea04436d539888ee4e409695e17c4a9c01e989aa8d317178
700d1d900f10d454a72ce90127520d4ecbbc35725e63b2b2fe9a46e9c9d3fc02
7cd54b3c177c3f63dd51c2dae4ef7ca4e3cd938c1afb60e4b4e9d78df952ac75
7fa1c7b1686f9f116183456c39f7b3ed9cce063cfb428e575fe4a29ae05c4fa6
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
88ea399bbde5869c452dff0a89d2f51fc07e552a881efec91030511665a6011e
8e56c57c09842e23fd61b419b00b3c7559901d95fd2607421ca5d70efe3d3be4
8e6f902afdd5e071b55aa9969c6a2df552f70aaddd1d32b4bce89c1646b75e1c
92a519c70a34f291536ea3f62ec780de77273cd975a294a388f5cef1c733908f
94399e6f28b32bc7f9b2da5fba5f6d0f6ecc13e506629d94d03f7fec169998c3
95783bf43b78701a92daf5ec7268db97c7144599c774821126b8cc5396724bfa
99bf85fb6eb7ed4e84949e0e430c8815c1852a3c04f7d27690ff4988d0fd75c7
99fe3ea13acb42f42666effc07ae01873bbb31ced10ef6303eb552405f42f957
9b52a72e3b91442b19a1767129ae457927a3cc0a3bc5809b60594a48e3e9a705
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
9c9684fffc904b34596432583ffbfedc05e74cccbb87a59a8e6ca01f4dff9b4c
9ce8d3bfed7339952b7f3a4143df2e3867ab6ea6555d95d3bd44087d4f672bd1
9cee759387f3f1d640b597ec5650ee5fd065b3bda07ebca0ed51cb4eaf974861
9cfc271df3fde61f0a0b1f78b6d4993c7144adbfba1955872bf899f91736f4b1
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0a97a5a7dc2b30e9a76ff211332f36d435293c19ed91ca1ad6a66adc1dc50cd
a0aa48808ddef7604ba969db62e4af3a2ba001b7a8751823cf0ab2d430308ea5
a125d5a77993fdf771ae3f64a02a2aca87c6962a6f204d5b24267de6b01dda52
a3f4d1a63466241f801a814a97f1b171bbf05baa39a9bcb585f2c076a0367179
a70d5b9ad136255942779acf94da5cc72316fde5c10c5e7707d6f1888f43dcb8
a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1
aea43db32581f639bde8e00ddc5e9309004edd9daafb4c4208f9a7d2ddb76978
af88e0529d489ba014b7ad8db58a7ab39bfb9001185430db33870d797857d4f3
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42
b8e8fe9b8ca280dc3c982691064e62ba97c8f2c192a17dfe74430c7cf73cb4de
bc53320602e91f327e677f42e96103a6145826e2120c889f0729a5184374843c
c155d29cdcd72b7e415c32860d5312fb8cd8f7aecfcaac718f0220e314ab4262
c269c820bb1f57a535cbc2b61ddbd902ef33364e5fd1f827ecaccbd1831c1d42
c2f440d8ade1967f7325784906c8c64ac56ddd882e7aadb10a04f59cd13dbc8e
c7736f6538aca3fcafdd33667cdcbb4baaf13cb9217f11c95fd00f01d788c6f4
c8c0acb9b1a7f9c6dbb7d98266ea53b17f1dd80f1b1498d50f75d47b43192ca2
c96621a9ccf4e2701f8c5fc08efb43224bd59a328f0c71b4b0c524aa338cf440
cd715c0fa7d69e85432e8b08d0a02b9613edf40212cca2040bde31670167638e
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
ceffb891c3e1891757ead2e7e41497adc13abca0d14d7f58d20e3aa8d5aee108
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfc159323e621d28f9e1f456ba313f330d7a7b903da37d682dae3d94b5593e00
d0bd00ec1953b2f01c0b7e07fb33f6f0b8157369ee9c637f9bc3f4d8953cc50b
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
d2fe67ecc4354b214728e0a7d75b67536a78f6b575080b589d54a1937fc46b41
d49d2e000b8fc7a4513e24a4a232656d759bf23f515e7c312d041536485834d8
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
dd4b42f7c8ddeeedbc0e556a5da8b647fd08c56a2ac3540b1e5a6d9342ba5c4f
dfd272053c730cd470302af475eb401d9be41c81f0081c20d7910f6c12732c9d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4cf453b4d6bafa795f33029be877e735ab706423d35c38c2dc29dfe3c6677d3
e5b288e6d90390e85409dadecbb56ec645fd8b4998346db23550f1288a5f3e85
e9cac3eeba1fc86e06fdc013a4c52742e9b4bd14b7be6517321127d4515095ce
ea7373d7059ab32d4304249b48a91311f91d2dce5e1ebf10450f33f9a8c5f5ec
ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d
ecbe7aac72ac63357cf4d4170b12390d893b1eccd1fe786dc64086df6a55a337
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1762ce2250a6a35a6fd892b054eec13df91cf939dca3e40ade35ae57d90b215
f1e3d87e5966b1193f8e51bec035a9de6de1c02243deb8f2b9bd280a67715112
f3e2e0f12c5badfe408d69bf6c0fa9ce6247f9a45c849851a53b8647637cfcd0
f994c73e277a27cd234c2e1f00fd992f1626a276c0779671edd5657c1b30adf7
fa533eb34a8900f6013bf6f0095c696ea16758fe6fbf7442694de0f8ebb2f536
fb7a86f12d2f0ac2f4111c147415ab30f9c7d84c5e15faba3875fce7ce590127
ff2ae991ac0efdb5ae8b4428ba8555a0aeb0fd94b8014ce290c484242c524097
ff55539431535d7f1d391b6bc0fecc41ea36aa7557097a63dc1f572f1bef7625

www.zdnet.com Open in urlscan Pro 2a04:4e42:1b::444 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

277 Requests

100 %HTTPS

50 %IPv6

31 Domains

50 Subdomains

39 IPs

5 Countries

4450 kBTransfer

10606 kBSize

24 Cookies

22 Outgoing links

Redirected requests

277 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 13 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.zdnet.com Open in urlscan Pro
2a04:4e42:1b::444 Public Scan

Screenshot
Live screenshot

Full Image

277
Requests

100 %
HTTPS

50 %
IPv6

31
Domains

50
Subdomains

39
IPs

5
Countries

4450 kB
Transfer

10606 kB
Size

24
Cookies

277 HTTP transactions
13 data transactions