www.zdnet.com Open in urlscan Pro
2a04:4e42:4c::666 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.co/d9CJB4DUN3
Effective URL:
https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8...
Submission: On November 22 via api (November 22nd 2021, 4:04:23 pm UTC) from US — Scanned from DE

Summary HTTP 215 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 34 IPs in 4 countries across 25 domains to perform 215 HTTP transactions. The main IP is 2a04:4e42:4c::666, located in United States and belongs to FASTLY, US. The main domain is www.zdnet.com.
TLS certificate: Issued by R3 on October 26th 2021. Valid for: 3 months.

This is the only time www.zdnet.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
39	2a04:4e42:4c:... 2a04:4e42:4c::666	54113 (FASTLY) (FASTLY)
5	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a02:26f0:6c0... 2a02:26f0:6c00:1bb::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
1	2606:4700:10:... 2606:4700:10::6814:b844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	162.247.243.146 162.247.243.146	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	151.101.194.154 151.101.194.154	54113 (FASTLY) (FASTLY)
1	34.120.203.121 34.120.203.121	15169 (GOOGLE) (GOOGLE)
2	151.101.65.194 151.101.65.194	54113 (FASTLY) (FASTLY)
14	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
42	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
3	143.204.98.124 143.204.98.124	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:303... 2606:4700:3030::ac43:b431	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1	18.171.9.184 18.171.9.184	16509 (AMAZON-02) (AMAZON-02)
4	34.246.74.180 34.246.74.180	16509 (AMAZON-02) (AMAZON-02)
22	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2b9::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	34.199.156.235 34.199.156.235	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:4700:303... 2606:4700:3037::6815:2b8a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	184.72.183.173 184.72.183.173	14618 (AMAZON-AES) (AMAZON-AES)
2	52.7.5.26 52.7.5.26	14618 (AMAZON-AES) (AMAZON-AES)
4 7	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1 2	216.58.212.166 216.58.212.166	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
4	18.194.83.218 18.194.83.218	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
215	34

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2a04:4e42:4c::666 (United States)

ASN54113 (FASTLY, US)

www.zdnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media-mtml.mt.rvapps.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:6c00:1bb::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.243.146 (United States)

ASN13335 (CLOUDFLARENET, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.194.154 (United States)

ASN54113 (FASTLY, US)

at.adtech.redventures.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.203.121 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 121.203.120.34.bc.googleusercontent.com

urs.zdnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.194 (United States)

ASN54113 (FASTLY, US)

confiant-integrations.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
redventuresgamheader644747280705.s.moatpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
redventuresgamdisplay60805146916.s.moatpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.98.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-124.fra50.r.cloudfront.net

cdn.cohesionapps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3030::ac43:b431 (United States)

ASN13335 (CLOUDFLARENET, US)

static.myfinance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.171.9.184 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-171-9-184.eu-west-2.compute.amazonaws.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.246.74.180 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-74-180.eu-west-1.compute.amazonaws.com

geo.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2b9::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

684dd32d.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.199.156.235 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-156-235.compute-1.amazonaws.com

a.myfidevs.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::6815:2b8a (United States)

ASN13335 (CLOUDFLARENET, US)

www.myfinance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 184.72.183.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-72-183-173.compute-1.amazonaws.com

ingest.make.rvapps.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.7.5.26 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-5-26.compute-1.amazonaws.com

taggy.cohesionapps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.166 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.194.83.218 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-83-218.eu-central-1.compute.amazonaws.com

protected-by.clarium.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	googlesyndication.com pagead2.googlesyndication.com 85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com tpc.googlesyndication.com	1 MB
30	rvapps.io media-mtml.mt.rvapps.io ingest.make.rvapps.io	13 MB
28	moatads.com z.moatads.com mb.moatads.com geo.moatads.com px.moatads.com	201 KB
22	zdnet.com www.zdnet.com urs.zdnet.com	379 KB
21	doubleclick.net 1 redirects securepubads.g.doubleclick.net ad.doubleclick.net googleads.g.doubleclick.net	205 KB
19	moatpixel.com redventuresgamheader644747280705.s.moatpixel.com redventuresgamdisplay60805146916.s.moatpixel.com	5 KB
15	ampproject.org cdn.ampproject.org	306 KB
8	google.com 4 redirects adservice.google.com www.google.com	2 KB
5	cohesionapps.com cdn.cohesionapps.com taggy.cohesionapps.com	32 KB
5	cookielaw.org cdn.cookielaw.org	116 KB
4	gstatic.com fonts.gstatic.com	62 KB
4	clarium.io protected-by.clarium.io	1 KB
4	myfinance.com static.myfinance.com www.myfinance.com	66 KB
3	googleapis.com fonts.googleapis.com	2 KB
3	redventures.io at.adtech.redventures.io	179 KB
3	go-mpulse.net c.go-mpulse.net	52 KB
2	googletagservices.com www.googletagservices.com	73 KB
2	myfidevs.io a.myfidevs.io	166 B
2	fastly.net confiant-integrations.global.ssl.fastly.net	92 KB
2	nr-data.net bam-cell.nr-data.net	1 KB
1	akstat.io 684dd32d.akstat.io	354 B
1	google.de adservice.google.de	792 B
1	onetrust.com geolocation.onetrust.com	373 B
1	newrelic.com js-agent.newrelic.com	17 KB
1	t.co t.co	773 B
215	25

	Domain	Requested by
22	tpc.googlesyndication.com	www.zdnet.com 85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com confiant-integrations.global.ssl.fastly.net cdn.ampproject.org
21	px.moatads.com	85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com
21	www.zdnet.com	t.co www.zdnet.com
18	media-mtml.mt.rvapps.io	www.zdnet.com
16	redventuresgamheader644747280705.s.moatpixel.com
15	cdn.ampproject.org	confiant-integrations.global.ssl.fastly.net
14	securepubads.g.doubleclick.net	www.zdnet.com 85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com www.googletagservices.com t.co
12	ingest.make.rvapps.io	www.zdnet.com
7	www.google.com	4 redirects www.zdnet.com
6	pagead2.googlesyndication.com	www.zdnet.com tpc.googlesyndication.com
5	googleads.g.doubleclick.net	www.zdnet.com 85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com
5	cdn.cookielaw.org	www.zdnet.com
4	fonts.gstatic.com	fonts.googleapis.com
4	protected-by.clarium.io	85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com
4	geo.moatads.com	z.moatads.com
3	redventuresgamdisplay60805146916.s.moatpixel.com
3	fonts.googleapis.com	85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com confiant-integrations.global.ssl.fastly.net
3	85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com	www.zdnet.com
3	cdn.cohesionapps.com	www.zdnet.com cdn.cohesionapps.com
3	at.adtech.redventures.io	www.zdnet.com
3	c.go-mpulse.net	www.zdnet.com c.go-mpulse.net
2	www.googletagservices.com	85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com
2	ad.doubleclick.net	1 redirects 85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com
2	taggy.cohesionapps.com	www.zdnet.com
2	www.myfinance.com	www.zdnet.com
2	a.myfidevs.io	www.zdnet.com
2	static.myfinance.com	www.zdnet.com
2	z.moatads.com	www.zdnet.com 85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com
2	confiant-integrations.global.ssl.fastly.net	www.zdnet.com
2	bam-cell.nr-data.net	www.zdnet.com
1	684dd32d.akstat.io	www.zdnet.com c.go-mpulse.net
1	mb.moatads.com	z.moatads.com
1	adservice.google.com	www.zdnet.com
1	adservice.google.de	www.zdnet.com
1	urs.zdnet.com	www.zdnet.com
1	geolocation.onetrust.com	www.zdnet.com
1	js-agent.newrelic.com	www.zdnet.com
1	t.co
215	38

This site contains links to these domains. Also see Links.

Domain
downloads.zdnet.com
www.zdnet.fr
www.zdnet.de
www.zdnet.co.kr
japan.zdnet.com
www.cleafy.com
redventures.com
www.facebook.com
twitter.com
www.linkedin.com
www.youtube.com
narratives.zdnet.com
privacyportal.onetrust.com
support.zdnet.com
academy.zdnet.com

Subject Issuer	Validity	Valid
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.zdnet.com R3	`2021-10-26` - `2022-01-24`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
akstat.io DigiCert SHA2 Secure Server CA	`2021-06-08` - `2022-06-13`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2021-02-12` - `2022-02-11`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
at.adtech.redventures.io R3	`2021-10-05` - `2022-01-03`	3 months	crt.sh
*.freetls.fastly.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-27` - `2022-05-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.mt.rvapps.io R3	`2021-11-14` - `2022-02-12`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
cdn.cohesionapps.com Amazon	`2021-01-17` - `2022-02-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-18` - `2022-06-17`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-25` - `2022-06-25`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.myfidevs.io Amazon	`2021-01-06` - `2022-02-04`	a year	crt.sh
ingest.make.rvapps.io Amazon	`2021-09-26` - `2022-10-24`	a year	crt.sh
*.taggy.cohesionapps.com Amazon	`2021-02-27` - `2022-03-28`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
protected-by.clarium.io Gandi Standard SSL CA 2	`2020-04-03` - `2022-04-26`	2 years	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
Frame ID: E07453739EC16F6D148F780FEEA542F6
Requests: 127 HTTP requests in this frame

Frame: https://c.go-mpulse.net/boomerang/YZ2TK-PC7PJ-K64DL-L53CR-P2G4E
Frame ID: B4AE8B5AC6E751515F7A51F2E7B65DDF
Requests: 2 HTTP requests in this frame

Frame: https://85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F68D52441D50502F9C44B3B0CD27FDBE
Requests: 1 HTTP requests in this frame

Frame: https://cdn.cohesionapps.com/cohesion/xs2.html
Frame ID: B117920B7E50BEF0AAA1E0443EE945D1
Requests: 2 HTTP requests in this frame

Frame: https://85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 6A4E8FE3D076732AD70C3F870C2AF1F9
Requests: 20 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: AC8B9644D738A5C4E480F7A3AD01C82F
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B379CCE74B753CA3708DFFEB5C702855
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Frame ID: 20B22E91E9F26121FFFD8662E3913EE6
Requests: 16 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Frame ID: 00AB0571D8E6C7D002E8B5A5425D92F7
Requests: 12 HTTP requests in this frame

Frame: https://85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2B49EC791E38715A23E42CB31C1BB8FF
Requests: 10 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Frame ID: D71088593D486712BBF4CE3FDC7A9E52
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 67B36DB679118E4E038467DDB0449805
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

New banking Trojan SharkBot makes waves across Europe, US | ZDNet

Page URL History Show full URLs

https://t.co/d9CJB4DUN3 Page URL
https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-1... Page URL

Page Statistics

215
Requests

97 %
HTTPS

52 %
IPv6

25
Domains

38
Subdomains

34
IPs

4
Countries

15966 kB
Transfer

19975 kB
Size

31
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://downloads.zdnet.com/
Title: Downloads

Search URL Search Domain Scan URL

URL: http://www.zdnet.fr/
Title: ZDNet France

Search URL Search Domain Scan URL

URL: http://www.zdnet.de/
Title: ZDNet Germany

Search URL Search Domain Scan URL

URL: http://www.zdnet.co.kr/
Title: ZDNet Korea

Search URL Search Domain Scan URL

URL: http://japan.zdnet.com/
Title: ZDNet Japan

Search URL Search Domain Scan URL

URL: https://www.cleafy.com/cleafy-labs/sharkbot-a-new-generation-of-android-trojan-is-targeting-banks-in-europe
Title: dubbed SharkBot

Search URL Search Domain Scan URL

URL: https://redventures.com/CMG-terms-of-use.html
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://redventures.com/privacy-policy.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ZDNet/

Search URL Search Domain Scan URL

URL: https://twitter.com/zdnet

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/zdnet-com

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCr9QWb5RKLfaunjKHJZAdQQ

Search URL Search Domain Scan URL

URL: http://narratives.zdnet.com/
Title: Sponsored Narratives

Search URL Search Domain Scan URL

URL: https://privacyportal.onetrust.com/webform/79ba7c84-ebc2-4740-8d11-bf1cc4501e59/ae88e03f-2b16-4276-9980-27124ba4b2c1
Title: Do Not Sell My Information

Search URL Search Domain Scan URL

URL: https://support.zdnet.com/
Title: Site Assistance

Search URL Search Domain Scan URL

URL: https://academy.zdnet.com/
Title: ZDNet Academy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.co/d9CJB4DUN3 Page URL
https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 99

https://ad.doubleclick.net/ddm/trackimp/N1153793.3518201CBSINTERACTIVEUK/B26699368.318388975;dc_trk_aid=510968212;dc_trk_cid=160531770;ord=1943016608;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N1153793.3518201CBSINTERACTIVEUK/B26699368.318388975;dc_pre=COCb07asrPQCFSLmuwgdtN0Pzw;dc_trk_aid=510968212;dc_trk_cid=160531770;ord=1943016608;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=

Request Chain 160

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 167

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 176

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 197

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

215 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 d9CJB4DUN3
t.co/ 846 B
773 B 139ms
124ms Document
text/html 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://t.co/d9CJB4DUN3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 22 Nov 2021 16:04:13 GMT
vary: Origin
server: tsa_o
expires: Mon, 22 Nov 2021 16:09:14 GMT
content-type: text/html; charset=utf-8
cache-control: private,max-age=300
content-length: 336
content-encoding: gzip
x-xss-protection: 0
strict-transport-security: max-age=0
x-response-time: 117
x-connection-hash: a07c044c709d685d9d66011c5bd938c636642a5e2f52b5f6fa3a0ff8b7f0087c

GET
H2 200 Primary Request / Show response
www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/ 237 KB
92 KB 721ms
690ms Document
text/html 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter

Requested by

Host: t.co
URL: https://t.co/d9CJB4DUN3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f688aad8d8953c9586424c1fc0681431beccff71385ae17c4b701df836d29fc1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .zdnet.com .ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://t.co/

Response headers

content-encoding: gzip
content-security-policy: frame-ancestors 'self' *.zdnet.com *.ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
content-type: text/html; charset=UTF-8
expect-ct: max-age=0, report-uri="https://7a8f8748a40805618a61b617481a6ebc.report-uri.com/r/d/ct/reportOnly"
link: <https://www.zdnet.com/a/fly/css/core/main-c3419f1987-rev.css>; rel="preload"; as="style"; nopush
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-tx-id: 6b1295fe-833e-4ce2-b203-f45413e74478
x-xss-protection: 1; mode=block
date: Mon, 22 Nov 2021 16:04:15 GMT
via: 1.1 varnish
cache-control: max-age=5400, private
expires: Mon, 22 Nov 2021 17:34:15 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
content-length: 93314

GET
H2 200 main-c3419f1987-rev.css
www.zdnet.com/a/fly/css/core/ 318 KB
54 KB 7ms
6ms Stylesheet
text/css 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/a/fly/css/core/main-c3419f1987-rev.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

3c2c275622093f9012768ff2e30be9dafee750f18b0938feacb193559db34ebd

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 16:04:15 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept
content-length: 54512
x-xss-protection: 1; mode=block
last-modified: Mon, 22 Nov 2021 10:11:19 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "9769ec9773ddd742e165f11471192906"
strict-transport-security: max-age=31536000
content-type: text/css
via: 1.1 varnish
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Nov 2021 10:12:58 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 19 KB
7 KB 37ms
20ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b19d7b02efa2e63180e064f2801718bccb6fd3c2c307ee41110e21e2e4ad390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 22 Nov 2021 16:04:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Lh0CEVPkmGuwf4KyqdKdhw==
age: 8118
vary: Accept-Encoding
content-length: 6403
x-ms-lease-status: unlocked
last-modified: Fri, 19 Nov 2021 15:53:32 GMT
server: cloudflare
etag: 0x8D9AB74BCB270F7
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 75937fac-201e-00a4-456d-dde202000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6b23647bff254e68-FRA

GET
H2 200 optanon-v1.1.0.js Show response
www.zdnet.com/a/privacy/optanon/ 36 KB
10 KB 7ms
6ms Script
application/javascript 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/a/privacy/optanon/optanon-v1.1.0.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

a0a97a5a7dc2b30e9a76ff211332f36d435293c19ed91ca1ad6a66adc1dc50cd

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 16:04:15 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept
content-length: 10444
x-xss-protection: 1; mode=block
last-modified: Thu, 04 Mar 2021 19:22:21 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "46e2aa30cbebb708b5fc468d57d56d8b"
strict-transport-security: max-age=31536000
content-language: en
via: 1.1 varnish
cache-control: public, max-age=86400
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 18 Nov 2021 07:05:01 GMT

GET
H2 200 controls-776b8acae1-rev.css
www.zdnet.com/a/fly/css/video/htmlPlayerControls/ 25 KB
4 KB 6ms
6ms Stylesheet
text/css 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/a/fly/css/video/htmlPlayerControls/controls-776b8acae1-rev.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

fa3c2e6e0681eb8d99c0bc06918e317abac8bd4d184290d05d21cf94a490f023

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 16:04:15 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept
content-length: 4312
x-xss-protection: 1; mode=block
last-modified: Mon, 22 Nov 2021 10:11:20 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "6b3cd412d6f22e97e56b3ff8d8a63f9e"
strict-transport-security: max-age=31536000
content-type: text/css
via: 1.1 varnish
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Nov 2021 10:12:58 GMT

GET
H/1.1 200
OK YZ2TK-PC7PJ-K64DL-L53CR-P2G4E Show response
c.go-mpulse.net/boomerang/ Frame B4AE 205 KB
50 KB 41ms
13ms Script
application/javascript 2a02:26f0:6c00:1bb::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/boomerang/YZ2TK-PC7PJ-K64DL-L53CR-P2G4E
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:1bb::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Resource Optimizer /
Resource Hash: 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 16:04:15 GMT
Content-Encoding: br
Last-Modified: Thu, 14 Oct 2021 03:09:47 GMT
Server: Akamai Resource Optimizer
Vary: Accept-Encoding
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800, s-maxage=604800
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 50393

GET
DATA 200
OK truncated
/ 31 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f3e2e0f12c5badfe408d69bf6c0fa9ce6247f9a45c849851a53b8647637cfcd0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfd272053c730cd470302af475eb401d9be41c81f0081c20d7910f6c12732c9d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95783bf43b78701a92daf5ec7268db97c7144599c774821126b8cc5396724bfa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 charlie-osborne.jpg
www.zdnet.com/a/img/resize/27f2f9869492e9ec2e683b630dbe4c94d7c8b98c/2014/07/22/36b8334d-1175-11e4-9732-00505685119a/ 712 B
988 B 8ms
8ms Image
image/webp 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdnet.com/a/img/resize/27f2f9869492e9ec2e683b630dbe4c94d7c8b98c/2014/07/22/36b8334d-1175-11e4-9732-00505685119a/charlie-osborne.jpg?width=40&height=40&fit=crop&auto=webp

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

6edbe2f6d2afbae11a835d9caac9e1b4f558ca7e0c2e14bffcc504e90c5e55dc

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 16:04:15 GMT
via: 1.1 varnish
fastly-io-info: ifsz=11429 idim=350x250 ifmt=jpeg ofsz=712 odim=40x40 ofmt=webp
x-goog-meta-x-goog-reserved-source-generation: 1588631330699120
fastly-stats: io=1
content-length: 712
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "aJHT6WJVbrTAFZXqDqRHlQqSYKIQZUb15eLJhqiDWC0"
vary: Accept-Encoding, Accept
strict-transport-security: max-age=31536000
content-language: en
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
content-type: image/webp
expires: Tue, 16 Nov 2021 09:07:39 GMT

GET
H2 200 require-2.1.2.js Show response
www.zdnet.com/a/fly/js/libs/ 16 KB
6 KB 7ms
6ms Script
application/javascript 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/a/fly/js/libs/require-2.1.2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

a70d5b9ad136255942779acf94da5cc72316fde5c10c5e7707d6f1888f43dcb8

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 16:04:15 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept
content-length: 6169
x-xss-protection: 1; mode=block
last-modified: Fri, 12 Nov 2021 15:35:24 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "d26a03e3dde83df4c1ead820882fb0f4"
strict-transport-security: max-age=31536000
content-type: application/javascript
via: 1.1 varnish
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Nov 2021 18:20:57 GMT

GET
H2 200 mag-white01.png
www.zdnet.com/a/fly/1637575705-asset/bundles/zdnetcss/images/core/ 1 KB
1 KB 6ms
6ms Image
image/png 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdnet.com/a/fly/1637575705-asset/bundles/zdnetcss/images/core/mag-white01.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/a/fly/css/core/main-c3419f1987-rev.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

69721aa2f1085046c84d1943a1daa0515be8e2f060c21063024ea117789e425c

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/a/fly/css/core/main-c3419f1987-rev.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 16:04:15 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept
content-length: 943
x-xss-protection: 1; mode=block
last-modified: Thu, 18 Nov 2021 20:04:42 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "2b3d6fa78213b58d79b72d8fb387d4b2"
strict-transport-security: max-age=31536000
content-type: image/png
via: 1.1 varnish
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Nov 2021 09:31:34 GMT

GET
H2 200 logo.png
www.zdnet.com/a/fly/1637575705-asset/bundles/zdnetcss/images/core/ 4 KB
4 KB 6ms
6ms Image
image/png 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdnet.com/a/fly/1637575705-asset/bundles/zdnetcss/images/core/logo.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/a/fly/css/core/main-c3419f1987-rev.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

ff2ae991ac0efdb5ae8b4428ba8555a0aeb0fd94b8014ce290c484242c524097

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/a/fly/css/core/main-c3419f1987-rev.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 16:04:15 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept
content-length: 4140
x-xss-protection: 1; mode=block
last-modified: Thu, 18 Nov 2021 20:04:42 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "6a582a0d8cb133a611ac4908a72c795f"
strict-transport-security: max-age=31536000
content-type: image/png
via: 1.1 varnish
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Nov 2021 09:31:34 GMT

GET
H2 200 Regular.woff2
www.zdnet.com/a/fly/bundles/zdnetcss/fonts/Proxima%20Nova/ 20 KB
20 KB 7ms
7ms Font
font/woff2 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/a/fly/bundles/zdnetcss/fonts/Proxima%20Nova/Regular.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

7fa1c7b1686f9f116183456c39f7b3ed9cce063cfb428e575fe4a29ae05c4fa6

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
Origin: https://www.zdnet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 16:04:15 GMT
via: 1.1 varnish
vary: Accept-Encoding, Accept
content-length: 20256
x-xss-protection: 1; mode=block
last-modified: Fri, 12 Nov 2021 15:35:30 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "2d636d9395b2da27ce67040250333ca4"
strict-transport-security: max-age=31536000
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Nov 2022 18:20:56 GMT

GET
H2 200 Semibold.woff2
www.zdnet.com/a/fly/bundles/zdnetcss/fonts/Proxima%20Nova/ 20 KB
20 KB 7ms
6ms Font
font/woff2 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/a/fly/bundles/zdnetcss/fonts/Proxima%20Nova/Semibold.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

21c9c7889404394d4e4c780022b56b5fa39e83b19c34eb0508561a115a1dcc6a

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
Origin: https://www.zdnet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 16:04:15 GMT
via: 1.1 varnish
vary: Accept-Encoding, Accept
content-length: 20344
x-xss-protection: 1; mode=block
last-modified: Fri, 12 Nov 2021 15:35:29 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "a96ff4477074c6395b7305d2d98fde8e"
strict-transport-security: max-age=31536000
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Nov 2022 18:20:56 GMT

GET
H2 200 e70f246a-fd9b-4805-9fd4-fcd89020aca5.json Show response
cdn.cookielaw.org/consent/e70f246a-fd9b-4805-9fd4-fcd89020aca5/ 3 KB
2 KB 35ms
16ms XHR
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/e70f246a-fd9b-4805-9fd4-fcd89020aca5/e70f246a-fd9b-4805-9fd4-fcd89020aca5.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eaf765d314b24473895a9ece61135d31023528c3b65129051b2c5a471d780604

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 22 Nov 2021 16:04:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: xkIaWO5Hr0+rNu9IdoYHdw==
age: 7048
vary: Accept-Encoding
content-length: 1425
x-ms-lease-status: unlocked
last-modified: Thu, 08 Jul 2021 15:15:53 GMT
server: cloudflare
etag: 0x8D94223473B0939
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 6b7a330a-601e-004d-2d15-b61e04000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6b23647c7f795c74-FRA
expires: Mon, 22 Nov 2021 20:04:15 GMT

GET
H2 200 nr-spa-1212.min.js Show response
js-agent.newrelic.com/ 44 KB
17 KB 20ms
6ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1212.min.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ebfe453394ff1be6ef75d380ab7c5535aea0b51832d045f0d5d0ef7e6535969c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: wY72Ah.NJX5KzzqRFK3uhSo3Jh07tDe4
content-encoding: gzip
etag: "8bd93bf0ecb2f4e971a2055a41402bb6"
x-amz-request-id: VG6YBKXNYMJ05RRS
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 16636
x-amz-id-2: CN/OtP3A9z0ShcwSC84Dp2716OPSVqHtXjTa3tL4kDFfrY9FTweTMDz1ynWsKHz8NETzizCEpEw=
x-served-by: cache-fra19136-FRA
last-modified: Thu, 04 Nov 2021 21:16:16 GMT
server: AmazonS3
x-timer: S1637597055.443367,VS0,VE0
date: Mon, 22 Nov 2021 16:04:15 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 7005

GET
H2 200 main.default.js Show response
www.zdnet.com/a/fly/141b7a-fly/js/ 223 KB
70 KB 7ms
7ms Script
application/javascript 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/a/fly/141b7a-fly/js/main.default.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

a8a94d42c979e478050545342252366082c4e5f3aeff8dc27bae989a22f6ca34

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 16:04:15 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept
content-length: 71843
x-xss-protection: 1; mode=block
last-modified: Mon, 22 Nov 2021 10:11:11 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "69d1331f41888834905b1646c2da70bb"
strict-transport-security: max-age=31536000
content-type: application/javascript
via: 1.1 varnish
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Nov 2021 10:12:59 GMT

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ Frame B4AE 2 KB
1 KB 54ms
41ms XHR
application/json 2a02:26f0:6c00:1bb::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=YZ2TK-PC7PJ-K64DL-L53CR-P2G4E&d=www.zdnet.com&t=5458657&v=1.720.0&if=&sl=0&si=08b4d25c-94f6-444d-b38c-59fc7644fdfc-r2zdz3&plugins=ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=
Requested by: Host: c.go-mpulse.net
URL: https://c.go-mpulse.net/boomerang/YZ2TK-PC7PJ-K64DL-L53CR-P2G4E
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:1bb::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 7f43f0b94a59b6c70df8f03207eb3d63f5d925540b0031e66321eec9db124260

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 16:04:15 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 807

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 164 B
373 B 51ms
34ms Script
text/javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 16:04:15 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6b23647cac191f3d-FRA

GET
H/1.1 200
OK NRBR-a22c617a7b2aab2da1c Show response
bam-cell.nr-data.net/1/ 49 B
720 B 545ms
523ms Script
text/javascript 162.247.243.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/NRBR-a22c617a7b2aab2da1c?a=695782443&v=1212.e95d35c&to=NgYBNkBYWEEEAURQWg9MIgFGUFlcSgNCTVwCDwY9QVBYVQkH&rst=861&ck=1&ref=https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/&ap=190&be=745&fe=831&dc=784&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1637597054596,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:16,%22c%22:16,%22s%22:17,%22ce%22:32,%22rq%22:32,%22rp%22:721,%22rpe%22:731,%22dl%22:725,%22di%22:784,%22ds%22:784,%22de%22:784,%22dc%22:831,%22l%22:831,%22le%22:831%7D,%22navigation%22:%7B%7D%7D&fp=824&fcp=824&at=GkEWQAhCSx5HAxIDThwe&jsonp=NREUM.setToken
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 16:04:15 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 6b23647cbb954a68-FRA

GET
H2 200 bidbarrel-zdnet-rv.min.js Show response
at.adtech.redventures.io/lib/dist/prod/ 607 KB
177 KB 42ms
19ms Script
application/javascript 151.101.194.154
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://at.adtech.redventures.io/lib/dist/prod/bidbarrel-zdnet-rv.min.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.154 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6c0cd7b80611259d4ccce9165e8b5dd062aad43e3e3e19a404fe967c49795d03

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 16:04:15 GMT
via: 1.1 0b9e85cfe8fe19b385db56d32b4ce802.cloudfront.net (CloudFront), 1.1 varnish
age: 240
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 180330
x-served-by: cache-fra19132-FRA
last-modified: Thu, 28 Oct 2021 17:15:17 GMT
server: AmazonS3
x-timer: S1637597055.497230,VS0,VE10
etag: "873be44731952ce6844f825d0be702dd"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: max-age=900, public, must-revalidate
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: VQpPGPg7X_ueOV9cPrtBUVZB_GS5QinhDncpaqSulqV7GxW2g99agQ==
x-cache-hits: 1

GET
H2 200 urs.js Show response
urs.zdnet.com/sdk/ 50 KB
50 KB 151ms
119ms Script
application/javascript 34.120.203.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://urs.zdnet.com/sdk/urs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.203.121 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

121.203.120.34.bc.googleusercontent.com

Software

Resource Hash

fb7a86f12d2f0ac2f4111c147415ab30f9c7d84c5e15faba3875fce7ce590127

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 16:04:15 GMT
via: 1.1 google
last-modified: Tue, 12 Jan 2021 17:00:48 GMT
etag: "5ffdd5c0-c803"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
accept-ranges: bytes
alt-svc: clear
content-length: 51203

GET
H2 200 mpulse-1.0.2.js Show response
www.zdnet.com/a/fly/js/libs/ 61 KB
12 KB 7ms
7ms Script
application/javascript 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/a/fly/js/libs/mpulse-1.0.2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

ea7373d7059ab32d4304249b48a91311f91d2dce5e1ebf10450f33f9a8c5f5ec

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 16:04:15 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept
content-length: 12449
x-xss-protection: 1; mode=block
last-modified: Fri, 12 Nov 2021 15:35:24 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "3ef64fab4ee3262b37fedd4dd29ac50b"
strict-transport-security: max-age=31536000
content-type: application/javascript
via: 1.1 varnish
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Nov 2021 18:20:54 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.20.0/ 376 KB
84 KB 37ms
37ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.20.0/otBannerSdk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

295c66c14524b77dd1271317457dec037b5ef0943da346b9b73681e54da826e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 22 Nov 2021 16:04:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: jOOTzA5W9ewbfwCUPpt/mw==
age: 2995004
vary: Accept-Encoding
content-length: 86053
x-ms-lease-status: unlocked
last-modified: Wed, 07 Jul 2021 06:41:48 GMT
server: cloudflare
etag: 0x8D941124BEC2620
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b5562596-701e-0174-096c-c418f5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6b23647ce9854e68-FRA

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/v2/ 2 KB
1 KB 39ms
39ms XHR
application/json 2a02:26f0:6c00:1bb::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/v2/config.json?key=YZ2TK-PC7PJ-K64DL-L53CR-P2G4E&t=1637597055509&s=2b5cfb676f553eb8fea8b1160d3792517cafbac22896b61f96cfb391ff4d5160
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:1bb::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 4be568cb286ae4d81203303a724d1b8e936ccc8a5555fd389c1f3e8806e472e7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 16:04:15 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 877

OPTIONS
H2 200 diff
at.adtech.redventures.io/lib/api/v1/zdnet-rv/prod/config/ Frame 0
0 137ms
124ms Preflight
text/html 151.101.194.154
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://at.adtech.redventures.io/lib/api/v1/zdnet-rv/prod/config/diff?variant=core

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.154 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: cat,content-type,variant,version
Origin: https://www.zdnet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: text/html; charset=utf-8
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://www.zdnet.com
access-control-allow-headers: *
allow: GET,HEAD
etag: W/"8-ZRAf8oNBS3Bjb/SU2GYZCmbtmXg"
x-cloud-trace-context: b43ca13cf65ec213cb5fb09bc91000b9
server: Google Frontend
accept-ranges: bytes
date: Mon, 22 Nov 2021 16:04:15 GMT
via: 1.1 varnish
x-served-by: cache-fra19158-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1637597056.592449,VS0,VE118
vary: Accept-Encoding, Origin
content-length: 8

GET
H/1.1 200
OK config.js Show response
confiant-integrations.global.ssl.fastly.net/J3UXFee1xclY-bfFlWh1mIZ_phU/gpt_and_prebid/ 158 KB
32 KB 31ms
8ms Script
text/javascript 151.101.65.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/J3UXFee1xclY-bfFlWh1mIZ_phU/gpt_and_prebid/config.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1a479c129d4c289159a7ad8bd9b8d575c6dad0e40ef1d25ab77cd3d011a2a17c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 16:04:15 GMT
Content-Encoding: gzip
Age: 1460
X-Cache: HIT
Connection: keep-alive
Content-Length: 31876
x-amz-id-2: GBk7W70hoL23YnFZBPbrXWsjOYwxlCpfMHfXvXaFddPpQP5K68dMvZX2i6vRACdGV5qan5cFF1Q=
X-Served-By: cache-fra19174-FRA
Last-Modified: Mon, 22 Nov 2021 15:23:43 GMT
Server: AmazonS3
X-Timer: S1637597056.583455,VS0,VE0
ETag: "be0aaab898c74ad408043665d92197fa"
x-amz-request-id: WDGZRGA599GBPKS7
Via: 1.1 varnish
Cache-Control: public, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Type: text/javascript
X-Cache-Hits: 25

GET
H2 200 diff Show response
at.adtech.redventures.io/lib/api/v1/zdnet-rv/prod/config/ 25 KB
3 KB 7ms
6ms Fetch
application/json 151.101.194.154
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://at.adtech.redventures.io/lib/api/v1/zdnet-rv/prod/config/diff?variant=core

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.154 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

451b65c3e2b0ec7b9220d3f4ce562519c3523cbe7146aefefd56c785d511a071

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

cat: 5zTciER5s
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
variant: core
version: rv2.25.6

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
age: 70
x-dns-prefetch-control: off
x-cache: HIT
ttl: 900s
content-length: 2640
x-xss-protection: 1; mode=block
x-served-by: cache-fra19158-FRA
access-control-allow-origin: *
server: Google Frontend
x-timer: S1637597056.716977,VS0,VE1
x-frame-options: SAMEORIGIN
date: Mon, 22 Nov 2021 16:04:15 GMT
x-download-options: noopen
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
via: 1.1 varnish
x-cloud-trace-context: 9db6be3480dd71d697219c203d26120a
cache-control: max-age=900
etag: W/e81251357a234eca7df0073c0286dac90094da02
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 1

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 77 KB
27 KB 41ms
19ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

e0d71e9e83d526a320cdee881361d1abcf386a92a21c116a31976690453bc75c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 16:04:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1051 / 366 of 1000 / last-modified: 1637582729"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26883
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 22 Nov 2021 16:04:15 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/e70f246a-fd9b-4805-9fd4-fcd89020aca5/069e0a06-a1be-44f5-9a8f-926f2985d489/ 93 KB
20 KB 96ms
96ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/e70f246a-fd9b-4805-9fd4-fcd89020aca5/069e0a06-a1be-44f5-9a8f-926f2985d489/en.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c83de3876b70820a0a835648010dc49a5600d6c3dd65f1a1e19ff44d33663083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 22 Nov 2021 16:04:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: AlmWtxV11YCExQkuyz0PJA==
age: 6995
vary: Accept-Encoding
content-length: 20136
x-ms-lease-status: unlocked
last-modified: Thu, 08 Jul 2021 15:15:59 GMT
server: cloudflare
etag: 0x8D942234AE979B3
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 04e26c27-701e-00bc-7615-b6cf97000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6b23647d8a705c74-FRA
expires: Mon, 22 Nov 2021 20:04:15 GMT

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111171629/ 189 KB
60 KB 6ms
6ms Script
application/javascript 151.101.65.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111171629/wrap.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2c125e6a12e3dd1d1d1aec93292e90fb3c28f36646a954402702b1d9c25175b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 16:04:15 GMT
Content-Encoding: gzip
Age: 421
X-Cache: HIT
Connection: keep-alive
Content-Length: 61293
x-amz-id-2: jzXf5usRbJR3PYvp69Big/B/XsVaN007aaf8DzTo4oE6Ozrfyzq3/rqhk6J2PTv5JM4jjOX3BWs=
X-Served-By: cache-fra19174-FRA
Last-Modified: Wed, 17 Nov 2021 21:29:49 GMT
Server: AmazonS3
X-Timer: S1637597056.610459,VS0,VE0
ETag: "cb7589d017ac65aecf6dc6f5ec17c4b7"
x-amz-request-id: KY5DB13GGJV0P5XQ
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 353

GET
H2 200 pubads_impl_2021111601.js Show response
securepubads.g.doubleclick.net/gpt/ 344 KB
116 KB 50ms
50ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 16:04:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118471
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 09:34:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 22 Nov 2021 16:04:15 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 217 B
153 B 31ms
16ms XHR
application/json 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.zdnet.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

12717f96c61a500136a8564d666db9b960869a71dd3176a438b53fb08be5c7bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 16:04:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128
x-xss-protection: 0
expires: Mon, 22 Nov 2021 16:04:15 GMT

GET
H2 200 article-86184d81e5-rev.js Show response
www.zdnet.com/a/fly/js/pages/ 104 KB
27 KB 9ms
9ms Script
application/javascript 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/a/fly/js/pages/article-86184d81e5-rev.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

364e9fa8e5ebd2723bceb6ad16241c713dbf20df34f4694041995de5b499eca3

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 16:04:15 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept
content-length: 27159
x-xss-protection: 1; mode=block
last-modified: Fri, 12 Nov 2021 15:35:31 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "d83ce306b2d9fdf140a03caaa512ae6c"
strict-transport-security: max-age=31536000
content-type: application/javascript
via: 1.1 varnish
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Nov 2021 18:20:55 GMT

GET
H2 200 / Show response
www.zdnet.com/components/breaking-news/xhr/ 1 KB
1 KB 121ms
121ms XHR
application/json 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/components/breaking-news/xhr/?slug=breaking-news-banner

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9f682d22d4af295f13735efdb26af3b5f106a580f65d6863739872b4dad7bbee

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .zdnet.com .ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-ID: VgEBVlJWCRAGXVRVDwMDUlc=
tracestate: 78034@nr=0-1-2767451-695782612-6ed853edb1a62eeb----1637597055712
traceparent: 00-591698a7b755a84b862232ce9ed4dad0-6ed853edb1a62eeb-01
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI3Njc0NTEiLCJhcCI6IjY5NTc4MjYxMiIsImlkIjoiNmVkODUzZWRiMWE2MmVlYiIsInRyIjoiNTkxNjk4YTdiNzU1YTg0Yjg2MjIzMmNlOWVkNGRhZDAiLCJ0aSI6MTYzNzU5NzA1NTcxMiwidGsiOiI3ODAzNCJ9fQ==
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
X-Requested-With: XMLHttpRequest

Response headers

content-security-policy: frame-ancestors 'self' *.zdnet.com *.ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Nov 2021 16:03:24 GMT
vary: Accept-Encoding, User-Agent
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-newrelic-app-data: PxQFVlBUDAYBR1dbAgYPVFAFBRFORDQHUjZKA1ZLVVFHDFYPbU5yARBfWA86TFtcXRQODFJfQzkGQ1NSCQ8NBW8MXRVLGhgCHVUJUQFRH1JKBgRTVVcUHgFIQ1UGBFRQAAUHVwZSUgcJAVpAFF5VXkAAZA==
x-frame-options: SAMEORIGIN
date: Mon, 22 Nov 2021 16:04:15 GMT
expect-ct: max-age=0, report-uri="https://7a8f8748a40805618a61b617481a6ebc.report-uri.com/r/d/ct/reportOnly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-tx-id: 03e1b66e-38b3-497b-8c51-491e978dfa9b
content-type: application/json
via: 1.1 varnish
cache-control: max-age=5400, private
accept-ranges: bytes
expires: Mon, 22 Nov 2021 17:33:24 GMT

GET
H2 200 track-cwv-72dfb3ae38-rev.js Show response
www.zdnet.com/a/fly/js/components/ 239 B
290 B 6ms
6ms Script
application/javascript 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/a/fly/js/components/track-cwv-72dfb3ae38-rev.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

9b7909cb9edd007095b41a13617b66208e4210fff9c5e411a7db116efefc8e71

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 16:04:15 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept
content-length: 199
x-xss-protection: 1; mode=block
last-modified: Fri, 12 Nov 2021 15:35:30 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "97dcb9aecd7642860f6ba848435a0178"
strict-transport-security: max-age=31536000
content-type: application/javascript
via: 1.1 varnish
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Nov 2021 18:21:00 GMT

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.20.0/assets/ 13 KB
3 KB 17ms
17ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.20.0/assets/otFlat.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 22 Nov 2021 16:04:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: /OL7qnwFOarng5AW29V9Pw==
age: 2994979
vary: Accept-Encoding
content-length: 2950
x-ms-lease-status: unlocked
last-modified: Wed, 07 Jul 2021 06:41:42 GMT
server: cloudflare
etag: 0x8D94112485FC2D3
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 84c52ef2-f01e-0048-626c-c4ea7b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6b23647e4caa5c74-FRA

GET
H2 200 my-finance-widget-068f12d78c-rev.js Show response
www.zdnet.com/a/fly/js/components/ 1 KB
712 B 7ms
6ms Script
application/javascript 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/a/fly/js/components/my-finance-widget-068f12d78c-rev.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

758c7d9d726719d14444ed93bfb64d21c84342d6ca479826b1477d7da24b3a14

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 16:04:15 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept
content-length: 553
x-xss-protection: 1; mode=block
last-modified: Mon, 22 Nov 2021 10:11:25 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "9b230c03eb3701540a98b0653e3dd4f1"
strict-transport-security: max-age=31536000
content-type: application/javascript
via: 1.1 varnish
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Nov 2021 10:13:15 GMT

GET
H2 200 disqus-loader-891338aca1-rev.js Show response
www.zdnet.com/a/fly/js/components/ 1 KB
776 B 7ms
6ms Script
application/javascript 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/a/fly/js/components/disqus-loader-891338aca1-rev.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

bb852945d8e9ae2dddadccfbce542830d5e86adf940a29239fa2742d6e79e2fb

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 16:04:15 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept
content-length: 685
x-xss-protection: 1; mode=block
last-modified: Fri, 12 Nov 2021 15:35:30 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "e86548f942d1e287f61cc7f47d86c9f0"
strict-transport-security: max-age=31536000
content-type: application/javascript
via: 1.1 varnish
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Nov 2021 18:20:55 GMT

GET
H2 200 front-door-carousel-dcdcc78ebc-rev.js Show response
www.zdnet.com/a/fly/js/components/ 5 KB
2 KB 7ms
7ms Script
application/javascript 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/a/fly/js/components/front-door-carousel-dcdcc78ebc-rev.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

0f23aaa9d0fec5942a9907b88ad801ff3eff3abede69bf286d869061201c67fe

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 16:04:15 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept
content-length: 1651
x-xss-protection: 1; mode=block
last-modified: Fri, 12 Nov 2021 15:35:31 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "dc62c0d907dc1b97c293d3b1d74c0cbd"
strict-transport-security: max-age=31536000
content-type: application/javascript
via: 1.1 varnish
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Nov 2021 18:20:55 GMT

GET
H2 200 zdnet+96cc5dcf-52b3-4a03-bc10-f9f4d0d5adbe.png
media-mtml.mt.rvapps.io/image-assets/zdnet/ 2 MB
2 MB 317ms
283ms Image
image/jpeg 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-mtml.mt.rvapps.io/image-assets/zdnet/zdnet+96cc5dcf-52b3-4a03-bc10-f9f4d0d5adbe.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a0233f2a52d38bb92f54e15bdcc0bfe964c74921d560de3ece5f51aaeb3c8a80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 16:04:16 GMT
via: 1.1 varnish, 1.1 varnish
age: 44085
x-guploader-uploadid: ADPycdshcY6hruv6Ot5reTzK1r6PmiyCaM4TBYdCYT4jYJg4uj803-db_19UurBx9eTCCE3RowItLaFfBi9WUykZK4Y
x-cache: HIT, MISS
x-goog-storage-class: REGIONAL
x-cache-hits: 1, 0
content-length: 2466651
x-served-by: cache-chi21140-CHI, cache-fra19141-FRA
last-modified: Wed, 24 Feb 2021 17:43:30 GMT
server: UploadServer
x-timer: S1637597056.768220,VS0,VE275
etag: "de130531b785ae1259c4eee4959fa26f"
x-goog-hash: crc32c=1hpPGQ==, md5=3hMFMbeFrhJZxO7klZ+ibw==
content-type: text/plain
cache-control: max-age=0, s-maxage=86400
accept-ranges: bytes
expires: Sat, 20 Nov 2021 03:16:05 GMT

GET
H2 200 zdnet+aacd1659-9051-42bd-8a75-a059081d0958.png
media-mtml.mt.rvapps.io/image-assets/zdnet/ 290 KB
291 KB 332ms
299ms Image
image/png 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-mtml.mt.rvapps.io/image-assets/zdnet/zdnet+aacd1659-9051-42bd-8a75-a059081d0958.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 9f4b2bd8b5636a2efd3f471694a3f7ff2dd3451e9bd7fc3daa3d3dd41607398c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 16:04:16 GMT
via: 1.1 varnish, 1.1 varnish
age: 0
x-guploader-uploadid: ADPycdv2xgy4xPBRvphjHiU_TRI_PIIBzhWuIJc4rr9J5cnL2QQqxSanJcNbulrYBigacRlvT2vUsqmku1hvq67JKnVwJJukxg
x-cache: MISS, MISS
x-goog-storage-class: REGIONAL
x-cache-hits: 0, 0
content-length: 297151
x-served-by: cache-chi21138-CHI, cache-fra19141-FRA
last-modified: Wed, 10 Nov 2021 17:13:22 GMT
server: UploadServer
x-timer: S1637597056.768286,VS0,VE283
etag: "655d83a84d0e3e7f28f7f3f8fb6ab0b6"
x-goog-hash: crc32c=nm7odQ==, md5=ZV2DqE0OPn8o9/P4+2qwtg==
content-type: image/png
cache-control: private, max-age=0
accept-ranges: bytes
expires: Mon, 22 Nov 2021 16:04:15 GMT

GET
H2 200 zdnet+fa2f3639-9276-4a24-889a-d265cf546d93.png
media-mtml.mt.rvapps.io/image-assets/zdnet/ 186 KB
186 KB 391ms
358ms Image
image/png 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-mtml.mt.rvapps.io/image-assets/zdnet/zdnet+fa2f3639-9276-4a24-889a-d265cf546d93.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 8aa891f09153fae1df0c870f2452ef8c9e1e25625eb3596e227f0d533f3644cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 16:04:16 GMT
via: 1.1 varnish, 1.1 varnish
age: 0
x-guploader-uploadid: ADPycdsxAC5zliUE9Z5fYDcoZBbqPVNzjQb0S86-Mq9HvNezYFc3XEtoxHlW4Mmrsw7r8PBXZKwxuDKcMd3rto_hYGOjeeZDHA
x-cache: MISS, MISS
x-goog-storage-class: REGIONAL
x-cache-hits: 0, 0
content-length: 190493
x-served-by: cache-chi21124-CHI, cache-fra19141-FRA
last-modified: Thu, 11 Nov 2021 10:18:16 GMT
server: UploadServer
x-timer: S1637597056.768361,VS0,VE301
etag: "e14bdf87d66c7b0f5c3a1dde451a38e2"
x-goog-hash: crc32c=BLds9w==, md5=4Uvfh9Zsew9cOh3eRRo44g==
content-type: image/png
cache-control: private, max-age=0
accept-ranges: bytes
expires: Mon, 22 Nov 2021 16:04:15 GMT

GET
H2 200 zdnet+f3f3c3ee-efca-4539-aa88-e0c756d13ab7.png
media-mtml.mt.rvapps.io/image-assets/zdnet/ 47 KB
48 KB 40ms
7ms Image
image/png 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-mtml.mt.rvapps.io/image-assets/zdnet/zdnet+f3f3c3ee-efca-4539-aa88-e0c756d13ab7.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b4b1d1d87ac3ccaa6ba5c10e29284746c7c628fada8676455f4c5da925bee5ca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 16:04:15 GMT
via: 1.1 varnish, 1.1 varnish
age: 4479
x-guploader-uploadid: ADPycdsPwDJjYHoDlVZ7vbtGvOmgSPTCCnuDuNt23wF2TnH8IJNMtuYFHtIT-nrDJNbqxVDm94NXWfxlgPEHzdXNPYk
x-cache: HIT, HIT
x-goog-storage-class: REGIONAL
x-cache-hits: 1, 1
content-length: 48242
x-served-by: cache-chi21174-CHI, cache-fra19141-FRA
last-modified: Wed, 24 Feb 2021 19:04:46 GMT
server: UploadServer
x-timer: S1637597056.768468,VS0,VE1
etag: "a007db6574c199ed81c7e689861d0d0c"
x-goog-hash: crc32c=4/PwhQ==, md5=oAfbZXTBme2Bx+aJhh0NDA==
content-type: image/png
cache-control: max-age=0, s-maxage=86400
accept-ranges: bytes
expires: Thu, 11 Nov 2021 14:03:14 GMT

GET
H2 200 zdnet+9785e807-14e2-4311-a6cb-2a1f0019704d.png
media-mtml.mt.rvapps.io/image-assets/zdnet/ 1 MB
1 MB 517ms
485ms Image
image/png 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-mtml.mt.rvapps.io/image-assets/zdnet/zdnet+9785e807-14e2-4311-a6cb-2a1f0019704d.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 6e613560cec9fd4e47e04029561769e9e9d4f28d0592b217f007772f00348cfe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 16:04:16 GMT
via: 1.1 varnish, 1.1 varnish
age: 566
x-guploader-uploadid: ADPycdt-YMVVyvdqBvS8oyyuFfoNE0MBw9DIKbjCr7Yjj1nVFQHr9BUaSnJ01pQs1v99wH0cjKH6h7PHSuGgYBVTgTM
x-cache: HIT, MISS
x-goog-storage-class: REGIONAL
x-cache-hits: 1, 0
content-length: 1108501
x-served-by: cache-chi21152-CHI, cache-fra19141-FRA
last-modified: Thu, 30 Sep 2021 12:13:16 GMT
server: UploadServer
x-timer: S1637597056.768527,VS0,VE476
etag: "771cd46176f66e8369b8d0c7e1c4bf31"
x-goog-hash: crc32c=z8YEQQ==, md5=dxzUYXb2boNpuNDH4cS/MQ==
content-type: image/png
cache-control: private, max-age=0
accept-ranges: bytes
expires: Mon, 22 Nov 2021 15:54:49 GMT

GET
H2 200 zdnet+1820f8a7-82a0-419e-967f-f89506886748.png
media-mtml.mt.rvapps.io/image-assets/zdnet/ 66 KB
67 KB 146ms
114ms Image
image/png 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-mtml.mt.rvapps.io/image-assets/zdnet/zdnet+1820f8a7-82a0-419e-967f-f89506886748.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a5bca99152b0f9454e121f2650f9609147fcca8a6b5e499952035617948371bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 16:04:15 GMT
via: 1.1 varnish, 1.1 varnish
age: 3663
x-guploader-uploadid: ADPycdsyLmFdxsKAGlt7Rix2W_RuftkBo17MckrRPmFqL6Lyba1iCMpBKHZB2B3nbPahvurG5aMlryjAWV23netE7Bw
x-cache: HIT, HIT
x-goog-storage-class: REGIONAL
x-cache-hits: 1, 1
content-length: 67899
x-served-by: cache-chi21173-CHI, cache-fra19141-FRA
last-modified: Wed, 24 Feb 2021 16:34:33 GMT
server: UploadServer
x-timer: S1637597056.768612,VS0,VE105
etag: "71562dd332e74d8ed63ed7153ca1a752"
x-goog-hash: crc32c=hje/xA==, md5=cVYt0zLnTY7WPtcVPKGnUg==
content-type: image/png
cache-control: max-age=0, s-maxage=86400
accept-ranges: bytes
expires: Thu, 11 Nov 2021 14:01:34 GMT

GET
H2 200 zdnet+f411b441-f4aa-427c-9ef2-d12599d68c9d.png
media-mtml.mt.rvapps.io/image-assets/zdnet/ 2 MB
2 MB 349ms
349ms Image
image/png 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-mtml.mt.rvapps.io/image-assets/zdnet/zdnet+f411b441-f4aa-427c-9ef2-d12599d68c9d.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 1f664440b22951b8c5a35f38ec7b463978c388cfe465c397f45bfbe26c50be84

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 16:04:16 GMT
via: 1.1 varnish, 1.1 varnish
age: 837
x-guploader-uploadid: ADPycdv9iJVKiVaIoTo2-5Ya886ApCj1rcLCQe-r35D4zzBKZdL_L6aNZsdlzjyZ5nowWuqUynby0IuBkVAYS3nw2gs
x-cache: HIT, MISS
x-goog-storage-class: REGIONAL
x-cache-hits: 1, 0
content-length: 2358493
x-served-by: cache-chi21127-CHI, cache-fra19141-FRA
last-modified: Thu, 11 Nov 2021 11:53:22 GMT
server: UploadServer
x-timer: S1637597056.782119,VS0,VE294
etag: "f706fb6df99290700758395bf8d49ac1"
x-goog-hash: crc32c=RKfsPA==, md5=9wb7bfmSkHAHWDlb+NSawQ==
content-type: image/png
cache-control: private, max-age=0
accept-ranges: bytes
expires: Mon, 22 Nov 2021 15:50:19 GMT

GET
H2 200 zdnet+137da998-4c64-11e3-90a0-0291187ef9b6.png
media-mtml.mt.rvapps.io/image-assets/zdnet/ 66 KB
66 KB 13ms
12ms Image
image/png 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-mtml.mt.rvapps.io/image-assets/zdnet/zdnet+137da998-4c64-11e3-90a0-0291187ef9b6.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: f6bdd8e675d64d4250b059922bcd5e404fd432efb805885ebe68291b2a75b18c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 16:04:15 GMT
via: 1.1 varnish, 1.1 varnish
age: 741
x-guploader-uploadid: ADPycds20MCxKgSjX2d_aU2gyeg20NLPHds_pKDQMU6fswDzVSSoeGHy2EaeENUl7v18OJupitIK_AHvMeRNwT_cdkc
x-cache: HIT, HIT
x-goog-storage-class: REGIONAL
x-cache-hits: 1, 1
content-length: 67583
x-served-by: cache-chi21178-CHI, cache-fra19141-FRA
last-modified: Mon, 22 Nov 2021 09:03:20 GMT
server: UploadServer
x-timer: S1637597056.782215,VS0,VE1
etag: "7b07a705aff584ad97953969134569ec"
x-goog-hash: crc32c=V6COFQ==, md5=ewenBa/1hK2XlTlpE0Vp7A==
content-type: image/png
cache-control: private, max-age=0
accept-ranges: bytes
expires: Mon, 22 Nov 2021 15:51:54 GMT

GET
H2 200 zdnet+e39b2ee1-7c73-4047-975b-55949a9158ee.png
media-mtml.mt.rvapps.io/image-assets/zdnet/ 81 KB
81 KB 8ms
7ms Image
image/png 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-mtml.mt.rvapps.io/image-assets/zdnet/zdnet+e39b2ee1-7c73-4047-975b-55949a9158ee.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: f93fa3cef5bf93b0a552e9de0130cf801382e69d0b12de6deb64d0e0865181d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 16:04:15 GMT
via: 1.1 varnish, 1.1 varnish
age: 71985
x-guploader-uploadid: ADPycds6U0jgREMSUXNr0eu12i_2Sls_vi6WZ7lyFDrgVgWuol0MkWsb95YIKidFPi1FhtABTnKzn4HosrUFdnSF2ya19WNXsA
x-cache: HIT, HIT
x-goog-storage-class: REGIONAL
x-cache-hits: 2, 1
content-length: 82452
x-served-by: cache-chi21126-CHI, cache-fra19141-FRA
last-modified: Wed, 24 Feb 2021 18:55:18 GMT
server: UploadServer
x-timer: S1637597056.782317,VS0,VE1
etag: "30a1b965650b6bbd9887d93e9c0e9558"
x-goog-hash: crc32c=rQaYfA==, md5=MKG5ZWULa72Yh9k+nA6VWA==
content-type: image/png
cache-control: max-age=0, s-maxage=86400
accept-ranges: bytes
expires: Sat, 13 Nov 2021 19:29:46 GMT

GET
H2 200 / Show response
www.zdnet.com/newsletter/xhr/widget-login/ 2 KB
1 KB 195ms
195ms XHR
application/json 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/newsletter/xhr/widget-login/?topic=security

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

916a33fa567e1ef02bb792ff9e0361a0e28f43967aba94e18a119e2328c3f0b9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .zdnet.com .ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-ID: VgEBVlJWCRAGXVRVDwMDUlc=
tracestate: 78034@nr=0-1-2767451-695782612-91391cd45fda9f76----1637597055735
traceparent: 00-23e2a4a034d90af27db0431e73025160-91391cd45fda9f76-01
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI3Njc0NTEiLCJhcCI6IjY5NTc4MjYxMiIsImlkIjoiOTEzOTFjZDQ1ZmRhOWY3NiIsInRyIjoiMjNlMmE0YTAzNGQ5MGFmMjdkYjA0MzFlNzMwMjUxNjAiLCJ0aSI6MTYzNzU5NzA1NTczNSwidGsiOiI3ODAzNCJ9fQ==
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
X-Requested-With: XMLHttpRequest

Response headers

content-security-policy: frame-ancestors 'self' *.zdnet.com *.ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding, User-Agent
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-newrelic-app-data: PxQFVlBUDAYBR1dbAgYPVFAFBRFORDQHUjZKA1ZLVVFHDFYPbU5yARBfWA86TFZWRxcNB0NFUhQ7Rl9XBQMXPUMKVxVnVFtVWgsbTQFPA1JUBgdNVk0IBwFcWU4aABtEUQMDBgFUAlZVWlpSD1sHBBFJXwBdElY/
x-frame-options: SAMEORIGIN
date: Mon, 22 Nov 2021 16:04:15 GMT
expect-ct: max-age=0, report-uri="https://7a8f8748a40805618a61b617481a6ebc.report-uri.com/r/d/ct/reportOnly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-tx-id: 81202354-dc54-477a-bd05-68079478e130
content-type: application/json
via: 1.1 varnish
cache-control: max-age=0, must-revalidate, private
accept-ranges: bytes
expires: Mon, 22 Nov 2021 16:04:15 GMT

GET
H2 200 moatheader.js Show response
z.moatads.com/redventuresgamheader644747280705/ 240 KB
82 KB 38ms
7ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/redventuresgamheader644747280705/moatheader.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 660c4944d12218cf2b184d845516f3930ba222de846078099256b70ea7acaf90

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 16:04:15 GMT
content-encoding: gzip
last-modified: Thu, 18 Nov 2021 20:54:15 GMT
server: AmazonS3
x-amz-request-id: 1RRSBZY4W7RA780S
etag: "d267327ac3a2238138aff00eeb7a88f1"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=28390
accept-ranges: bytes
content-length: 83685
x-amz-id-2: IwXDqdN+AxPj+o3J+eOIDBuX6Ef/w+uZkQTsfBVqvX0LQY+5Lk/1S56dTfiQ0tjaiSIt9J3TMUU=

GET
H2 200 core-web-vitals-16efe3ae21-rev.js Show response
www.zdnet.com/a/fly/js/managers/ 545 B
602 B 8ms
7ms Script
application/javascript 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/a/fly/js/managers/core-web-vitals-16efe3ae21-rev.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

82f947d14a0a198dfe3cec2fde7896f6e332eb798cc193dad8da9ed2225277cd

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 16:04:15 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept
content-length: 366
x-xss-protection: 1; mode=block
last-modified: Fri, 12 Nov 2021 15:35:31 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "13ebb91ff9802e3e819eaeb0ade6750d"
strict-transport-security: max-age=31536000
content-type: application/javascript
via: 1.1 varnish
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Nov 2021 18:20:55 GMT

GET
H2 200 cohesion-latest.min.js Show response
cdn.cohesionapps.com/cohesion/ 77 KB
21 KB 36ms
8ms Script
text/javascript 143.204.98.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cohesionapps.com/cohesion/cohesion-latest.min.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-124.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 15fc6da0c56525b38a69504e4d5e73d1126290aff814150c4468d303a73bc727

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"237f1a86ca36f84a0eb06096a5a162f7"
last-modified: Thu, 18 Nov 2021 13:26:43 GMT
server: AmazonS3
age: 9445
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
date: Mon, 22 Nov 2021 13:26:51 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: cVUD3vy5lS3_1Fckg7yFBaS56UgiavvJVcNd5cj3q26b5sgvVZLJ7A==

GET
H2 200 inlineMedia_core.js Show response
static.myfinance.com/widget/ 184 KB
63 KB 69ms
36ms Script
application/javascript 2606:4700:3030::ac43:b431
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.myfinance.com/widget/inlineMedia_core.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:b431 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

829c410a6b21a34e4127e1ae45f244189a83493c13712d9e5d98f1d2dc19c3f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 16:04:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2055
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: PPE0TCCX8MS56HQ2
x-amz-id-2: ijmYvxrIQL9dPGG5er9wWMBSTgjdDuWZ1d9ZySmq5ugYeCB1xVv7t7sAfK1LYRkd3ima/wQsaYA=
last-modified: Tue, 16 Nov 2021 19:32:09 GMT
server: cloudflare
etag: W/"72763a8104cb9ae82dfbd403a0e82253"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GNyAq6sNfknWxrA529yvVSvSKBl56UsSxmRmtWeOHIakmNxm1NmqxPcFRLpSiGrNJJIigKqapf1KBsIsJO%2F9ub%2F%2BWdisArl8W4Y%2BRFR9rHhRvbn9lXjedLFBf%2Boxib2W%2B2aBXiAme4UFNsuehUu%2BdaYZ%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 6b23647f89406925-FRA

GET
H2 200 zdnet+f3f3c3ee-efca-4539-aa88-e0c756d13ab7.png
media-mtml.mt.rvapps.io/image-assets/zdnet/ 47 KB
47 KB 7ms
7ms Image
image/png 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-mtml.mt.rvapps.io/image-assets/zdnet/zdnet+f3f3c3ee-efca-4539-aa88-e0c756d13ab7.png
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/a/fly/141b7a-fly/js/main.default.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b4b1d1d87ac3ccaa6ba5c10e29284746c7c628fada8676455f4c5da925bee5ca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 16:04:15 GMT
via: 1.1 varnish, 1.1 varnish
age: 4479
x-guploader-uploadid: ADPycdsPwDJjYHoDlVZ7vbtGvOmgSPTCCnuDuNt23wF2TnH8IJNMtuYFHtIT-nrDJNbqxVDm94NXWfxlgPEHzdXNPYk
x-cache: HIT, HIT
x-goog-storage-class: REGIONAL
x-cache-hits: 1, 2
content-length: 48242
x-served-by: cache-chi21174-CHI, cache-fra19141-FRA
last-modified: Wed, 24 Feb 2021 19:04:46 GMT
server: UploadServer
x-timer: S1637597056.906320,VS0,VE0
etag: "a007db6574c199ed81c7e689861d0d0c"
x-goog-hash: crc32c=4/PwhQ==, md5=oAfbZXTBme2Bx+aJhh0NDA==
content-type: image/png
cache-control: max-age=0, s-maxage=86400
accept-ranges: bytes
expires: Thu, 11 Nov 2021 14:03:14 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 37ms
15ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.zdnet.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 16:04:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 39ms
16ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.zdnet.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 16:04:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 43 KB
11 KB 348ms
348ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=69231929235010&correlator=429661589175137&output=ldjh&impl=fifs&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211122&iu_parts=22309610186%2Caw-zdnet%2Csecurity&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x66%7C5x5&prev_scp=pos%3Dnav%26sl%3Dnav-ad-plus-leader%253FT-1000%26iid%3Dunit%253Dnav-ad-plus-leader%257Cvguid%253D46f03238-12ed-4d41-b892-3369670a5bc9%257Cpv%253D1&eri=1&cust_params=test%3Drelated_rr%257C1%257Ca%26buyingcycle%3Ddiscover%26topic%3Dsecurity%252Cbanking%252Candroid%26mfr%3Dgoogle%252Cats-communications%26tag%3Dmalware%252Cbanking%252Ccyber-security%26prodtype%3Dandroid%26device%3Ddesktop%26ptype%3Darticle%26cid%3Dnew-banking-trojan-sharkbot-makes-waves-across-europe%26env%3Dprod%26user%3Danon%26userGroup%3Dfirst_impression%252Csocial_user%26type%3Dgpt%26region%3Daw%26subses%3D4%26session%3Db%26pv%3D1%26ftag%3DCOS-05-10aaa0g%26vguid%3D46f03238-12ed-4d41-b892-3369670a5bc9&cookie_enabled=1&bc=31&abxe=1&lmt=1637597056&dt=1637597056021&dlt=1637597055321&idt=430&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=50&adks=3846852823&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-banking-trojan-sharkbot-makes-waves-across-europe%2F%3Fftag%3DCOS-05-10aaa0g%26taid%3D6193bce8ea82b400012e6cdb%26utm_campaign%3DtrueAnthem%253A%2BTrending%2BContent%26utm_medium%3DtrueAnthem%26utm_source%3Dtwitter&ref=https%3A%2F%2Ft.co%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x100&msz=1600x100&ga_vid=613568965.1637597056&ga_sid=1637597056&ga_hid=1937162484&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

44b52e57fb51976705c6a0ab20755b61c9664820d38be225809057cff032075d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 16:04:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10832
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.zdnet.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 50ms
28ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111601&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7d3855320fad55978ed4ebec77d1e43047eb690faa20a20529c83b5df23ce9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 16:04:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9224
x-xss-protection: 0

GET
H2 200 container.html Show response
85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F68D 6 KB
4 KB 95ms
24ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 22 Nov 2021 16:04:16 GMT
expires: Tue, 22 Nov 2022 16:04:16 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 show-hide-1.0-51cea9ac43-rev.js Show response
www.zdnet.com/a/fly/js/components/ 2 KB
851 B 6ms
6ms Script
application/javascript 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/a/fly/js/components/show-hide-1.0-51cea9ac43-rev.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

cd715c0fa7d69e85432e8b08d0a02b9613edf40212cca2040bde31670167638e

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 16:04:16 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept
content-length: 671
x-xss-protection: 1; mode=block
last-modified: Fri, 12 Nov 2021 15:35:30 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "057f9856449aeef0449fee372db7b59c"
strict-transport-security: max-age=31536000
content-type: application/javascript
via: 1.1 varnish
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Nov 2021 18:21:00 GMT

GET
H2 200 zdnet+e39b2ee1-7c73-4047-975b-55949a9158ee.png
media-mtml.mt.rvapps.io/image-assets/zdnet/ 81 KB
81 KB 8ms
8ms Image
image/png 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-mtml.mt.rvapps.io/image-assets/zdnet/zdnet+e39b2ee1-7c73-4047-975b-55949a9158ee.png
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/a/fly/141b7a-fly/js/main.default.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: f93fa3cef5bf93b0a552e9de0130cf801382e69d0b12de6deb64d0e0865181d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 16:04:16 GMT
via: 1.1 varnish, 1.1 varnish
age: 71985
x-guploader-uploadid: ADPycds6U0jgREMSUXNr0eu12i_2Sls_vi6WZ7lyFDrgVgWuol0MkWsb95YIKidFPi1FhtABTnKzn4HosrUFdnSF2ya19WNXsA
x-cache: HIT, HIT
x-goog-storage-class: REGIONAL
x-cache-hits: 2, 2
content-length: 82452
x-served-by: cache-chi21126-CHI, cache-fra19141-FRA
last-modified: Wed, 24 Feb 2021 18:55:18 GMT
server: UploadServer
x-timer: S1637597056.037857,VS0,VE0
etag: "30a1b965650b6bbd9887d93e9c0e9558"
x-goog-hash: crc32c=rQaYfA==, md5=MKG5ZWULa72Yh9k+nA6VWA==
content-type: image/png
cache-control: max-age=0, s-maxage=86400
accept-ranges: bytes
expires: Sat, 13 Nov 2021 19:29:46 GMT

GET
H2 200 zdnet+137da998-4c64-11e3-90a0-0291187ef9b6.png
media-mtml.mt.rvapps.io/image-assets/zdnet/ 66 KB
66 KB 9ms
8ms Image
image/png 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-mtml.mt.rvapps.io/image-assets/zdnet/zdnet+137da998-4c64-11e3-90a0-0291187ef9b6.png
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/a/fly/141b7a-fly/js/main.default.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: f6bdd8e675d64d4250b059922bcd5e404fd432efb805885ebe68291b2a75b18c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 16:04:16 GMT
via: 1.1 varnish, 1.1 varnish
age: 741
x-guploader-uploadid: ADPycds20MCxKgSjX2d_aU2gyeg20NLPHds_pKDQMU6fswDzVSSoeGHy2EaeENUl7v18OJupitIK_AHvMeRNwT_cdkc
x-cache: HIT, HIT
x-goog-storage-class: REGIONAL
x-cache-hits: 1, 2
content-length: 67583
x-served-by: cache-chi21178-CHI, cache-fra19141-FRA
last-modified: Mon, 22 Nov 2021 09:03:20 GMT
server: UploadServer
x-timer: S1637597056.037975,VS0,VE0
etag: "7b07a705aff584ad97953969134569ec"
x-goog-hash: crc32c=V6COFQ==, md5=ewenBa/1hK2XlTlpE0Vp7A==
content-type: image/png
cache-control: private, max-age=0
accept-ranges: bytes
expires: Mon, 22 Nov 2021 15:51:54 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 41 KB
10 KB 367ms
367ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=69231929235010&correlator=2620520882446954&output=ldjh&impl=fifs&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211122&iu_parts=22309610186%2Caw-zdnet%2Csecurity&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x600&prev_scp=pos%3Dtop%26sl%3Dmpu-plus-top%253FLL%257CT-1000%26iid%3Dunit%253Dmpu-plus-top%257Cvguid%253D46f03238-12ed-4d41-b892-3369670a5bc9%257Cpv%253D1&eri=1&cust_params=test%3Drelated_rr%257C1%257Ca%26buyingcycle%3Ddiscover%26topic%3Dsecurity%252Cbanking%252Candroid%26mfr%3Dgoogle%252Cats-communications%26tag%3Dmalware%252Cbanking%252Ccyber-security%26prodtype%3Dandroid%26device%3Ddesktop%26ptype%3Darticle%26cid%3Dnew-banking-trojan-sharkbot-makes-waves-across-europe%26env%3Dprod%26user%3Danon%26userGroup%3Dfirst_impression%252Csocial_user%26type%3Dgpt%26region%3Daw%26subses%3D4%26session%3Db%26pv%3D1%26ftag%3DCOS-05-10aaa0g%26vguid%3D46f03238-12ed-4d41-b892-3369670a5bc9&cookie_enabled=1&bc=31&abxe=1&lmt=1637597056&dt=1637597056093&dlt=1637597055321&idt=430&frm=20&biw=1600&bih=1200&oid=2&adxs=1050&adys=422&adks=36326968&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-banking-trojan-sharkbot-makes-waves-across-europe%2F%3Fftag%3DCOS-05-10aaa0g%26taid%3D6193bce8ea82b400012e6cdb%26utm_campaign%3DtrueAnthem%253A%2BTrending%2BContent%26utm_medium%3DtrueAnthem%26utm_source%3Dtwitter&ref=https%3A%2F%2Ft.co%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=370x280&msz=370x30&ga_vid=613568965.1637597056&ga_sid=1637597056&ga_hid=1937162484&ga_fc=false&fws=4&ohw=370&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

58627b0bebaa9e090b75bc6ac90c84f1c92785702f082197c1c5a97bb4e62729

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 16:04:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10534
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.zdnet.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 53 KB
11 KB 500ms
500ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=69231929235010&correlator=2393944399551054&output=ldjh&impl=fifs&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211122&iu_parts=22309610186%2Caw-zdnet%2Csecurity&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&prev_scp=pos%3Dmiddle%26sl%3Dmpu-middle%253FLL%257CT-1000%26iid%3Dunit%253Dmpu-middle%257Cvguid%253D46f03238-12ed-4d41-b892-3369670a5bc9%257Cpv%253D1&eri=1&cust_params=test%3Drelated_rr%257C1%257Ca%26buyingcycle%3Ddiscover%26topic%3Dsecurity%252Cbanking%252Candroid%26mfr%3Dgoogle%252Cats-communications%26tag%3Dmalware%252Cbanking%252Ccyber-security%26prodtype%3Dandroid%26device%3Ddesktop%26ptype%3Darticle%26cid%3Dnew-banking-trojan-sharkbot-makes-waves-across-europe%26env%3Dprod%26user%3Danon%26userGroup%3Dfirst_impression%252Csocial_user%26type%3Dgpt%26region%3Daw%26subses%3D4%26session%3Db%26pv%3D1%26ftag%3DCOS-05-10aaa0g%26vguid%3D46f03238-12ed-4d41-b892-3369670a5bc9&cookie_enabled=1&bc=31&abxe=1&lmt=1637597056&dt=1637597056097&dlt=1637597055321&idt=430&frm=20&biw=1600&bih=1200&oid=2&adxs=1050&adys=1087&adks=2638305364&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-banking-trojan-sharkbot-makes-waves-across-europe%2F%3Fftag%3DCOS-05-10aaa0g%26taid%3D6193bce8ea82b400012e6cdb%26utm_campaign%3DtrueAnthem%253A%2BTrending%2BContent%26utm_medium%3DtrueAnthem%26utm_source%3Dtwitter&ref=https%3A%2F%2Ft.co%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=370x30&msz=370x30&ga_vid=613568965.1637597056&ga_sid=1637597056&ga_hid=1937162484&ga_fc=false&fws=4&ohw=370&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

106eb783b9848548d8dd1e2a4b5420ad5e6282da83d7c4be902aebba69bb665e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 16:04:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11608
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.zdnet.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
10 KB 134ms
133ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=69231929235010&correlator=3181248806032827&output=ldjh&impl=fifs&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211122&iu_parts=22309610186%2Caw-zdnet%2Csecurity&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C11x11&fluid=height&prev_scp=pos%3Dtop%26strnativekey%3D8ec3a4f3%26sl%3Dsharethrough-top%253FLL%257CT-1000%26iid%3Dunit%253Dsharethrough-top%257Cvguid%253D46f03238-12ed-4d41-b892-3369670a5bc9%257Cpv%253D1&eri=1&cust_params=test%3Drelated_rr%257C1%257Ca%26buyingcycle%3Ddiscover%26topic%3Dsecurity%252Cbanking%252Candroid%26mfr%3Dgoogle%252Cats-communications%26tag%3Dmalware%252Cbanking%252Ccyber-security%26prodtype%3Dandroid%26device%3Ddesktop%26ptype%3Darticle%26cid%3Dnew-banking-trojan-sharkbot-makes-waves-across-europe%26env%3Dprod%26user%3Danon%26userGroup%3Dfirst_impression%252Csocial_user%26type%3Dgpt%26region%3Daw%26subses%3D4%26session%3Db%26pv%3D1%26ftag%3DCOS-05-10aaa0g%26vguid%3D46f03238-12ed-4d41-b892-3369670a5bc9&cookie_enabled=1&bc=31&abxe=1&lmt=1637597056&dt=1637597056102&dlt=1637597055321&idt=430&frm=20&biw=1600&bih=1200&oid=2&adxs=215&adys=1285&adks=697432828&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-banking-trojan-sharkbot-makes-waves-across-europe%2F%3Fftag%3DCOS-05-10aaa0g%26taid%3D6193bce8ea82b400012e6cdb%26utm_campaign%3DtrueAnthem%253A%2BTrending%2BContent%26utm_medium%3DtrueAnthem%26utm_source%3Dtwitter&ref=https%3A%2F%2Ft.co%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=770x150&msz=770x0&ga_vid=613568965.1637597056&ga_sid=1637597056&ga_hid=1937162484&ga_fc=false&fws=4&ohw=770&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

3c84c94e70bd37564096b570ff0a98dbc422b0fded8d2cf43bf2fa26e11a35b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 16:04:16 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10063
x-xss-protection: 0
google-lineitem-id: 5823350303
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138371350639
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.zdnet.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 53 KB
19 KB 438ms
437ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=69231929235010&correlator=543245251906768&output=ldjh&impl=fifs&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211122&iu_parts=22309610186%2Caw-zdnet%2Csecurity&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&prev_scp=pos%3Dbottom%26sl%3Dmpu-bottom%253FLL%257CT-1000%26iid%3Dunit%253Dmpu-bottom%257Cvguid%253D46f03238-12ed-4d41-b892-3369670a5bc9%257Cpv%253D1&eri=1&cust_params=test%3Drelated_rr%257C1%257Ca%26buyingcycle%3Ddiscover%26topic%3Dsecurity%252Cbanking%252Candroid%26mfr%3Dgoogle%252Cats-communications%26tag%3Dmalware%252Cbanking%252Ccyber-security%26prodtype%3Dandroid%26device%3Ddesktop%26ptype%3Darticle%26cid%3Dnew-banking-trojan-sharkbot-makes-waves-across-europe%26env%3Dprod%26user%3Danon%26userGroup%3Dfirst_impression%252Csocial_user%26type%3Dgpt%26region%3Daw%26subses%3D4%26session%3Db%26pv%3D1%26ftag%3DCOS-05-10aaa0g%26vguid%3D46f03238-12ed-4d41-b892-3369670a5bc9&cookie_enabled=1&bc=31&abxe=1&lmt=1637597056&dt=1637597056105&dlt=1637597055321&idt=430&frm=20&biw=1600&bih=1200&oid=2&adxs=1050&adys=1407&adks=3625754864&ucis=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-banking-trojan-sharkbot-makes-waves-across-europe%2F%3Fftag%3DCOS-05-10aaa0g%26taid%3D6193bce8ea82b400012e6cdb%26utm_campaign%3DtrueAnthem%253A%2BTrending%2BContent%26utm_medium%3DtrueAnthem%26utm_source%3Dtwitter&ref=https%3A%2F%2Ft.co%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=370x250&msz=370x30&ga_vid=613568965.1637597056&ga_sid=1637597056&ga_hid=1937162484&ga_fc=false&fws=4&ohw=370&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

9ee1fd501edebb80562e0856e95252de088d4ff0f753672c22d0f4096871d655

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 16:04:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19333
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.zdnet.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 353 B
527 B 105ms
36ms Script
text/html 18.171.9.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-xSErBeoFGpG4fz6GF1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-P35B1BNzsquFgA%3D%3D&sc=1&os=1-4w%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%3B4*E%3Amx5%60K&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-banking-trojan-sharkbot-makes-waves-across-europe%2F%3Fftag%3DCOS-05-10aaa0g%26taid%3D6193bce8ea82b400012e6cdb%26utm_campaign%3DtrueAnthem%253A%2BTrending%2BContent%26utm_medium%3DtrueAnthem%26utm_source%3Dtwitter&pcode=redventuresgamheader644747280705&rx=559297423070&callback=MoatNadoAllJsonpRequest_42555947
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/redventuresgamheader644747280705/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.171.9.184 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-171-9-184.eu-west-2.compute.amazonaws.com
Software: TornadoServer/4.5.3 /
Resource Hash: 035b260b05b3b5a0a62054408a3ef45b2b39e589fd55ff8c02cc86178ceb8424

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 16:04:16 GMT
cache-control: max-age=900
server: TornadoServer/4.5.3
timing-allow-origin: *
etag: "f91ad0e503bcd3bae2401ec622ab30201879cc8c"
content-length: 353
content-type: text/html; charset=UTF-8

GET
H2 200 n.js Show response
geo.moatads.com/ 96 B
269 B 121ms
38ms Script
text/html 34.246.74.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-xSErBeoFGpG4fz6GF1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-P35B1BNzsquFgA%3D%3D&sc=1&os=1-4w%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%3B4*E%3Amx5%60K&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-banking-trojan-sharkbot-makes-waves-across-europe%2F%3Fftag%3DCOS-05-10aaa0g%26taid%3D6193bce8ea82b400012e6cdb%26utm_campaign%3DtrueAnthem%253A%2BTrending%2BContent%26utm_medium%3DtrueAnthem%26utm_source%3Dtwitter&pcode=redventuresgamheader644747280705&rx=559297423070&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&i=REDVENTURES_GAM_HEADER1&hp=1&wf=1&pxm=&sgs=3&vb=6&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=https%3A%2F%2Ft.co&t=1637597056115&de=829956556486&m=0&ar=7e5b6a28623-clean&iw=a0d9f77&q=1&cb=0&cu=1637597056115&ll=2&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-banking-trojan-sharkbot-makes-waves-across-europe%2F%3Fftag%3DCOS-05-10aaa0g%26taid%3D6193bce8ea82b400012e6cdb%26utm_campaign%3DtrueAnthem%253A%2BTrending%2BContent%26utm_medium%3DtrueAnthem%26utm_source%3Dtwitter&id=1&ii=4&bo=undefined&bd=undefined&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=redventuresgamheader644747280705&fd=1&ac=1&it=500&pe=1%3A824%3A824%3A831%3A784&jk=-1&jm=-1&fs=195794&na=478205740&cs=0&ord=1637597056115&jv=463228357&callback=DOMlessLLDcallback_42555947
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/redventuresgamheader644747280705/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.74.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-74-180.eu-west-1.compute.amazonaws.com
Software: TornadoServer/4.5.3 /
Resource Hash: f20dbee1e70d8390ce94c0ed81f80d1578b79ed3f3699b574942c63cc2bcdab0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 16:04:16 GMT
cache-control: max-age=900
server: TornadoServer/4.5.3
timing-allow-origin: *
etag: "eb8a813fcab952af25e9aea42edf242ff8404d5b"
content-length: 96
content-type: text/html; charset=UTF-8

GET
H2 200 n.js Show response
geo.moatads.com/ 98 B
272 B 117ms
36ms Script
text/html 34.246.74.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-xSErBeoFGpG4fz6GF1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-P35B1BNzsquFgA%3D%3D&sc=1&os=1-4w%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%3B4*E%3Amx5%60K&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-banking-trojan-sharkbot-makes-waves-across-europe%2F%3Fftag%3DCOS-05-10aaa0g%26taid%3D6193bce8ea82b400012e6cdb%26utm_campaign%3DtrueAnthem%253A%2BTrending%2BContent%26utm_medium%3DtrueAnthem%26utm_source%3Dtwitter&pcode=redventuresgamheader644747280705&rx=559297423070&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&i=REDVENTURES_GAM_HEADER1&hp=1&wf=1&pxm=&sgs=3&vb=6&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=https%3A%2F%2Ft.co&t=1637597056115&de=829956556486&m=0&ar=7e5b6a28623-clean&iw=a0d9f77&q=2&cb=0&cu=1637597056115&ll=2&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-banking-trojan-sharkbot-makes-waves-across-europe%2F%3Fftag%3DCOS-05-10aaa0g%26taid%3D6193bce8ea82b400012e6cdb%26utm_campaign%3DtrueAnthem%253A%2BTrending%2BContent%26utm_medium%3DtrueAnthem%26utm_source%3Dtwitter&id=1&ii=4&bo=undefined&bd=undefined&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=redventuresgamheader644747280705&fd=1&ac=1&it=500&pe=1%3A824%3A824%3A831%3A784&jk=-1&jm=-1&fs=195794&na=1755852299&cs=0&callback=MoatDataJsonpRequest_42555947
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/redventuresgamheader644747280705/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.74.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-74-180.eu-west-1.compute.amazonaws.com
Software: TornadoServer/4.5.3 /
Resource Hash: 94afe7062a05c16236aa62c120d3fe0790661086cbd242a2130beacce19234e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 16:04:16 GMT
cache-control: max-age=900
server: TornadoServer/4.5.3
timing-allow-origin: *
etag: "332d0f4874ecab02330f58ba319ade5b73e3f7e5"
content-length: 98
content-type: text/html; charset=UTF-8

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 71ms
43ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 16:04:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Mon, 22 Nov 2021 16:04:16 GMT

GET
H/1.1 204
No Content / Show response
684dd32d.akstat.io/ 0
354 B 92ms
70ms XHR
image/gif 2a02:26f0:6c00:2b9::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://684dd32d.akstat.io/?h.pg=article&h.ab=related_rr_a_1&when=1637597056045&cdim.Site_View=desktop&t_other=custom4%7C728&d=zdnet.com&h.key=YZ2TK-PC7PJ-K64DL-L53CR-P2G4E&h.d=zdnet.com&h.cr=eb82793b4390d69280d5a14a643c6e41f71fce9a-d759083d-800602a4&h.t=1637597055533&http.initiator=api&rt.start=api&rt.si=098dcc78-0053-4f6f-937d-1f4a7061075d&rt.ss=1637597056421&rt.sl=0&api=1&api.v=2&api.l=js&api.lv=0.0.1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00:2b9::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 16:04:16 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.zdnet.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-XSS-Protection: 0
Expires: Mon, 22 Nov 2021 16:04:16 GMT

GET
H2 200 zdnet+1820f8a7-82a0-419e-967f-f89506886748.png
media-mtml.mt.rvapps.io/image-assets/zdnet/ 66 KB
67 KB 11ms
11ms Image
image/png 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-mtml.mt.rvapps.io/image-assets/zdnet/zdnet+1820f8a7-82a0-419e-967f-f89506886748.png
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/a/fly/141b7a-fly/js/main.default.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a5bca99152b0f9454e121f2650f9609147fcca8a6b5e499952035617948371bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 16:04:16 GMT
via: 1.1 varnish, 1.1 varnish
age: 3663
x-guploader-uploadid: ADPycdsyLmFdxsKAGlt7Rix2W_RuftkBo17MckrRPmFqL6Lyba1iCMpBKHZB2B3nbPahvurG5aMlryjAWV23netE7Bw
x-cache: HIT, HIT
x-goog-storage-class: REGIONAL
x-cache-hits: 1, 2
content-length: 67899
x-served-by: cache-chi21173-CHI, cache-fra19141-FRA
last-modified: Wed, 24 Feb 2021 16:34:33 GMT
server: UploadServer
x-timer: S1637597056.183081,VS0,VE0
etag: "71562dd332e74d8ed63ed7153ca1a752"
x-goog-hash: crc32c=hje/xA==, md5=cVYt0zLnTY7WPtcVPKGnUg==
content-type: image/png
cache-control: max-age=0, s-maxage=86400
accept-ranges: bytes
expires: Thu, 11 Nov 2021 14:01:34 GMT

OPTIONS
H2 204 record
a.myfidevs.io/ Frame 0
0 319ms
105ms Preflight 34.199.156.235
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.myfidevs.io/record
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.199.156.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-199-156-235.compute-1.amazonaws.com
Software: Python/3.7 aiohttp/3.7.4.post0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-api-key
Origin: https://www.zdnet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 22 Nov 2021 16:04:16 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-allow-headers: *
server: Python/3.7 aiohttp/3.7.4.post0

OPTIONS
H2 200 v1.5
www.myfinance.com/api/au/ Frame 0
0 205ms
160ms Preflight
text/html 2606:4700:3037::6815:2b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.myfinance.com/api/au/v1.5?imre=aHR0cHM6Ly93d3cuemRuZXQuY29tL2FydGljbGUvbmV3LWJhbmtpbmctdHJvamFuLXNoYXJrYm90LW1ha2VzLXdhdmVzLWFjcm9zcy1ldXJvcGUv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:2b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.zdnet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 22 Nov 2021 16:04:16 GMT
content-type: text/html; charset=utf-8
vary: Origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.zdnet.com
access-control-allow-headers: x-requested-with, content-type, accept, origin, authorization, x-csrftoken, x-api-key, Access-Control-Allow-Origin
access-control-allow-methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-max-age: 86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yd9RSrpxgF%2Bbt7pvMzyDilbv2mLBnAX3d1QV6GqGy51wy6vl%2BEQUMCh7lka6pSG9sRo59Z0YuSAHts0blht95IECRjaENskN4Lg%2BzvY%2BYMlqIYn2%2BJVlfi0MWql8cfTCXBN%2B95Mg2RChilq0a3cG4w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6b236481abe6432d-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 inlineMedia.css
static.myfinance.com/widget/ 3 KB
2 KB 40ms
26ms Stylesheet
text/css 2606:4700:3030::ac43:b431
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.myfinance.com/widget/inlineMedia.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:b431 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c50d5d10df377bd960648973b53891bfcaf48f457503eed023ad2c29f28e49b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 16:04:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1829
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: RM9EMK8GHMB7NW7G
x-amz-id-2: rO4/tb/v63P6c/qJxa0JBYiRUj2pmFCIHFUoYyKlU+xVn/UKNLDsHpQEB0iQ2jT47cP+krHxRTQ=
last-modified: Mon, 12 Jul 2021 14:22:18 GMT
server: cloudflare
etag: W/"528a38ce39fc58a866c1226253bbb189"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s1kVpboN%2BRV62I6%2BWeSXDgy8z9kOe3pZhcpqSumyx9hmBqZ%2BSrctMfMIRzHiT6YvSNw1%2B5L4TDMxmP8PNsW7ujY7VX7Kkz4hPhM5FNmyJtRaqV0OEpTBKgXH8NMA8GdC%2FCv7clP9RNCQSfgW162szK7KNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 6b2364816f174a8c-FRA

POST
H2 204 record Show response
a.myfidevs.io/ 0
166 B 135ms
134ms XHR
text/plain 34.199.156.235
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.myfidevs.io/record
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.199.156.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-199-156-235.compute-1.amazonaws.com
Software: Python/3.7 aiohttp/3.7.4.post0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
x-api-key: yuH27H1QId6afXAojow6Tafi7Vw9v1spaLD5Yznw
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Mon, 22 Nov 2021 16:04:16 GMT
access-control-allow-credentials: true
server: Python/3.7 aiohttp/3.7.4.post0
access-control-allow-headers: *
access-control-allow-methods: POST

POST
H3 200 v1.5 Show response
www.myfinance.com/api/au/ 1 KB
1 KB 234ms
223ms XHR
application/json 2606:4700:3037::6815:2b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.myfinance.com/api/au/v1.5?imre=aHR0cHM6Ly93d3cuemRuZXQuY29tL2FydGljbGUvbmV3LWJhbmtpbmctdHJvamFuLXNoYXJrYm90LW1ha2VzLXdhdmVzLWFjcm9zcy1ldXJvcGUv

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:2b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5cff7bfde110434ccdb2ef8e1ec164a255a7eee40baa8ed851559d26e2d9161

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 22 Nov 2021 16:04:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-type: application/json
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
allow: POST, GET
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dgB7n8J0Ce8L3QkRhDjn%2FBW6X25IZffhhrKxELVS9XqfjFteTzYKRxOsFTd6442d7Su1oUqN1vXpNi7T5IRkhn53hEkLth71ujLtGoeQZ9mM%2B%2FES4UhsQMDgAjcmFxKW46lkGUjFfbTNFVXjDVXleA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-language: en-us
access-control-allow-origin: https://www.zdnet.com
vary: Accept, Accept-Language, Origin, Cookie
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6b236482ba917021-FRA
expires: Mon, 22 Nov 2021 16:04:16 GMT

OPTIONS
H2 200 t
ingest.make.rvapps.io/v2/ Frame 0
0 332ms
106ms Preflight 184.72.183.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvapps.io/v2/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.72.183.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-72-183-173.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://www.zdnet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 22 Nov 2021 16:04:16 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 900
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

OPTIONS
H2 200 t
ingest.make.rvapps.io/v2/ Frame 0
0 329ms
107ms Preflight 184.72.183.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvapps.io/v2/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.72.183.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-72-183-173.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://www.zdnet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 22 Nov 2021 16:04:16 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 900
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

OPTIONS
H2 200 t
ingest.make.rvapps.io/v2/ Frame 0
0 328ms
107ms Preflight 184.72.183.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvapps.io/v2/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.72.183.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-72-183-173.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://www.zdnet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 22 Nov 2021 16:04:16 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 900
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

OPTIONS
H2 200 t
ingest.make.rvapps.io/v2/ Frame 0
0 327ms
106ms Preflight 184.72.183.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvapps.io/v2/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.72.183.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-72-183-173.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://www.zdnet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 22 Nov 2021 16:04:16 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 900
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 t Show response
ingest.make.rvapps.io/v2/ 138 B
271 B 149ms
148ms XHR
application/json 184.72.183.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvapps.io/v2/t
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.72.183.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-72-183-173.compute-1.amazonaws.com
Software: /
Resource Hash: 914a1e5fb452f9eaa15950cca99676679420af1fbd5f033e9c243f1de4128849

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
Accept-Language: de-DE,de;q=0.9
Authorization: Basic d2tfMWtZc0FkSHN4MVhWd1Q1RWJYOU9RWWw0bkpNOg==
Content-Type: application/json;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 22 Nov 2021 16:04:16 GMT
access-control-allow-credentials: true
content-length: 138
vary: Origin
content-type: application/json

POST
H2 200 t Show response
ingest.make.rvapps.io/v2/ 138 B
271 B 129ms
128ms XHR
application/json 184.72.183.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvapps.io/v2/t
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.72.183.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-72-183-173.compute-1.amazonaws.com
Software: /
Resource Hash: b87c45f1d64779700f784d84c40cdb0c358a056258ef43318ee7b7c3c07ee51b

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
Accept-Language: de-DE,de;q=0.9
Authorization: Basic d2tfMWtZc0FkSHN4MVhWd1Q1RWJYOU9RWWw0bkpNOg==
Content-Type: application/json;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 22 Nov 2021 16:04:16 GMT
access-control-allow-credentials: true
content-length: 138
vary: Origin
content-type: application/json

POST
H2 200 t Show response
ingest.make.rvapps.io/v2/ 138 B
271 B 130ms
130ms XHR
application/json 184.72.183.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvapps.io/v2/t
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.72.183.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-72-183-173.compute-1.amazonaws.com
Software: /
Resource Hash: f77d9714c6b72e642d375ea5dccf7925440a5fee7c37114262b5020454a18d14

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
Accept-Language: de-DE,de;q=0.9
Authorization: Basic d2tfMWtZc0FkSHN4MVhWd1Q1RWJYOU9RWWw0bkpNOg==
Content-Type: application/json;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 22 Nov 2021 16:04:16 GMT
access-control-allow-credentials: true
content-length: 138
vary: Origin
content-type: application/json

POST
H2 200 t Show response
ingest.make.rvapps.io/v2/ 138 B
271 B 116ms
115ms XHR
application/json 184.72.183.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvapps.io/v2/t
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.72.183.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-72-183-173.compute-1.amazonaws.com
Software: /
Resource Hash: 15f76772a89434e406eecaeef78f5afee1dbdd1d227487dbe0d6a00f9bfd2f4d

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
Accept-Language: de-DE,de;q=0.9
Authorization: Basic d2tfMWtZc0FkSHN4MVhWd1Q1RWJYOU9RWWw0bkpNOg==
Content-Type: application/json;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 22 Nov 2021 16:04:16 GMT
access-control-allow-credentials: true
content-length: 138
vary: Origin
content-type: application/json

GET
H2 200 xs1.html Show response
cdn.cohesionapps.com/cohesion/ Frame B117 2 KB
1 KB 10ms
9ms Document
text/html 143.204.98.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cohesionapps.com/cohesion/xs1.html
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-124.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: afac3a301d848688d0748228296ec7ae26369f67c2df29f3f480ef3ab0bc6ef9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter

Response headers

content-type: text/html
last-modified: Thu, 18 Nov 2021 13:26:43 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: null
server: AmazonS3
content-encoding: gzip
date: Mon, 22 Nov 2021 03:19:18 GMT
etag: W/"10b2c1751c2247b1aeccc91060f971cf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Cc3c4K1xhCwiLdipICdr5p5NCzu66p7I-B0Mpyvf-irmBhrIJkXEhw==
age: 45903

GET
H2 200 public Show response
taggy.cohesionapps.com/implementations/ 8 KB
8 KB 113ms
113ms XHR
application/json 52.7.5.26
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://taggy.cohesionapps.com/implementations/public
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.7.5.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-7-5-26.compute-1.amazonaws.com
Software: / Express
Resource Hash: 0a830965bf0ca79c75b43b1daac3fd85af97805d62d551b7773792b2a9eac461

Request headers

Source-Key: src_1kYsAcdpfzbZ8UlNLYht1RPg3m2
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
Accept-Language: de-DE,de;q=0.9
Page-URL: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 22 Nov 2021 16:04:16 GMT
x-powered-by: Express
etag: W/"2036-w2pJk5XK3C/Qt0xt8xobw0SHNLc"
content-length: 8246
content-type: application/json; charset=utf-8

OPTIONS
H2 204 public
taggy.cohesionapps.com/implementations/ Frame 0
0 355ms
111ms Preflight 52.7.5.26
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://taggy.cohesionapps.com/implementations/public
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.7.5.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-7-5-26.compute-1.amazonaws.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type,page-url,source-key
Origin: https://www.zdnet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 22 Nov 2021 16:04:16 GMT
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: content-type,page-url,source-key

GET
H2 200 zdnet+fa2f3639-9276-4a24-889a-d265cf546d93.png
media-mtml.mt.rvapps.io/image-assets/zdnet/ 186 KB
186 KB 18ms
17ms Image
image/png 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-mtml.mt.rvapps.io/image-assets/zdnet/zdnet+fa2f3639-9276-4a24-889a-d265cf546d93.png
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/a/fly/141b7a-fly/js/main.default.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 8aa891f09153fae1df0c870f2452ef8c9e1e25625eb3596e227f0d533f3644cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 16:04:16 GMT
via: 1.1 varnish, 1.1 varnish
age: 0
x-guploader-uploadid: ADPycdsxAC5zliUE9Z5fYDcoZBbqPVNzjQb0S86-Mq9HvNezYFc3XEtoxHlW4Mmrsw7r8PBXZKwxuDKcMd3rto_hYGOjeeZDHA
x-cache: MISS, HIT
x-goog-storage-class: REGIONAL
x-cache-hits: 0, 1
content-length: 190493
x-served-by: cache-chi21124-CHI, cache-fra19141-FRA
last-modified: Thu, 11 Nov 2021 10:18:16 GMT
server: UploadServer
x-timer: S1637597056.258426,VS0,VE0
etag: "e14bdf87d66c7b0f5c3a1dde451a38e2"
x-goog-hash: crc32c=BLds9w==, md5=4Uvfh9Zsew9cOh3eRRo44g==
content-type: image/png
cache-control: private, max-age=0
accept-ranges: bytes
expires: Mon, 22 Nov 2021 16:04:15 GMT

GET
H3 200 container.html Show response
85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6A4E 6 KB
3 KB 24ms
8ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 22 Nov 2021 16:04:16 GMT
expires: Tue, 22 Nov 2022 16:04:16 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 zdnet+aacd1659-9051-42bd-8a75-a059081d0958.png
media-mtml.mt.rvapps.io/image-assets/zdnet/ 290 KB
291 KB 8ms
7ms Image
image/png 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-mtml.mt.rvapps.io/image-assets/zdnet/zdnet+aacd1659-9051-42bd-8a75-a059081d0958.png
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/a/fly/141b7a-fly/js/main.default.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 9f4b2bd8b5636a2efd3f471694a3f7ff2dd3451e9bd7fc3daa3d3dd41607398c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 16:04:16 GMT
via: 1.1 varnish, 1.1 varnish
age: 0
x-guploader-uploadid: ADPycdv2xgy4xPBRvphjHiU_TRI_PIIBzhWuIJc4rr9J5cnL2QQqxSanJcNbulrYBigacRlvT2vUsqmku1hvq67JKnVwJJukxg
x-cache: MISS, HIT
x-goog-storage-class: REGIONAL
x-cache-hits: 0, 1
content-length: 297151
x-served-by: cache-chi21138-CHI, cache-fra19141-FRA
last-modified: Wed, 10 Nov 2021 17:13:22 GMT
server: UploadServer
x-timer: S1637597056.301225,VS0,VE0
etag: "655d83a84d0e3e7f28f7f3f8fb6ab0b6"
x-goog-hash: crc32c=nm7odQ==, md5=ZV2DqE0OPn8o9/P4+2qwtg==
content-type: image/png
cache-control: private, max-age=0
accept-ranges: bytes
expires: Mon, 22 Nov 2021 16:04:15 GMT

POST
H/1.1 200
OK NRBR-a22c617a7b2aab2da1c Show response
bam-cell.nr-data.net/events/1/ 24 B
501 B 138ms
137ms XHR
image/gif 162.247.243.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/events/1/NRBR-a22c617a7b2aab2da1c?a=695782443&v=1212.e95d35c&to=NgYBNkBYWEEEAURQWg9MIgFGUFlcSgNCTVwCDwY9QVBYVQkH&rst=1712&ck=1&ref=https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
content-type: text/plain

Response headers

Date: Mon, 22 Nov 2021 16:04:16 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.zdnet.com
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 6b236481e8934a68-FRA
Content-Length: 24

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame AC8B 12 KB
5 KB 23ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Mon, 22 Nov 2021 15:49:35 GMT
expires: Tue, 22 Nov 2022 15:49:35 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 881
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B379 783 B
1 KB 42ms
17ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3d9f5324cc8086574958194a80c0c709dcfd3d797620de8b9fa151dd26f98dc8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XTg1YhriMVecaunIzRBePg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 22 Nov 2021 16:04:16 GMT
date: Mon, 22 Nov 2021 16:04:16 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-XTg1YhriMVecaunIzRBePg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 510
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 xs2.html Show response
cdn.cohesionapps.com/cohesion/ Frame B117 473 B
835 B 8ms
8ms Document
text/html 143.204.98.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cohesionapps.com/cohesion/xs2.html
Requested by: Host: cdn.cohesionapps.com
URL: https://cdn.cohesionapps.com/cohesion/xs1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-124.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 88b8a3cb9df436d6910440c58428516accee080be4fa556d3cf10ec6905cf1b9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.cohesionapps.com/cohesion/xs1.html

Response headers

content-type: text/html
content-length: 473
last-modified: Thu, 18 Nov 2021 13:26:43 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Sun, 21 Nov 2021 22:21:43 GMT
etag: "ffa03bed298484a7755ca23c5431cb28"
x-cache: Hit from cloudfront
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: vLAvBHznXcD6rMfcVCi8cIBwwtZneRAvqAZxIZztWcOaHrArEiaDaA==
age: 63757

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 6A4E 22 KB
7 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com
URL: https://85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 11:48:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15332
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 22 Nov 2022 11:48:44 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6A4E 4 KB
1 KB 48ms
24ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700&lang=de

Requested by

Host: 85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com
URL: https://85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8aed12b8b95a1d49011f3e134dc8e71804a3576818d1d1334145aaa96d71aa5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 22 Nov 2021 16:04:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 22 Nov 2021 16:04:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 Nov 2021 16:04:16 GMT

GET
H3

200

B26699368.318388975;dc_pre=COCb07asrPQCFSLmuwgdtN0Pzw;dc_trk_aid=510968212;dc_trk_cid=160531770;ord=1943016608;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N1153793.3518201CBSINTERACTIVEUK/ Frame 6A4E
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N1153793.3518201CBSINTERACTIVEUK/B26699368.318388975;dc_trk_aid=510968212;dc_trk_cid=160531770;ord=1943016608;dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
https://ad.doubleclick.net/ddm/trackimp/N1153793.3518201CBSINTERACTIVEUK/B26699368.318388975;dc_pre=COCb07asrPQCFSLmuwgdtN0Pzw;dc_trk_aid=510968212;dc_trk_cid=160531770;ord=1943016608;dc_lat=;dc_rd...

42 B
65 B

45ms
30ms

Image
image/gif

216.58.212.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N1153793.3518201CBSINTERACTIVEUK/B26699368.318388975;dc_pre=COCb07asrPQCFSLmuwgdtN0Pzw;dc_trk_aid=510968212;dc_trk_cid=160531770;ord=1943016608;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?

Requested by

Host: 85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com
URL: https://85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

216.58.212.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 16:04:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 16:04:16 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N1153793.3518201CBSINTERACTIVEUK/B26699368.318388975;dc_pre=COCb07asrPQCFSLmuwgdtN0Pzw;dc_trk_aid=510968212;dc_trk_cid=160531770;ord=1943016608;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 2313958552335286199
tpc.googlesyndication.com/simgad/ Frame 6A4E 838 KB
838 KB 10ms
10ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2313958552335286199?

Requested by

Host: 85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com
URL: https://85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b505f5d393b6b62983f657a23b1e1919e169a34141db106f666a7099248a6e9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 15:55:24 GMT
x-content-type-options: nosniff
age: 432532
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 857621
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 17:32:44 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 17 Nov 2022 15:55:24 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6A4E 119 KB
37 KB 103ms
81ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com
URL: https://85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 16:04:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 22 Nov 2021 16:04:16 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/redventuresgamdisplay60805146916/ Frame 6A4E 335 KB
112 KB 8ms
7ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/redventuresgamdisplay60805146916/moatad.js
Requested by: Host: 85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com
URL: https://85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f40e742b5c3fbfe8b422267d62427039ea3fc64f314e0507ad8f9418069b5796

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 16:04:16 GMT
content-encoding: gzip
last-modified: Thu, 04 Nov 2021 17:56:16 GMT
server: AmazonS3
x-amz-request-id: 0YXEKRETNSDAW5KG
etag: "f312b221978540b1bae8fcc427275c6d"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=37975
accept-ranges: bytes
content-length: 114431
x-amz-id-2: C2t+mu2GZvJNKTG4eZ/V+8bR1oCrooil5vrwV8fQM0MPX2xFEpH5YHFIGiF07pva+kqFl1UYyJI=

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012111011823000/ Frame 20B2 189 KB
55 KB 30ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111171629/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 491622
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55592
x-xss-protection: 0
server: sffe
date: Tue, 16 Nov 2021 23:30:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "11dee2040f5fc1d7"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 16 Nov 2022 23:30:34 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 20B2 13 KB
5 KB 39ms
15ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111171629/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 589920
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4992
x-xss-protection: 0
server: sffe
date: Mon, 15 Nov 2021 20:12:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "858600ba27ef7413"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 15 Nov 2022 20:12:16 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 20B2 89 KB
28 KB 40ms
16ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-analytics-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111171629/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 469469
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28555
x-xss-protection: 0
server: sffe
date: Wed, 17 Nov 2021 05:39:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a64e482645fd262b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 17 Nov 2022 05:39:47 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 20B2 5 KB
2 KB 42ms
19ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-fit-text-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111171629/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 493066
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1731
x-xss-protection: 0
server: sffe
date: Tue, 16 Nov 2021 23:06:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "cb4f0e89d7d37d9b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 16 Nov 2022 23:06:30 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 20B2 40 KB
13 KB 43ms
20ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-form-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111171629/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 493452
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12826
x-xss-protection: 0
server: sffe
date: Tue, 16 Nov 2021 23:00:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f02165e023e70703"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 16 Nov 2022 23:00:04 GMT

GET
DATA 200
OK truncated
/ Frame 20B2 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 15d822764234aff49119c215a88e3a6570111a715b17ba3511170067b7443b3f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK pixel
protected-by.clarium.io/ 68 B
345 B 52ms
11ms Image
image/png 18.194.83.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_SjNVWEZlZTF4Y2xZLWJmRmxXaDFtSVpfcGhVLzI4NzA3ODYwNzU6NzI4eDkw&v=5&s=v31fl4683d9&sb=-1&h=www.zdnet.com&cb=2126705&d=eyJ3aCI6IlNqTlZXRVpsWlRGNFkyeFpMV0ptUm14WGFERnRTVnBmY0doVkx6STROekEzT0RZd056VTZOekk0ZURrdyIsIndkIjp7Im8iOjI4NzA3ODYwNzUsInciOiI3MjgiLCJoIjoiOTAifSwid3IiOjJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.83.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-83-218.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 16:04:16 GMT
Server: nginx/1.14.0 (Ubuntu)
Content-Type: image/png
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 68
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 14271716927412036810
tpc.googlesyndication.com/simgad/ Frame 20B2 5 KB
5 KB 8ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14271716927412036810?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmNAAvSZFHYelD_4FU1QKTZk6-GOw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8542bf67ba9c4f606f81e7712ae864ab488925129decdba1932ffbbffd44c126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 10:03:39 GMT
x-content-type-options: nosniff
age: 280837
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4843
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 09:58:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 19 Nov 2022 10:03:39 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 20B2 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 21 Nov 2021 20:15:16 GMT
x-content-type-options: nosniff
server: cafe
age: 71340
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Mon, 22 Nov 2021 20:15:16 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 20B2 295 B
319 B 7ms
6ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 05:43:34 GMT
x-content-type-options: nosniff
server: cafe
age: 37242
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 23 Nov 2021 05:43:34 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 20B2 0
0 36ms
17ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTOLMvBpyFzsfY4GBpMNDdvHC_ys-d_ZwLfr4ZJWJfAmzp7KAzOnlyteK--sptNJOdnlwPJxRIQdGN-L1pMymbP6sZghA
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 20B2 0
0 55ms
54ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C3MjngL-bYdXfA5TV7_UPtIm8gAPRhs_PZrqf1Pn0DpbTy3kQASD3u8eDAWCVgoCAyAegAf-lgIkDyAECqQITIuCyIOqyPuACAKgDAcgDCKoE2AJP0OA9K0RurCRyp8miX1-NiaUEnG_b3picH1xWju0CwEwHk3n8XHJNeSyfObTwaUI8FymZCxRE9OnYJizdi6Cz3i89IciBq7LxDAXRQnPuDsCT_pIWNu3V0Xp9kzLQhy9Zu8lZmVAIk2ucPA-yCPTLHBbmIAaI9sPDGzFpgOIo1h1LJkxZ9aQuP2Og8xglZELwc8aKFKDkyTuB-qJykDg7Z4lSpY3q6dBQ7Y5wQxHnxdF9zxcNMbFNtO7ZSPQm9bZrK1OMldL3Fao1IuUWHi6b0niOzZpCXwQoO4Hwtf95A0BaZLH516pIiG6vdYIhKPqi8-KOLFaL2Bvf1siKJlQvoIzsVUD_ZfRgRRJacK5qn2PVQQqgIiKp92CsRYGZCcTnmSSdZHxU4JE8VRO12uq-RseU0Pf2o9OVGfd3j_DRQTo2uiZ3Zd0OkWlB12AKafegbYGvMaustcAE4K3xyvYD4AQBkgUECAQYAZIFBAgFGASgBgKAB-nZ_3aoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDgwCTSCAkIiOGAEBABGB2ACgPICwHYEw3QFQGAFwGyFx4KHAgAEhRwdWItODgyMDM2MjYwNTcxMTE5NhjJm3o&sigh=jsiV5Cu2Hhw&uach_m=[UACH]&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
8ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=REDVENTURES_GAM_HEADER1&hp=1&zMoatAdUnit1=aw-zdnet&zMoatAdUnit2=security&wf=1&ra=3&pxm=&sgs=3&vb=6&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=https%3A%2F%2Ft.co&t=1637597056115&de=227713099391&rx=559297423070&m=0&ar=7e5b6a28623-clean&iw=a0d9f77&q=3&cb=0&cu=1637597056115&ll=2&lm=0&ln=0&em=0&en=0&d=5024496911%3A2870786075%3A5718138840%3A138352803033&zMoatAType=content_article&zMoatTest=zdnet&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-banking-trojan-sharkbot-makes-waves-across-europe%2F%3Fftag%3DCOS-05-10aaa0g%26taid%3D6193bce8ea82b400012e6cdb%26utm_campaign%3DtrueAnthem%253A%2BTrending%2BContent%26utm_medium%3DtrueAnthem%26utm_source%3Dtwitter&id=1&ii=4&bo=aw-zdnet&bd=security&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=redventuresgamheader644747280705&fd=1&ac=1&it=500&zMoatpos=nav&zMoatvguid=-&zMoatptype=-&zMoatsl=nav-ad-plus-leader%3FT-1000&pe=1%3A824%3A824%3A831%3A784&jk=-1&jm=-1&fs=195794&na=429259230&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 16:04:16 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 22 Nov 2021 16:04:16 GMT

OPTIONS
H2 200 t
ingest.make.rvapps.io/v2/ Frame 0
0 106ms
103ms Preflight 184.72.183.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvapps.io/v2/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.72.183.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-72-183-173.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://www.zdnet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 22 Nov 2021 16:04:16 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 900
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 t Show response
ingest.make.rvapps.io/v2/ 138 B
271 B 150ms
149ms XHR
application/json 184.72.183.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvapps.io/v2/t
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.72.183.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-72-183-173.compute-1.amazonaws.com
Software: /
Resource Hash: 514cde76833bbb8f2303b54be841b31d44d54a70e552dd317d0c2e43681740d4

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
Accept-Language: de-DE,de;q=0.9
Authorization: Basic d2tfMWtZc0FkSHN4MVhWd1Q1RWJYOU9RWWw0bkpNOg==
Content-Type: application/json;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 22 Nov 2021 16:04:16 GMT
access-control-allow-credentials: true
content-length: 138
vary: Origin
content-type: application/json

POST
H2 200 t Show response
ingest.make.rvapps.io/v2/ 138 B
271 B 131ms
131ms XHR
application/json 184.72.183.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvapps.io/v2/t
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.72.183.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-72-183-173.compute-1.amazonaws.com
Software: /
Resource Hash: 816c5b4567ad1085a3755393c050814529c332dbfbefeaa89f59dd7b2c4ac7a4

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
Accept-Language: de-DE,de;q=0.9
Authorization: Basic d2tfMWtZc0FkSHN4MVhWd1Q1RWJYOU9RWWw0bkpNOg==
Content-Type: application/json;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 22 Nov 2021 16:04:16 GMT
access-control-allow-credentials: true
content-length: 138
vary: Origin
content-type: application/json

OPTIONS
H2 200 t
ingest.make.rvapps.io/v2/ Frame 0
0 111ms
104ms Preflight 184.72.183.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvapps.io/v2/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.72.183.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-72-183-173.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://www.zdnet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 22 Nov 2021 16:04:16 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 900
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6A4E 0
0 52ms
50ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvXWyNb-2WQ5LPnrgip370Tuwm4vltriMC0EqL56NZHdGi-6d5OSJ7nm8XD8ji8wt_d8vN6KssyylHx_aXlk0XNSGcF-sI9OwkchuUXPszD7pF5NT7LXhorjnyZeYFpgCuhFo1Y3hJCUsblygIREwxQT_A5njoGCAzsFaQV1gVie1Uuvkhqbk-vIT4lfHnO6qCV2H4i9O77aKv2x4vSF62JZ_HZhUOGS0qhHbghO0u8F5-dIz78azXMF6k0QeyijzKjT-6jC_xMiijYD1T0nFa2ZsfD7tK6ly520K0IspG0Ndhg0GdKyicaSz6IXDwExQXn4GirBg&sai=AMfl-YT8cn_dnKGsMH1tD8jWrb524lnyJvStpcx6X2mdCOVPCen_7pZitfKZG2XLz_V4ovn76NF1n3Ve2S6DzOh4QsN8TLs1J8_JBA_Hg4kp-HWZ1--TaO2InYXYgmE7Gq4&sig=Cg0ArKJSzAy8Pvp7JIn4EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com
URL: https://85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 16:04:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 22 Nov 2021 16:04:16 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 6A4E 15 KB
16 KB 30ms
6ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&lang=de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:39:48 GMT
x-content-type-options: nosniff
age: 267868
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 19 Nov 2022 13:39:48 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 6A4E 15 KB
16 KB 34ms
11ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&lang=de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 17:56:19 GMT
x-content-type-options: nosniff
age: 425277
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 17 Nov 2022 17:56:19 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B379 0
0 60ms
45ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021111601&jk=69231929235010&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012111011823000/ Frame 00AB 189 KB
54 KB 26ms
7ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111171629/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 491622
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55592
x-xss-protection: 0
server: sffe
date: Tue, 16 Nov 2021 23:30:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "11dee2040f5fc1d7"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 16 Nov 2022 23:30:34 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 00AB 13 KB
5 KB 38ms
20ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111171629/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 589920
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4992
x-xss-protection: 0
server: sffe
date: Mon, 15 Nov 2021 20:12:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "858600ba27ef7413"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 15 Nov 2022 20:12:16 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 00AB 89 KB
28 KB 38ms
20ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-analytics-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111171629/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 469469
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28555
x-xss-protection: 0
server: sffe
date: Wed, 17 Nov 2021 05:39:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a64e482645fd262b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 17 Nov 2022 05:39:47 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 00AB 5 KB
2 KB 37ms
20ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-fit-text-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111171629/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 493066
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1731
x-xss-protection: 0
server: sffe
date: Tue, 16 Nov 2021 23:06:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "cb4f0e89d7d37d9b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 16 Nov 2022 23:06:30 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 00AB 40 KB
13 KB 24ms
7ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-form-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111171629/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 493452
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12826
x-xss-protection: 0
server: sffe
date: Tue, 16 Nov 2021 23:00:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f02165e023e70703"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 16 Nov 2022 23:00:04 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 00AB 2 KB
2 KB 8ms
8ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111171629/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 21 Nov 2021 20:15:16 GMT
x-content-type-options: nosniff
server: cafe
age: 71340
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Mon, 22 Nov 2021 20:15:16 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 00AB 295 B
319 B 8ms
8ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111171629/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 05:43:34 GMT
x-content-type-options: nosniff
server: cafe
age: 37242
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 23 Nov 2021 05:43:34 GMT

GET
DATA 200
OK truncated
/ Frame 00AB 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae082ab699acd7d8674e1c8796930d21b314aa7959704c0d26e82c6f07084f4c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK pixel
protected-by.clarium.io/ 68 B
345 B 12ms
11ms Image
image/png 18.194.83.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_SjNVWEZlZTF4Y2xZLWJmRmxXaDFtSVpfcGhVLzI4NzA3ODYwNzU6MzAweDYwMA==&v=5&s=v31fl4683ft&sb=-1&h=www.zdnet.com&cb=1291408&d=eyJ3aCI6IlNqTlZXRVpsWlRGNFkyeFpMV0ptUm14WGFERnRTVnBmY0doVkx6STROekEzT0RZd056VTZNekF3ZURZd01BPT0iLCJ3ZCI6eyJvIjoyODcwNzg2MDc1LCJ3IjoiMzAwIiwiaCI6IjYwMCJ9LCJ3ciI6Mn0=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.83.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-83-218.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 16:04:16 GMT
Server: nginx/1.14.0 (Ubuntu)
Content-Type: image/png
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 68
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 460918785823631131
tpc.googlesyndication.com/simgad/ Frame 00AB 80 KB
80 KB 8ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/460918785823631131?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkHQ5HSt9eOFqvscvXWvCS7-0izbg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52a334839997f9a6b5058a4034dbc89651c7ab64d3eef1f3bf77f9334e32bc9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 20:12:24 GMT
x-content-type-options: nosniff
age: 503512
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 81830
x-xss-protection: 0
last-modified: Wed, 06 Jan 2021 01:22:44 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 16 Nov 2022 20:12:24 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 00AB 0
0 54ms
54ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CkmzRgL-bYeH1CJnh7_UPy7-6mAmd_rPEZsO30-eIDZbTy3kQASD3u8eDAWCVgoCAyAegAa73mdIDyAECqQJZH4gRpIyqPuACAKgDAcgDCKoE4QJP0KJVzkYBKWi1JVhSxEZyAV-QX9qHpmCL2BHYTuyz8JE3ylBv3kPTReaBPMVaVmmQ1Jk32T1N7O7W_I9hXstQFZY1KPjKKHWRCc-j1q0qtBcSabpNuSF1wOoGl0FEe7fnjTr08fb9NHCZN-l2UkJW1PlL9oDDNAm2RZTAjY8V7hgQFmo0nWQz1vizGk9Q3d2PqpmE3bDUrCOG3w4dSgfa5kVcBWVCjbbb7ZBg7X3m5g4HBB0T0cw9_wITRRIXVcUbdtAH0Evxs9UQHLlGFCiSHoRLQqOg82ZZrusdg9aa4PTM--5boUl7Cz5U07eTeagR959t289d5oyKjEowfc4uveuCZdXm_p-8KDxwxP-X84dpKWZJoi85QuId8w2rQnqMMzLwMMU-VNIzfD6IRo0KL-OVVS9LR-ZRg88Y1iJ7iocgjNyzMYDievf3SIWl-bNyBwA-uSnyVCY8Xg9vXO7rYMAEpNjm7cQD4AQBkgUECAQYAZIFBAgFGASgBgKAB7qI5i2oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDovBjSCAkIiOGAEBABGB2ACgPICwHYEwzQFQGAFwGyFx4KHAgAEhRwdWItODgyMDM2MjYwNTcxMTE5NhjJm3o&sigh=tG0hjQm9MuY&uach_m=[UACH]&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 7ms
7ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=REDVENTURES_GAM_HEADER1&hp=1&zMoatAdUnit1=aw-zdnet&zMoatAdUnit2=security&wf=1&ra=3&pxm=&sgs=3&vb=6&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=https%3A%2F%2Ft.co&t=1637597056115&de=134299799349&rx=559297423070&m=0&ar=7e5b6a28623-clean&iw=a0d9f77&q=4&cb=0&cu=1637597056115&ll=2&lm=0&ln=0&em=0&en=0&d=5024496911%3A2870786075%3A5718138840%3A138352803033&zMoatAType=content_article&zMoatTest=zdnet&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-banking-trojan-sharkbot-makes-waves-across-europe%2F%3Fftag%3DCOS-05-10aaa0g%26taid%3D6193bce8ea82b400012e6cdb%26utm_campaign%3DtrueAnthem%253A%2BTrending%2BContent%26utm_medium%3DtrueAnthem%26utm_source%3Dtwitter&id=1&ii=4&bo=aw-zdnet&bd=security&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=redventuresgamheader644747280705&fd=1&ac=1&it=500&zMoatpos=top&zMoatvguid=-&zMoatptype=-&zMoatsl=mpu-plus-top%3FLL%7CT-1000&pe=1%3A824%3A824%3A831%3A784&jk=-1&jm=-1&fs=195794&na=1512991423&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 16:04:16 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 22 Nov 2021 16:04:16 GMT

GET
DATA 200
OK truncated
/ Frame 6A4E 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: af8fb029061e1df61de7659ae089d32efccef1dd44ab5c732187621b7cb5fe20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 n.js Show response
geo.moatads.com/ Frame 6A4E 96 B
269 B 38ms
38ms Script
text/html 34.246.74.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ol=3408615744&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-wz%2BHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-kd5aRxmAS248Xw%3D%3D&sc=1&os=1-1Q%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=770&qe=121&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=REDVENTURES_GAM_DISPLAY1&hp=1&ra=1&pxm=&sgs=3&bo=22308610192&bp=22364980590&bd=undefined&zMoatNotCnet=true&zMoatPT=article&zMoatFT=COS-05-10aaa0g&zMoatSZ=0x0&zMoatPS=top&zMoatSZPS=0x0%20%7C%20top&zMoatPTAT=article&zMoatPTATSECT=article&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fwww.zdnet.com&lp=https%3A%2F%2Fwww.zdnet.com&t=1637597056568&de=820238277060&m=0&ar=b4494b788bb-clean&iw=5b2ce75&q=2&cb=0&ym=0&cu=1637597056568&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=5029661432%3A2929336068%3A5823350303%3A138371350639&zMoatW=0&zMoatH=0&zMoatVGUID=46f03238-12ed-4d41-b892-3369670a5bc9&zMoatSN=b&zMoatSL=sharethrough-top%3FLL%7CT-1000&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fnew-banking-trojan-sharkbot-makes-waves-across-europe&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-banking-trojan-sharkbot-makes-waves-across-europe%2F%3Fftag%3DCOS-05-10aaa0g%26taid%3D6193bce8ea82b400012e6cdb%26utm_campaign%3DtrueAnthem%253A%2BTrending%2BContent%26utm_medium%3DtrueAnthem%26utm_source%3Dtwitter&id=1&ii=3&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22364980590&dfp=0%2C1&la=22364980590&gw=redventuresgamdisplay60805146916&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A87%3A-%3A0%3A0&iq=na&tt=na&tu=&tp=&jk=-1&jm=-1&fs=195602&na=636635414&cs=0&ord=1637597056568&jv=28551959&callback=DOMlessLLDcallback_7413979
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/redventuresgamdisplay60805146916/moatad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.74.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-74-180.eu-west-1.compute.amazonaws.com
Software: TornadoServer/4.5.3 /
Resource Hash: 527dc53f94ab0f44263231857f9318476af93b8d35df919e53393f6ec61c90f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 16:04:16 GMT
cache-control: max-age=900
server: TornadoServer/4.5.3
timing-allow-origin: *
etag: "b5409040f8f124c33cd9f7cf82c76b37fe1f9b4b"
content-length: 96
content-type: text/html; charset=UTF-8

GET
H2 200 n.js Show response
geo.moatads.com/ Frame 6A4E 98 B
270 B 40ms
40ms Script
text/html 34.246.74.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ol=3408615744&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-wz%2BHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-kd5aRxmAS248Xw%3D%3D&sc=1&os=1-1Q%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=770&qe=121&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=REDVENTURES_GAM_DISPLAY1&hp=1&ra=1&pxm=&sgs=3&bo=22308610192&bp=22364980590&bd=undefined&zMoatNotCnet=true&zMoatPT=article&zMoatFT=COS-05-10aaa0g&zMoatSZ=0x0&zMoatPS=top&zMoatSZPS=0x0%20%7C%20top&zMoatPTAT=article&zMoatPTATSECT=article&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fwww.zdnet.com&lp=https%3A%2F%2Fwww.zdnet.com&t=1637597056568&de=820238277060&m=0&ar=b4494b788bb-clean&iw=5b2ce75&q=3&cb=0&ym=0&cu=1637597056568&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=5029661432%3A2929336068%3A5823350303%3A138371350639&zMoatW=0&zMoatH=0&zMoatVGUID=46f03238-12ed-4d41-b892-3369670a5bc9&zMoatSN=b&zMoatSL=sharethrough-top%3FLL%7CT-1000&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fnew-banking-trojan-sharkbot-makes-waves-across-europe&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-banking-trojan-sharkbot-makes-waves-across-europe%2F%3Fftag%3DCOS-05-10aaa0g%26taid%3D6193bce8ea82b400012e6cdb%26utm_campaign%3DtrueAnthem%253A%2BTrending%2BContent%26utm_medium%3DtrueAnthem%26utm_source%3Dtwitter&id=1&ii=3&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22364980590&dfp=0%2C1&la=22364980590&gw=redventuresgamdisplay60805146916&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A87%3A-%3A0%3A0&iq=na&tt=na&tu=&tp=&jk=-1&jm=-1&fs=195602&na=2029909943&cs=0&callback=MoatDataJsonpRequest_7413979
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/redventuresgamdisplay60805146916/moatad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.74.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-74-180.eu-west-1.compute.amazonaws.com
Software: TornadoServer/4.5.3 /
Resource Hash: 2e69746041c55bf0f480952a7d1140cb5fddae77ffdc4ff455c187ee5af87397

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 16:04:16 GMT
cache-control: max-age=900
server: TornadoServer/4.5.3
timing-allow-origin: *
etag: "3c176afedca7e401bdacfec2ae557400d36ef692"
content-length: 98
content-type: text/html; charset=UTF-8

GET
H2 200 pixel.gif
px.moatads.com/ Frame 6A4E 43 B
260 B 7ms
7ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=REDVENTURES_GAM_DISPLAY1&hp=1&ra=1&pxm=&sgs=3&bo=22308610192&bp=22364980590&bd=undefined&zMoatNotCnet=true&zMoatPT=article&zMoatFT=COS-05-10aaa0g&zMoatSZ=0x0&zMoatPS=top&zMoatSZPS=0x0%20%7C%20top&zMoatPTAT=article&zMoatPTATSECT=article&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fwww.zdnet.com&lp=https%3A%2F%2Fwww.zdnet.com&t=1637597056568&de=820238277060&m=0&ar=b4494b788bb-clean&iw=5b2ce75&q=4&cb=0&ym=0&cu=1637597056568&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=5029661432%3A2929336068%3A5823350303%3A138371350639&zMoatW=0&zMoatH=0&zMoatVGUID=46f03238-12ed-4d41-b892-3369670a5bc9&zMoatSN=b&zMoatSL=sharethrough-top%3FLL%7CT-1000&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fnew-banking-trojan-sharkbot-makes-waves-across-europe&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-banking-trojan-sharkbot-makes-waves-across-europe%2F%3Fftag%3DCOS-05-10aaa0g%26taid%3D6193bce8ea82b400012e6cdb%26utm_campaign%3DtrueAnthem%253A%2BTrending%2BContent%26utm_medium%3DtrueAnthem%26utm_source%3Dtwitter&id=1&ii=3&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22364980590&dfp=0%2C1&la=22364980590&gw=redventuresgamdisplay60805146916&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A87%3A-%3A0%3A0&iq=na&tt=na&tu=&tp=&jk=-1&jm=-1&fs=195602&na=1977802588&cs=0
Requested by: Host: 85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com
URL: https://85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 16:04:16 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 22 Nov 2021 16:04:16 GMT

GET
H2 200 zdnet+9785e807-14e2-4311-a6cb-2a1f0019704d.png
media-mtml.mt.rvapps.io/image-assets/zdnet/ 1 MB
1 MB 8ms
7ms Image
image/png 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-mtml.mt.rvapps.io/image-assets/zdnet/zdnet+9785e807-14e2-4311-a6cb-2a1f0019704d.png
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/a/fly/141b7a-fly/js/main.default.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 6e613560cec9fd4e47e04029561769e9e9d4f28d0592b217f007772f00348cfe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 16:04:16 GMT
via: 1.1 varnish, 1.1 varnish
age: 566
x-guploader-uploadid: ADPycdt-YMVVyvdqBvS8oyyuFfoNE0MBw9DIKbjCr7Yjj1nVFQHr9BUaSnJ01pQs1v99wH0cjKH6h7PHSuGgYBVTgTM
x-cache: HIT, HIT
x-goog-storage-class: REGIONAL
x-cache-hits: 1, 1
content-length: 1108501
x-served-by: cache-chi21152-CHI, cache-fra19141-FRA
last-modified: Thu, 30 Sep 2021 12:13:16 GMT
server: UploadServer
x-timer: S1637597057.638734,VS0,VE0
etag: "771cd46176f66e8369b8d0c7e1c4bf31"
x-goog-hash: crc32c=z8YEQQ==, md5=dxzUYXb2boNpuNDH4cS/MQ==
content-type: image/png
cache-control: private, max-age=0
accept-ranges: bytes
expires: Mon, 22 Nov 2021 15:54:49 GMT

GET
H3 200 container.html Show response
85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2B49 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 22 Nov 2021 16:04:16 GMT
expires: Tue, 22 Nov 2022 16:04:16 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012111011823000/ Frame D710 189 KB
54 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111171629/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 491622
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55592
x-xss-protection: 0
server: sffe
date: Tue, 16 Nov 2021 23:30:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "11dee2040f5fc1d7"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 16 Nov 2022 23:30:34 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame D710 13 KB
5 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111171629/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 589920
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4992
x-xss-protection: 0
server: sffe
date: Mon, 15 Nov 2021 20:12:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "858600ba27ef7413"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 15 Nov 2022 20:12:16 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame D710 89 KB
28 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-analytics-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111171629/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 469469
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28555
x-xss-protection: 0
server: sffe
date: Wed, 17 Nov 2021 05:39:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a64e482645fd262b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 17 Nov 2022 05:39:47 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame D710 5 KB
2 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-fit-text-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111171629/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 493066
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1731
x-xss-protection: 0
server: sffe
date: Tue, 16 Nov 2021 23:06:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "cb4f0e89d7d37d9b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 16 Nov 2022 23:06:30 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame D710 40 KB
13 KB 14ms
12ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-form-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111171629/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 493452
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12826
x-xss-protection: 0
server: sffe
date: Tue, 16 Nov 2021 23:00:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f02165e023e70703"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 16 Nov 2022 23:00:04 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D710 4 KB
618 B 32ms
15ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111171629/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 22 Nov 2021 14:19:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 22 Nov 2021 16:04:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 Nov 2021 16:04:16 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D710 4 KB
618 B 33ms
17ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&text=

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111171629/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 22 Nov 2021 14:08:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 22 Nov 2021 16:04:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 Nov 2021 16:04:16 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D710 2 KB
2 KB 8ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111171629/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 21 Nov 2021 20:15:16 GMT
x-content-type-options: nosniff
server: cafe
age: 71340
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Mon, 22 Nov 2021 20:15:16 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D710 295 B
319 B 10ms
9ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111171629/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 05:43:34 GMT
x-content-type-options: nosniff
server: cafe
age: 37242
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 23 Nov 2021 05:43:34 GMT

GET
H/1.1 200
OK pixel
protected-by.clarium.io/ 68 B
345 B 12ms
11ms Image
image/png 18.194.83.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_SjNVWEZlZTF4Y2xZLWJmRmxXaDFtSVpfcGhVLzI4NzA3ODYwNzU6MzAweDI1MA==&v=5&s=v31fl4683n2&sb=-1&h=www.zdnet.com&cb=5920888&d=eyJ3aCI6IlNqTlZXRVpsWlRGNFkyeFpMV0ptUm14WGFERnRTVnBmY0doVkx6STROekEzT0RZd056VTZNekF3ZURJMU1BPT0iLCJ3ZCI6eyJvIjoyODcwNzg2MDc1LCJ3IjoiMzAwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.83.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-83-218.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 16:04:16 GMT
Server: nginx/1.14.0 (Ubuntu)
Content-Type: image/png
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 68
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/12923064811196524900/ Frame D710 21 KB
21 KB 11ms
10ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12923064811196524900/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIrAIQnQEYASABLQAAAD8wrAI4nQFFAACAPw&rs=AOga4qmMd8af3ZiJw1uOO3r7cjjHC8vPxw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8986c8a27ea34a01d82f0e858982f1214fa530a8f95fa818c7425cce2202c975

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 07:01:07 GMT
x-content-type-options: nosniff
age: 205389
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21774
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 21:30:20 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 20 Nov 2022 07:01:07 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/17628851800959169786/ Frame D710 12 KB
12 KB 10ms
9ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17628851800959169786/downsize_200k_v1?sqp=4sqPyQSLAUKIAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-Mg8I2AQQ2AQYASABLQAAAD8&rs=AOga4qmzD34UcDyHPZrlDI6G5b_zGd_yYQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10ce79bea7fb9c262fd38c6aaf63dca35853a485decd7be1c09c88522d29504c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:06:37 GMT
x-content-type-options: nosniff
age: 449859
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12713
x-xss-protection: 0
last-modified: Fri, 23 Oct 2020 15:58:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 17 Nov 2022 11:06:37 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D710 0
0 49ms
48ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CJ6GcgL-bYd3cCOKj7_UPn464mAX7m9fBZqzUiNjRDpbTy3kQASD3u8eDAWCVgoCAyAegAcj-oPgDyAEG4AIAqAMByAMKqgTWAk_QxAAu9PdgwlxbzKOzkhZPBEBY9BYZedM3Qk9TqKXc7VKr_LLCuySaHGEjpuGI-Tx2Gwe2aoIJlt6lVZU5Ay7WVq4fZQAnElkGNkCPiDr-6cIlE_qwZI4OF2uZ-7cTZo_4w3Uvd9P-zrPj9Uh-DnM2Yfrzo6nKhUkUsVxOLFqKDHA8BCQKYLjCMCLJkX5GTtr-hJnWtMdHxtxPmvvctKSe428JwnWGMSAVTAcwpXtS01g96gdeyWCe0UoA1OXcuL54DreBn14Ebcwe-pgTDE8mu7q4HX5G-g2zhIntfLSovgBbm5ETRkvKD2Ovg-Dz3EI1x77vVJLigq01IRxgva6Vlxl5GNr1Dnn9Zey7MkGzAgRRFwaf5OccMwVeiLmXYQDEfKgxNmTVE6_aXFymGuBnfJYGB8uypoAXFYmQe0NYwXEhbiKcFYsBPExscYBoKTffRU966sAEg5qq2fgD4AQBoAY3gAeggd8HqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQx90Q0ggJCIjhgBAQARgdgAoDyAsB2BMDiBQK0BUBmBYBgBcBshceChwIABIUcHViLTg4MjAzNjI2MDU3MTExOTYYyZt6&sigh=tV0PpRUEk44&uach_m=[UACH]&template_id=492&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 204 l
www.google.com/ads/measurement/ Frame D710 0
0 15ms
14ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRtQUj-tutzBzhX8KojH-BxRFPkKpzZ-GmkjXDSvN3kYCxPQFGFWye1IU-JqtWYkndIa9tbCxbMVgaW2RXYZpKKF_i-9g
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame D710 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ec960d20bf77ffa7878ef85052bd131ccbc4730e5c8b3741b9d782f04f9a1a78

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6A4E 0
0 45ms
45ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsva4d1vbgPNpBw_uxYqcGazMLdrY5TCJTS1R0R9nh1McS0FHlr6UZ6Bfb71qO6M7pbZhpFL7L6TyFiH1BKJhoUPjrcW7dVKHKNkR5XkShot2almQTcB5h8ySe8lR36XxK4kme6GQK_suMAbIKKRING0s2FrG5RjgTYWTuGhOnOXshy1iZHRLPi8V2hA1df6vh_w7VzOhhQgn-tEzN8vcTZXUv4mus-Wf2GAzTO4-IVPjwTGttlP4NepI0gBX_qzVru8Kwb5WvfIZgsxnMp3YP2jL4nxjXxoRRf-59zzlGlGg8FxQRuqLMHxblE6XdHrgJZhE3Qb-U39&sai=AMfl-YTp5J3WKZNL_Gk0_K6yp-L5FPjIx7fBraGhcWLsEvYkavK2te73X5xnxbVmmXLEDGX2eKTuyV4H_KD_Hzy_PFjEuaVHdi-82S-udZ63p-GC4zH4OnBPL_aPJoQbnkM&sig=Cg0ArKJSzCCmdRjcsCLHEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 16:04:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 22 Nov 2021 16:04:16 GMT

GET
H3 200 W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js Show response
pagead2.googlesyndication.com/bg/ Frame AC8B 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bbe3fc1b22e847e9b39b5e3d2e0a3a1d7bc3f0881af180e2a702aa3a4a10266

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:45:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8331
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13296
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 22 Nov 2022 13:45:25 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 13ms
13ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=REDVENTURES_GAM_HEADER1&hp=1&zMoatAdUnit1=aw-zdnet&zMoatAdUnit2=security&wf=1&ra=3&pxm=&sgs=3&vb=6&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=https%3A%2F%2Ft.co&t=1637597056115&de=871818286955&rx=559297423070&m=0&ar=7e5b6a28623-clean&iw=a0d9f77&q=5&cb=0&cu=1637597056115&ll=2&lm=0&ln=0&em=0&en=0&d=5024496911%3A2870786075%3A5718138840%3A138352803033&zMoatAType=content_article&zMoatTest=zdnet&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-banking-trojan-sharkbot-makes-waves-across-europe%2F%3Fftag%3DCOS-05-10aaa0g%26taid%3D6193bce8ea82b400012e6cdb%26utm_campaign%3DtrueAnthem%253A%2BTrending%2BContent%26utm_medium%3DtrueAnthem%26utm_source%3Dtwitter&id=1&ii=4&bo=aw-zdnet&bd=security&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=redventuresgamheader644747280705&fd=1&ac=1&it=500&zMoatpos=bottom&zMoatvguid=-&zMoatptype=-&zMoatsl=mpu-bottom%3FLL%7CT-1000&pe=1%3A824%3A824%3A831%3A784&jk=-1&jm=-1&fs=195794&na=1069907420&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 16:04:16 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 22 Nov 2021 16:04:16 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 20B2
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

150ms
48ms

Image
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Protocol: H2
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Redirect headers

date: Mon, 22 Nov 2021 16:04:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 14271716927412036810
tpc.googlesyndication.com/simgad/ Frame 20B2 5 KB
5 KB 6ms
6ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14271716927412036810?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmNAAvSZFHYelD_4FU1QKTZk6-GOw

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8542bf67ba9c4f606f81e7712ae864ab488925129decdba1932ffbbffd44c126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 10:03:39 GMT
x-content-type-options: nosniff
age: 280837
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4843
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 09:58:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 19 Nov 2022 10:03:39 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 20B2 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 21 Nov 2021 20:15:16 GMT
x-content-type-options: nosniff
server: cafe
age: 71340
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Mon, 22 Nov 2021 20:15:16 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 20B2 295 B
319 B 8ms
8ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 05:43:34 GMT
x-content-type-options: nosniff
server: cafe
age: 37242
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 23 Nov 2021 05:43:34 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame D710 15 KB
15 KB 27ms
12ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.zdnet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:39:48 GMT
x-content-type-options: nosniff
age: 267868
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 19 Nov 2022 13:39:48 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame D710 16 KB
16 KB 19ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.zdnet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 14:02:00 GMT
x-content-type-options: nosniff
age: 525736
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 16 Nov 2022 14:02:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 7ms
7ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=REDVENTURES_GAM_HEADER1&hp=1&zMoatAdUnit1=aw-zdnet&zMoatAdUnit2=security&wf=1&ra=3&pxm=&sgs=3&vb=6&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=https%3A%2F%2Ft.co&t=1637597056115&de=298293411447&rx=559297423070&m=0&ar=7e5b6a28623-clean&iw=a0d9f77&q=6&cb=0&cu=1637597056115&ll=2&lm=0&ln=0&em=0&en=0&d=5024496911%3A2870786075%3A5718138840%3A138352803033&zMoatAType=content_article&zMoatTest=zdnet&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-banking-trojan-sharkbot-makes-waves-across-europe%2F%3Fftag%3DCOS-05-10aaa0g%26taid%3D6193bce8ea82b400012e6cdb%26utm_campaign%3DtrueAnthem%253A%2BTrending%2BContent%26utm_medium%3DtrueAnthem%26utm_source%3Dtwitter&id=1&ii=4&bo=aw-zdnet&bd=security&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=redventuresgamheader644747280705&fd=1&ac=1&it=500&zMoatpos=middle&zMoatvguid=-&zMoatptype=-&zMoatsl=mpu-middle%3FLL%7CT-1000&pe=1%3A824%3A824%3A831%3A784&jk=-1&jm=-1&fs=195794&na=1312606349&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 16:04:16 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 22 Nov 2021 16:04:16 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 00AB
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

438ms
336ms

Image
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
Protocol: H2
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Redirect headers

date: Mon, 22 Nov 2021 16:04:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 2B49 0
0 59ms
56ms Fetch
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CWEkVgL-bYez7CO_G7_UP4o--iA2P1465Zv376_3lDtvZHhABIPe7x4MBYJWCgIDIB6AB0Ki7ugLIAQLgAgCoAwHIA5kEqgTZAk_QZsqN8ug4-t83CEJ3dD8BBC1ID6JEWhHX-JGBF6oJN6UWb6eIWQ-0mexNTPxb-bCE3oSI0tu5UWL80ppbFACpMKxZKpgrZNyEm1vbv8B9wbLUCyB4E7tIv6heLVBbkreaibpwUEoaAS30Hhr_Wa7cobLHB4Tztm6_XzAsTBN2xeKWaKfQqB_kYs2Ms5zx7fHUfTXcunQaudJdQLcOUb5RY1N_16agx5Y_GcKMnCXXI4IvObJvknYmaBsae0N7bTcWBFsXP7c5htT3kvpMNdO8VuEiaqdWyTCY3OtG-ERbnxmEJjihrQKxoti2RK-7vdBOnOBd96q4sNmn_PakEKCqw6OaoYiMvyIGVwH_xHFUmaBr00lRR8m9h4JvQ6UgP91Qf7o90MUPSe-9x1K3zUHCu64GaOUoR9nLbEJkV2xRCM2vUS0jOFjDnUthLqG8B6BzFhqxQCn-0sAE0prWgecD4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB5C0ocUBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQnrcr0ggJCIjhgBAQARgdgAoDyAsB2BMM0BUBgBcBshceChwIABIUcHViLTg4MjAzNjI2MDU3MTExOTYYyZt6&sigh=AF3bbjkURwA&uach_m=[UACH]
Requested by: Host: t.co
URL: https://t.co/d9CJB4DUN3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 2B49 19 KB
8 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Host: 85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com
URL: https://85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 15:59:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 310
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Dec 2021 15:59:06 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 2B49 2 KB
1 KB 11ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: 85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com
URL: https://85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 15:58:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 335
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Dec 2021 15:58:41 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2B49 119 KB
36 KB 33ms
16ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com
URL: https://85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 16:04:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 22 Nov 2021 16:04:16 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 2B49 15 KB
6 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com
URL: https://85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 16:01:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 170
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Dec 2021 16:01:26 GMT

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 2B49 27 KB
11 KB 12ms
8ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: 85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com
URL: https://85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0072f2a89bd32697c990a647ce4577265131df2f7d089ecef8eb14d50abdfb36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 02:53:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47474
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11327
x-xss-protection: 0
server: cafe
etag: 10656063359522146397
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Dec 2021 02:53:02 GMT

GET
H3 200 9173371317227123334
tpc.googlesyndication.com/simgad/ Frame 2B49 46 KB
46 KB 11ms
10ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9173371317227123334?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmldnRAE3vI9vK-aU-rCKZ1HJyAfw

Requested by

Host: 85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com
URL: https://85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1472fdfcf7336fd1e43589cc1663eab224de820c944d12e7e9563a6b9b6b529

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 15:49:49 GMT
x-content-type-options: nosniff
age: 432867
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47080
x-xss-protection: 0
last-modified: Sat, 13 Nov 2021 07:19:50 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 17 Nov 2022 15:49:49 GMT

GET
H/1.1 200
OK pixel
protected-by.clarium.io/ Frame 2B49 68 B
345 B 12ms
11ms Image
image/png 18.194.83.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_SjNVWEZlZTF4Y2xZLWJmRmxXaDFtSVpfcGhVLzI4NzA3ODYwNzU6MzAweDI1MA==&v=5&s=v31fl4683te&id=eyJkZnAiOnsiYWQiOjUwMjQ0OTY5MTEsImMiOm51bGwsImwiOjAsIm8iOjI4NzA3ODYwNzUsIkEiOiIvMjIzMDk2MTAxODYvYXctemRuZXQvc2VjdXJpdHkiLCJ5IjoyODkwNzIsImNvIjowLCJzIjoibXB1LWJvdHRvbSJ9fQ%3D%3D&sb=undefined&cb=7429481&h=www.zdnet.com&d=eyJ3aCI6IlNqTlZXRVpsWlRGNFkyeFpMV0ptUm14WGFERnRTVnBmY0doVkx6STROekEzT0RZd056VTZNekF3ZURJMU1BPT0iLCJ3ZCI6eyJvIjoyODcwNzg2MDc1LCJ3IjoiMzAwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0=
Requested by: Host: 85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com
URL: https://85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.83.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-83-218.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 16:04:16 GMT
Server: nginx/1.14.0 (Ubuntu)
Content-Type: image/png
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 68
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame D710
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

430ms
336ms

Image
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
Protocol: H2
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Redirect headers

date: Mon, 22 Nov 2021 16:04:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 pixel.gif
redventuresgamheader644747280705.s.moatpixel.com/ 43 B
260 B 43ms
13ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamheader644747280705.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=122&fi=1&apd=243&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=5024496911&L2id=2870786075&L3id=5718138840&L4id=138352803033&S1id=aw-zdnet&S2id=security&ord=1637597056115&r=227713099391&t=meas&os=1&fi2=0&div1=0&ait=0&gpt_target_pos=nav&gpt_target_vguid=-&gpt_target_ptype=-&gpt_target_sl=nav-ad-plus-leader%3FT-1000&fullAdUnitPath=%2F22309610186%2Faw-zdnet%2Fsecurity&bedc=1&q=1&nu=1&ib=0&dc=1&ob=0&oh=1&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 16:04:17 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 22 Nov 2021 16:04:17 GMT

GET
H2 200 pixel.gif
redventuresgamheader644747280705.s.moatpixel.com/ 43 B
260 B 37ms
8ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamheader644747280705.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=122&fi=1&apd=243&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=5024496911&L2id=2870786075&L3id=5718138840&L4id=138352803033&S1id=aw-zdnet&S2id=security&ord=1637597056115&r=227713099391&t=fv&os=1&fi2=0&div1=0&ait=0&gpt_target_pos=nav&gpt_target_vguid=-&gpt_target_ptype=-&gpt_target_sl=nav-ad-plus-leader%3FT-1000&fullAdUnitPath=%2F22309610186%2Faw-zdnet%2Fsecurity&bedc=1&q=2&nu=1&ib=0&dc=1&ob=0&oh=1&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 16:04:17 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 22 Nov 2021 16:04:17 GMT

GET
H2 200 pixel.gif
redventuresgamheader644747280705.s.moatpixel.com/ 43 B
260 B 35ms
6ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamheader644747280705.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=122&fi=1&apd=243&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=5024496911&L2id=2870786075&L3id=5718138840&L4id=138352803033&S1id=aw-zdnet&S2id=security&ord=1637597056115&r=227713099391&t=nht&os=1&fi2=0&div1=0&ait=0&gpt_target_pos=nav&gpt_target_vguid=-&gpt_target_ptype=-&gpt_target_sl=nav-ad-plus-leader%3FT-1000&fullAdUnitPath=%2F22309610186%2Faw-zdnet%2Fsecurity&bedc=1&q=3&nu=1&ib=0&dc=1&ob=0&oh=1&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 16:04:17 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 22 Nov 2021 16:04:17 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 7ms
7ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatAdUnit1=aw-zdnet&zMoatAdUnit2=security&wf=1&ra=3&pxm=&sgs=3&vb=6&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F14271716927412036810%3Fsqp%3D4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg%26rs%3DAOga4qmNAAvSZFHYelD_4FU1QKTZk6-GOw&i=REDVENTURES_GAM_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-xSErBeoFGpG4fz6GF1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-P35B1BNzsquFgA%3D%3D&sc=1&os=1-4w%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%3B4*E%3Amx5%60K&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-banking-trojan-sharkbot-makes-waves-across-europe%2F%3Fftag%3DCOS-05-10aaa0g%26taid%3D6193bce8ea82b400012e6cdb%26utm_campaign%3DtrueAnthem%253A%2BTrending%2BContent%26utm_medium%3DtrueAnthem%26utm_source%3Dtwitter&pcode=redventuresgamheader644747280705&rx=559297423070&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&bq=11&zMoatpos=nav&zMoatvguid=-&zMoatptype=-&zMoatsl=nav-ad-plus-leader%3FT-1000&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=728&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-banking-trojan-sharkbot-makes-waves-across-europe%2F%3Fftag%3DCOS-05-10aaa0g%26taid%3D6193bce8ea82b400012e6cdb%26utm_campaign%3DtrueAnthem%253A%2BTrending%2BContent%26utm_medium%3DtrueAnthem%26utm_source%3Dtwitter&id=1&ii=4&f=0&j=https%3A%2F%2Ft.co&t=1637597056115&de=227713099391&cu=1637597056115&m=893&ar=7e5b6a28623-clean&iw=a0d9f77&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3128&le=1&lf=163&lg=1&lh=25&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A824%3A824%3A831%3A784&as=0&ag=122&an=0&gf=122&gg=0&ix=122&ic=122&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=122&bx=0&dj=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=243&cd=0&ah=243&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5024496911%3A2870786075%3A5718138840%3A138352803033&bo=aw-zdnet&bd=security&gw=redventuresgamheader644747280705&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&zMoatAType=content_article&zMoatTest=zdnet&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&jk=3&jm=-1&tc=0&fs=195794&na=946835762&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 16:04:17 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 22 Nov 2021 16:04:17 GMT

GET
H2 200 pixel.gif
redventuresgamheader644747280705.s.moatpixel.com/ 43 B
260 B 30ms
10ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamheader644747280705.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=139&fi=1&apd=260&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=5024496911&L2id=2870786075&L3id=5718138840&L4id=138352803033&S1id=aw-zdnet&S2id=security&ord=1637597056115&r=227713099391&t=hdn&os=1&fi2=0&div1=0&ait=0&gpt_target_pos=nav&gpt_target_vguid=-&gpt_target_ptype=-&gpt_target_sl=nav-ad-plus-leader%3FT-1000&fullAdUnitPath=%2F22309610186%2Faw-zdnet%2Fsecurity&bedc=1&q=4&nu=1&ib=0&dc=1&ob=0&oh=1&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 16:04:17 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 22 Nov 2021 16:04:17 GMT

GET
H2 200 pixel.gif
redventuresgamheader644747280705.s.moatpixel.com/ 43 B
260 B 23ms
21ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamheader644747280705.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=22&fi=1&apd=43&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=5024496911&L2id=2870786075&L3id=5718138840&L4id=138352803033&S1id=aw-zdnet&S2id=security&ord=1637597056115&r=134299799349&t=meas&os=1&fi2=0&div1=0&ait=0&gpt_target_pos=top&gpt_target_vguid=-&gpt_target_ptype=-&gpt_target_sl=mpu-plus-top%3FLL%7CT-1000&fullAdUnitPath=%2F22309610186%2Faw-zdnet%2Fsecurity&bedc=1&q=1&nu=1&ib=0&dc=1&ob=0&oh=1&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 16:04:17 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 22 Nov 2021 16:04:17 GMT

GET
H2 200 pixel.gif
redventuresgamheader644747280705.s.moatpixel.com/ 43 B
260 B 26ms
24ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamheader644747280705.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=22&fi=1&apd=43&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=5024496911&L2id=2870786075&L3id=5718138840&L4id=138352803033&S1id=aw-zdnet&S2id=security&ord=1637597056115&r=134299799349&t=fv&os=1&fi2=0&div1=0&ait=0&gpt_target_pos=top&gpt_target_vguid=-&gpt_target_ptype=-&gpt_target_sl=mpu-plus-top%3FLL%7CT-1000&fullAdUnitPath=%2F22309610186%2Faw-zdnet%2Fsecurity&bedc=1&q=2&nu=1&ib=0&dc=1&ob=0&oh=1&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 16:04:17 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 22 Nov 2021 16:04:17 GMT

GET
H2 200 pixel.gif
redventuresgamheader644747280705.s.moatpixel.com/ 43 B
260 B 28ms
27ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamheader644747280705.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=22&fi=1&apd=43&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=5024496911&L2id=2870786075&L3id=5718138840&L4id=138352803033&S1id=aw-zdnet&S2id=security&ord=1637597056115&r=134299799349&t=nht&os=1&fi2=0&div1=0&ait=0&gpt_target_pos=top&gpt_target_vguid=-&gpt_target_ptype=-&gpt_target_sl=mpu-plus-top%3FLL%7CT-1000&fullAdUnitPath=%2F22309610186%2Faw-zdnet%2Fsecurity&bedc=1&q=3&nu=1&ib=0&dc=1&ob=0&oh=1&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 16:04:17 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 22 Nov 2021 16:04:17 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 10ms
10ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatAdUnit1=aw-zdnet&zMoatAdUnit2=security&wf=1&ra=3&pxm=&sgs=3&vb=6&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F460918785823631131%3Fsqp%3D4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg%26rs%3DAOga4qkHQ5HSt9eOFqvscvXWvCS7-0izbg&i=REDVENTURES_GAM_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-xSErBeoFGpG4fz6GF1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-P35B1BNzsquFgA%3D%3D&sc=1&os=1-4w%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%3B4*E%3Amx5%60K&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-banking-trojan-sharkbot-makes-waves-across-europe%2F%3Fftag%3DCOS-05-10aaa0g%26taid%3D6193bce8ea82b400012e6cdb%26utm_campaign%3DtrueAnthem%253A%2BTrending%2BContent%26utm_medium%3DtrueAnthem%26utm_source%3Dtwitter&pcode=redventuresgamheader644747280705&rx=559297423070&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&bq=11&zMoatpos=top&zMoatvguid=-&zMoatptype=-&zMoatsl=mpu-plus-top%3FLL%7CT-1000&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=600&w=300&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-banking-trojan-sharkbot-makes-waves-across-europe%2F%3Fftag%3DCOS-05-10aaa0g%26taid%3D6193bce8ea82b400012e6cdb%26utm_campaign%3DtrueAnthem%253A%2BTrending%2BContent%26utm_medium%3DtrueAnthem%26utm_source%3Dtwitter&id=1&ii=4&f=0&j=https%3A%2F%2Ft.co&t=1637597056115&de=134299799349&cu=1637597056115&m=949&ar=7e5b6a28623-clean&iw=a0d9f77&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3128&le=1&lf=163&lg=1&lh=25&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A824%3A824%3A831%3A784&as=0&ag=22&an=0&gf=22&gg=0&ix=22&ic=22&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=22&bx=0&dj=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=43&cd=0&ah=43&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5024496911%3A2870786075%3A5718138840%3A138352803033&bo=aw-zdnet&bd=security&gw=redventuresgamheader644747280705&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&zMoatAType=content_article&zMoatTest=zdnet&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&jk=3&jm=-1&tc=0&fs=195794&na=2022521037&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 16:04:17 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 22 Nov 2021 16:04:17 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 67B3 143 B
426 B 10ms
6ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com
URL: https://85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com/

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 22 Nov 2021 15:58:25 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 352
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 2B49 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1515534809a50b5a7f5cc377a64079e7af7890fd66544868dcfdf03ed41f9a2b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ Frame 6A4E 43 B
260 B 24ms
15ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=90&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=zdnet.com&L1id=5029661432&L2id=2929336068&L3id=5823350303&L4id=138371350639&S1id=22308610192&S2id=22364980590&ord=1637597056568&r=820238277060&t=meas&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=46f03238-12ed-4d41-b892-3369670a5bc9&zMoatCURL=zdnet.com%2Farticle%2Fnew-banking-trojan-sharkbot-makes-waves-across-europe&zMoatPS=top&zMoatPT=article&zMoatSL=sharethrough-top%3FLL%7CT-1000&moatClientSlicer3=0&bedc=1&q=1&nu=1&ib=0&dc=1&ob=0&oh=1&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 16:04:17 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 22 Nov 2021 16:04:17 GMT

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ Frame 6A4E 43 B
260 B 20ms
11ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=90&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=zdnet.com&L1id=5029661432&L2id=2929336068&L3id=5823350303&L4id=138371350639&S1id=22308610192&S2id=22364980590&ord=1637597056568&r=820238277060&t=nht&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=46f03238-12ed-4d41-b892-3369670a5bc9&zMoatCURL=zdnet.com%2Farticle%2Fnew-banking-trojan-sharkbot-makes-waves-across-europe&zMoatPS=top&zMoatPT=article&zMoatSL=sharethrough-top%3FLL%7CT-1000&moatClientSlicer3=0&bedc=1&q=2&nu=1&ib=0&dc=1&ob=0&oh=1&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 16:04:17 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 22 Nov 2021 16:04:17 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 6A4E 43 B
260 B 12ms
11ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=1&pxm=&sgs=3&bo=22308610192&bp=22364980590&bd=undefined&zMoatNotCnet=true&zMoatPT=article&zMoatFT=COS-05-10aaa0g&zMoatSZ=0x0&zMoatPS=top&zMoatSZPS=0x0%20%7C%20top&zMoatPTAT=article&zMoatPTATSECT=article&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F2313958552335286199%3F&i=REDVENTURES_GAM_DISPLAY1&ol=3408615744&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-wz%2BHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-kd5aRxmAS248Xw%3D%3D&sc=1&os=1-1Q%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=770&qe=123&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=78&w=150&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-banking-trojan-sharkbot-makes-waves-across-europe%2F%3Fftag%3DCOS-05-10aaa0g%26taid%3D6193bce8ea82b400012e6cdb%26utm_campaign%3DtrueAnthem%253A%2BTrending%2BContent%26utm_medium%3DtrueAnthem%26utm_source%3Dtwitter&id=1&ii=3&f=1&j=https%3A%2F%2Fwww.zdnet.com&lp=https%3A%2F%2Fwww.zdnet.com&t=1637597056568&de=820238277060&cu=1637597056568&m=587&ar=b4494b788bb-clean&iw=5b2ce75&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=123&le=1&lf=215&lg=1&lh=147&gm=1&io=1&ch=0&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A87%3A204%3A719%3A333&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=90&cd=0&ah=90&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=5029661432%3A2929336068%3A5823350303%3A138371350639&gw=redventuresgamdisplay60805146916&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22364980590&dfp=0%2C1&la=22364980590&zMoatW=0&zMoatH=0&zMoatVGUID=46f03238-12ed-4d41-b892-3369670a5bc9&zMoatSN=b&zMoatSL=sharethrough-top%3FLL%7CT-1000&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fnew-banking-trojan-sharkbot-makes-waves-across-europe&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&jk=2&jm=-1&iq=na&tt=na&tu=&tp=&tc=0&fs=195602&na=837629888&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 16:04:17 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 22 Nov 2021 16:04:17 GMT

GET
H2 200 zdnet+f411b441-f4aa-427c-9ef2-d12599d68c9d.png
media-mtml.mt.rvapps.io/image-assets/zdnet/ 2 MB
2 MB 9ms
8ms Image
image/png 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-mtml.mt.rvapps.io/image-assets/zdnet/zdnet+f411b441-f4aa-427c-9ef2-d12599d68c9d.png
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/a/fly/141b7a-fly/js/main.default.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 1f664440b22951b8c5a35f38ec7b463978c388cfe465c397f45bfbe26c50be84

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 16:04:17 GMT
via: 1.1 varnish, 1.1 varnish
age: 838
x-guploader-uploadid: ADPycdv9iJVKiVaIoTo2-5Ya886ApCj1rcLCQe-r35D4zzBKZdL_L6aNZsdlzjyZ5nowWuqUynby0IuBkVAYS3nw2gs
x-cache: HIT, HIT
x-goog-storage-class: REGIONAL
x-cache-hits: 1, 1
content-length: 2358493
x-served-by: cache-chi21127-CHI, cache-fra19141-FRA
last-modified: Thu, 11 Nov 2021 11:53:22 GMT
server: UploadServer
x-timer: S1637597057.197627,VS0,VE0
etag: "f706fb6df99290700758395bf8d49ac1"
x-goog-hash: crc32c=RKfsPA==, md5=9wb7bfmSkHAHWDlb+NSawQ==
content-type: image/png
cache-control: private, max-age=0
accept-ranges: bytes
expires: Mon, 22 Nov 2021 15:50:19 GMT

GET
H2 200 pixel.gif
redventuresgamheader644747280705.s.moatpixel.com/ 43 B
260 B 16ms
14ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamheader644747280705.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=165&fi=1&apd=186&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=5024496911&L2id=2870786075&L3id=5718138840&L4id=138352803033&S1id=aw-zdnet&S2id=security&ord=1637597056115&r=134299799349&t=hdn&os=1&fi2=0&div1=0&ait=0&gpt_target_pos=top&gpt_target_vguid=-&gpt_target_ptype=-&gpt_target_sl=mpu-plus-top%3FLL%7CT-1000&fullAdUnitPath=%2F22309610186%2Faw-zdnet%2Fsecurity&bedc=1&q=4&nu=1&ib=0&dc=1&ob=0&oh=1&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 16:04:17 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 22 Nov 2021 16:04:17 GMT

GET
H2 200 pixel.gif
redventuresgamheader644747280705.s.moatpixel.com/ 43 B
260 B 27ms
26ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamheader644747280705.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=143&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=5024496911&L2id=2870786075&L3id=5718138840&L4id=138352803033&S1id=aw-zdnet&S2id=security&ord=1637597056115&r=871818286955&t=meas&os=0&fi2=0&div1=0&ait=0&gpt_target_pos=bottom&gpt_target_vguid=-&gpt_target_ptype=-&gpt_target_sl=mpu-bottom%3FLL%7CT-1000&fullAdUnitPath=%2F22309610186%2Faw-zdnet%2Fsecurity&bedc=1&q=1&nu=1&ib=0&dc=1&ob=0&oh=1&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 16:04:17 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 22 Nov 2021 16:04:17 GMT

GET
H2 200 pixel.gif
redventuresgamheader644747280705.s.moatpixel.com/ 43 B
260 B 41ms
40ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamheader644747280705.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=143&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=5024496911&L2id=2870786075&L3id=5718138840&L4id=138352803033&S1id=aw-zdnet&S2id=security&ord=1637597056115&r=871818286955&t=nht&os=0&fi2=0&div1=0&ait=0&gpt_target_pos=bottom&gpt_target_vguid=-&gpt_target_ptype=-&gpt_target_sl=mpu-bottom%3FLL%7CT-1000&fullAdUnitPath=%2F22309610186%2Faw-zdnet%2Fsecurity&bedc=1&q=2&nu=1&ib=0&dc=1&ob=0&oh=1&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 16:04:17 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 22 Nov 2021 16:04:17 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 41ms
41ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatAdUnit1=aw-zdnet&zMoatAdUnit2=security&wf=1&ra=3&pxm=&sgs=3&vb=6&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2F85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&i=REDVENTURES_GAM_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-xSErBeoFGpG4fz6GF1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-P35B1BNzsquFgA%3D%3D&sc=1&os=1-4w%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%3B4*E%3Amx5%60K&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-banking-trojan-sharkbot-makes-waves-across-europe%2F%3Fftag%3DCOS-05-10aaa0g%26taid%3D6193bce8ea82b400012e6cdb%26utm_campaign%3DtrueAnthem%253A%2BTrending%2BContent%26utm_medium%3DtrueAnthem%26utm_source%3Dtwitter&pcode=redventuresgamheader644747280705&rx=559297423070&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&zMoatpos=bottom&zMoatvguid=-&zMoatptype=-&zMoatsl=mpu-bottom%3FLL%7CT-1000&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=300&rm=1&fy=1050&gp=2006.640625&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-banking-trojan-sharkbot-makes-waves-across-europe%2F%3Fftag%3DCOS-05-10aaa0g%26taid%3D6193bce8ea82b400012e6cdb%26utm_campaign%3DtrueAnthem%253A%2BTrending%2BContent%26utm_medium%3DtrueAnthem%26utm_source%3Dtwitter&id=1&ii=4&f=0&j=https%3A%2F%2Ft.co&t=1637597056115&de=871818286955&cu=1637597056115&m=1092&ar=7e5b6a28623-clean&iw=a0d9f77&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=2006.640625&lb=3128&le=1&lf=163&lg=1&lh=25&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A824%3A824%3A831%3A784&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=143&cd=0&ah=143&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5024496911%3A2870786075%3A5718138840%3A138352803033&bo=aw-zdnet&bd=security&gw=redventuresgamheader644747280705&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&zMoatAType=content_article&zMoatTest=zdnet&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&jk=2&jm=-1&tc=0&fs=195794&na=641000092&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 16:04:17 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 22 Nov 2021 16:04:17 GMT

GET
H2 200 zdnet+96cc5dcf-52b3-4a03-bc10-f9f4d0d5adbe.png
media-mtml.mt.rvapps.io/image-assets/zdnet/ 2 MB
2 MB 29ms
28ms Image
image/jpeg 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-mtml.mt.rvapps.io/image-assets/zdnet/zdnet+96cc5dcf-52b3-4a03-bc10-f9f4d0d5adbe.png
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/a/fly/141b7a-fly/js/main.default.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a0233f2a52d38bb92f54e15bdcc0bfe964c74921d560de3ece5f51aaeb3c8a80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 16:04:17 GMT
via: 1.1 varnish, 1.1 varnish
age: 44086
x-guploader-uploadid: ADPycdshcY6hruv6Ot5reTzK1r6PmiyCaM4TBYdCYT4jYJg4uj803-db_19UurBx9eTCCE3RowItLaFfBi9WUykZK4Y
x-cache: HIT, HIT
x-goog-storage-class: REGIONAL
x-cache-hits: 1, 1
content-length: 2466651
x-served-by: cache-chi21140-CHI, cache-fra19141-FRA
last-modified: Wed, 24 Feb 2021 17:43:30 GMT
server: UploadServer
x-timer: S1637597057.228705,VS0,VE0
etag: "de130531b785ae1259c4eee4959fa26f"
x-goog-hash: crc32c=1hpPGQ==, md5=3hMFMbeFrhJZxO7klZ+ibw==
content-type: text/plain
cache-control: max-age=0, s-maxage=86400
accept-ranges: bytes
expires: Sat, 20 Nov 2021 03:16:05 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 67B3
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

43ms
42ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com
URL: https://85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 22 Nov 2021 16:04:17 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 22 Nov 2021 16:04:17 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 22 Nov 2021 16:04:17 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixel.gif
redventuresgamheader644747280705.s.moatpixel.com/ 43 B
260 B 13ms
12ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamheader644747280705.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=190&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=5024496911&L2id=2870786075&L3id=5718138840&L4id=138352803033&S1id=aw-zdnet&S2id=security&ord=1637597056115&r=871818286955&t=hdn&os=0&fi2=0&div1=0&ait=0&gpt_target_pos=bottom&gpt_target_vguid=-&gpt_target_ptype=-&gpt_target_sl=mpu-bottom%3FLL%7CT-1000&fullAdUnitPath=%2F22309610186%2Faw-zdnet%2Fsecurity&bedc=1&q=3&nu=1&ib=0&dc=1&ob=0&oh=1&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 16:04:17 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 22 Nov 2021 16:04:17 GMT

GET
H2 200 pixel.gif
redventuresgamheader644747280705.s.moatpixel.com/ 43 B
260 B 19ms
19ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamheader644747280705.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=21&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=5024496911&L2id=2870786075&L3id=5718138840&L4id=138352803033&S1id=aw-zdnet&S2id=security&ord=1637597056115&r=298293411447&t=meas&os=0&fi2=0&div1=0&ait=0&gpt_target_pos=middle&gpt_target_vguid=-&gpt_target_ptype=-&gpt_target_sl=mpu-middle%3FLL%7CT-1000&fullAdUnitPath=%2F22309610186%2Faw-zdnet%2Fsecurity&bedc=1&q=1&nu=1&ib=0&dc=1&ob=0&oh=1&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 16:04:17 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 22 Nov 2021 16:04:17 GMT

GET
H2 200 pixel.gif
redventuresgamheader644747280705.s.moatpixel.com/ 43 B
260 B 20ms
20ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamheader644747280705.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=21&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=5024496911&L2id=2870786075&L3id=5718138840&L4id=138352803033&S1id=aw-zdnet&S2id=security&ord=1637597056115&r=298293411447&t=nht&os=0&fi2=0&div1=0&ait=0&gpt_target_pos=middle&gpt_target_vguid=-&gpt_target_ptype=-&gpt_target_sl=mpu-middle%3FLL%7CT-1000&fullAdUnitPath=%2F22309610186%2Faw-zdnet%2Fsecurity&bedc=1&q=2&nu=1&ib=0&dc=1&ob=0&oh=1&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 16:04:17 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 22 Nov 2021 16:04:17 GMT

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ Frame 6A4E 43 B
260 B 20ms
20ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=218&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=zdnet.com&L1id=5029661432&L2id=2929336068&L3id=5823350303&L4id=138371350639&S1id=22308610192&S2id=22364980590&ord=1637597056568&r=820238277060&t=hdn&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=46f03238-12ed-4d41-b892-3369670a5bc9&zMoatCURL=zdnet.com%2Farticle%2Fnew-banking-trojan-sharkbot-makes-waves-across-europe&zMoatPS=top&zMoatPT=article&zMoatSL=sharethrough-top%3FLL%7CT-1000&moatClientSlicer3=0&bedc=1&q=3&nu=1&ib=0&dc=1&ob=0&oh=1&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 16:04:17 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 22 Nov 2021 16:04:17 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
19ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatAdUnit1=aw-zdnet&zMoatAdUnit2=security&wf=1&ra=3&pxm=&sgs=3&vb=6&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F12923064811196524900%2Fdownsize_200k_v1%3Fsqp%3D4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIrAIQnQEYASABLQAAAD8wrAI4nQFFAACAPw%26rs%3DAOga4qmMd8af3ZiJw1uOO3r7cjjHC8vPxw&i=REDVENTURES_GAM_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-xSErBeoFGpG4fz6GF1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-P35B1BNzsquFgA%3D%3D&sc=1&os=1-4w%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%3B4*E%3Amx5%60K&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-banking-trojan-sharkbot-makes-waves-across-europe%2F%3Fftag%3DCOS-05-10aaa0g%26taid%3D6193bce8ea82b400012e6cdb%26utm_campaign%3DtrueAnthem%253A%2BTrending%2BContent%26utm_medium%3DtrueAnthem%26utm_source%3Dtwitter&pcode=redventuresgamheader644747280705&rx=559297423070&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&zMoatpos=middle&zMoatvguid=-&zMoatptype=-&zMoatsl=mpu-middle%3FLL%7CT-1000&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=157&w=300&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-banking-trojan-sharkbot-makes-waves-across-europe%2F%3Fftag%3DCOS-05-10aaa0g%26taid%3D6193bce8ea82b400012e6cdb%26utm_campaign%3DtrueAnthem%253A%2BTrending%2BContent%26utm_medium%3DtrueAnthem%26utm_source%3Dtwitter&id=1&ii=4&f=0&j=https%3A%2F%2Ft.co&t=1637597056115&de=298293411447&cu=1637597056115&m=1159&ar=7e5b6a28623-clean&iw=a0d9f77&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3128&le=1&lf=163&lg=1&lh=25&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A824%3A824%3A831%3A784&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=21&cd=0&ah=21&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5024496911%3A2870786075%3A5718138840%3A138352803033&bo=aw-zdnet&bd=security&gw=redventuresgamheader644747280705&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&zMoatAType=content_article&zMoatTest=zdnet&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&jk=2&jm=-1&tc=0&fs=195794&na=2015955538&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 16:04:17 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 22 Nov 2021 16:04:17 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 60ms
59ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021111601&jk=69231929235010&bg=!2Nul25_NAAZQLpa_UC47ACkAdvg8WlMoYVrPjz-xosgRDa1EM9c1F7beCbiLvUw8Ky6aYMwdqSekEQIAAAGIUgAAACNoAQcKACPxl3cuDIYkSuC9rmmZXFw3jUTttsGCY6aHDtutG7zvbQXT3JkCcs4lAAM-qe_Xikv2Y2tfZNzqRTPB1mgVLVIVPQc_Mx6N_f6sCGgmAfEKPPvCR5uIbIsUikWjION1GYXjQ9QR40tI6e4sFrVvh8g63EsQq_3qhJ7WISOr6fQREQgbmjQzu9Ij6QrdP-rUb-v8OZb4Cw_AM0xgMMaWKz9pXaHCrfL-Y-jyWcKPzOZMpHJ55f6J8TymwRGHOxrP36zi1gwXwTzvGB7fgNb1ndVVWUCWqRrVYyuTFoxdU38UbRO4sLquLZ-1SsFIstJQuhkLCdmdmwvhvvSViITQs0VKzwXmq-1jroK8ryEYoJF5gA7UXKkEe7XDVP54dJDfra3KQ4Z5iXIu-wbMg7w9eqBSHujnqtwFGcoq4CiU52r9qtEagdmaaZwZqYE5I8OMsTSghsZyuwv9Ozj9n12GBnHCJvZHXDb7jt9Rd-PzwdUWjytO3hqAsw-JDx8j05K1n0jXyEkczMQixKdE24N7oCmfJ-r5EUFx2ifmYXxz9SyZ1_dIJzLuVwRcgrIRcFH3fe1uMZCW6hadDUnNoBQsRyWUJzxVpFtfeVYQ4WB4AbfT021Yc5ssCoy7PKoPb64c5OOYORHwvtttKYy8R2vnOyK65XltHW3kS2DLt4qNfkBeLnXX7h54X-8b_F6fMP6gTusLQo-gG9VNiSjTneL-AF85LqQ5eEvbVujV30l1G5Sbip1xTwPlVfFUPi--zPw1YGY_krIY3knujGU3j3Pwk_M_86uySISo5dPfv6HItdzHuQO3eQqyznwo6bQslFMxP9ozc9D8lsvlzKLfEYWVPa3ktjSlT3ndJx1yvzp_snI1ctPcdUtuf-hI

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 16:04:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
redventuresgamheader644747280705.s.moatpixel.com/ 43 B
260 B 8ms
8ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamheader644747280705.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=221&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=5024496911&L2id=2870786075&L3id=5718138840&L4id=138352803033&S1id=aw-zdnet&S2id=security&ord=1637597056115&r=298293411447&t=hdn&os=0&fi2=0&div1=0&ait=0&gpt_target_pos=middle&gpt_target_vguid=-&gpt_target_ptype=-&gpt_target_sl=mpu-middle%3FLL%7CT-1000&fullAdUnitPath=%2F22309610186%2Faw-zdnet%2Fsecurity&bedc=1&q=3&nu=1&ib=0&dc=1&ob=0&oh=1&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 16:04:17 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 22 Nov 2021 16:04:17 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 20B2 42 B
64 B 49ms
48ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstusbUGO_YCVVM_sjSE6tfAg-IeqWAAP4IygPBJdI7eQS8VpUvwn82dQXIHPH1FGDuunm2SlcwS_TGnyxi3HBdena12-f1jl21bKExkfs9ABeI3-Ev9lA&sai=AMfl-YR9GgUvJoG83iXlUxvjlslCg90qyR-gbt5JERRAAnk93qRmrsv4svWumaWAD7P7u-kKVCNb2XRPLeFGeHSdrl3e5a1G7qTke_uyBRzqZR5c9kObW0QZ-7bEScEitP-X&sig=Cg0ArKJSzAhX1L6i4iJHEAE&id=ampim&o=436,5&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=312&tls=1312&g=100&h=100&tt=1312&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=3846852823

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 16:04:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 92ms
91ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&zMoatAdUnit1=aw-zdnet&zMoatAdUnit2=security&wf=1&ra=3&pxm=&sgs=3&vb=6&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=REDVENTURES_GAM_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-xSErBeoFGpG4fz6GF1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-P35B1BNzsquFgA%3D%3D&sc=1&os=1-4w%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%3B4*E%3Amx5%60K&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-banking-trojan-sharkbot-makes-waves-across-europe%2F%3Fftag%3DCOS-05-10aaa0g%26taid%3D6193bce8ea82b400012e6cdb%26utm_campaign%3DtrueAnthem%253A%2BTrending%2BContent%26utm_medium%3DtrueAnthem%26utm_source%3Dtwitter&pcode=redventuresgamheader644747280705&rx=559297423070&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&zMoatpos=nav&zMoatvguid=-&zMoatptype=-&zMoatsl=nav-ad-plus-leader%3FT-1000&g=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=728&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-banking-trojan-sharkbot-makes-waves-across-europe%2F%3Fftag%3DCOS-05-10aaa0g%26taid%3D6193bce8ea82b400012e6cdb%26utm_campaign%3DtrueAnthem%253A%2BTrending%2BContent%26utm_medium%3DtrueAnthem%26utm_source%3Dtwitter&id=1&ii=4&f=0&j=https%3A%2F%2Ft.co&t=1637597056115&de=227713099391&cu=1637597056115&m=1963&ar=7e5b6a28623-clean&iw=a0d9f77&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3101&le=1&lf=163&lg=1&lh=25&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A824%3A824%3A831%3A784&as=1&ag=1198&an=122&gi=1&gf=1198&gg=122&ix=1198&ic=1198&ez=1&ck=1198&kw=1118&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1198&bx=122&ci=1198&jz=1118&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1118&cd=243&ah=1118&am=243&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5024496911%3A2870786075%3A5718138840%3A138352803033&bo=aw-zdnet&bd=security&gw=redventuresgamheader644747280705&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&zMoatAType=content_article&zMoatTest=zdnet&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&jk=4&jm=-1&tc=0&fs=195794&na=2107594750&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 16:04:18 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 22 Nov 2021 16:04:18 GMT

GET
H2 200 pixel.gif
redventuresgamheader644747280705.s.moatpixel.com/ 43 B
260 B 140ms
139ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamheader644747280705.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=1118&tet=1198&fi=1&apd=1319&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=5024496911&L2id=2870786075&L3id=5718138840&L4id=138352803033&S1id=aw-zdnet&S2id=security&ord=1637597056115&r=227713099391&t=iv&os=1&fi2=0&div1=1&ait=0&gpt_target_pos=nav&gpt_target_vguid=-&gpt_target_ptype=-&gpt_target_sl=nav-ad-plus-leader%3FT-1000&fullAdUnitPath=%2F22309610186%2Faw-zdnet%2Fsecurity&bedc=1&q=5&nu=1&ib=0&dc=1&ob=0&oh=1&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 16:04:18 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 22 Nov 2021 16:04:18 GMT

GET
H2 200 pixel.gif
redventuresgamheader644747280705.s.moatpixel.com/ 43 B
260 B 153ms
153ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamheader644747280705.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=858&tet=1038&fi=1&apd=1059&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=5024496911&L2id=2870786075&L3id=5718138840&L4id=138352803033&S1id=aw-zdnet&S2id=security&ord=1637597056115&r=134299799349&t=iv&os=1&fi2=0&div1=1&ait=0&gpt_target_pos=top&gpt_target_vguid=-&gpt_target_ptype=-&gpt_target_sl=mpu-plus-top%3FLL%7CT-1000&fullAdUnitPath=%2F22309610186%2Faw-zdnet%2Fsecurity&bedc=1&q=5&nu=1&ib=0&dc=1&ob=0&oh=1&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 16:04:18 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 22 Nov 2021 16:04:18 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 00AB 42 B
64 B 42ms
42ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvVmKP-34Bn0WuLhkUj0XoUdK9vAfYFF2z6jw5dvfIPREWZTBhlr5pnHL9Us5ll8nxD4zX2SGPNO0di2OarNNWgN4OiLWHCCNDX4935FK_wJtvDscbs_Q&sai=AMfl-YSdVuACJK077Mc22wp0NqPC6Vo-rNlg-dH8QKkgCXiZm1-iWJLqW_SYRDhQVbFc44RfI1Ezhm4uNfsE7X1BFWrjOvNwJgOOGrmo-Widzf2uB8uwPkn5deoKcj3MhVs4&sig=Cg0ArKJSzJ_WeV6LTZ1bEAE&id=ampim&o=1050,422&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=276&tls=1276&g=100&h=100&tt=1277&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=36326968

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 16:04:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 65ms
65ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&zMoatAdUnit1=aw-zdnet&zMoatAdUnit2=security&wf=1&ra=3&pxm=&sgs=3&vb=6&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=REDVENTURES_GAM_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-xSErBeoFGpG4fz6GF1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-P35B1BNzsquFgA%3D%3D&sc=1&os=1-4w%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%3B4*E%3Amx5%60K&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-banking-trojan-sharkbot-makes-waves-across-europe%2F%3Fftag%3DCOS-05-10aaa0g%26taid%3D6193bce8ea82b400012e6cdb%26utm_campaign%3DtrueAnthem%253A%2BTrending%2BContent%26utm_medium%3DtrueAnthem%26utm_source%3Dtwitter&pcode=redventuresgamheader644747280705&rx=559297423070&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&zMoatpos=nav&zMoatvguid=-&zMoatptype=-&zMoatsl=nav-ad-plus-leader%3FT-1000&g=2&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=728&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-banking-trojan-sharkbot-makes-waves-across-europe%2F%3Fftag%3DCOS-05-10aaa0g%26taid%3D6193bce8ea82b400012e6cdb%26utm_campaign%3DtrueAnthem%253A%2BTrending%2BContent%26utm_medium%3DtrueAnthem%26utm_source%3Dtwitter&id=1&ii=4&f=0&j=https%3A%2F%2Ft.co&t=1637597056115&de=227713099391&cu=1637597056115&m=1964&ar=7e5b6a28623-clean&iw=a0d9f77&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3101&le=1&lf=163&lg=1&lh=25&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A824%3A824%3A831%3A784&as=1&ag=1198&an=1198&gi=1&gf=1198&gg=1198&ix=1198&ic=1198&ez=1&ck=1198&kw=1118&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1198&bx=1198&ci=1198&jz=1118&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1118&cd=1118&ah=1118&am=1118&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5024496911%3A2870786075%3A5718138840%3A138352803033&bo=aw-zdnet&bd=security&gw=redventuresgamheader644747280705&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&zMoatAType=content_article&zMoatTest=zdnet&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&jk=4&jm=-1&tc=0&fs=195794&na=1672531727&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 16:04:18 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 22 Nov 2021 16:04:18 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 8ms
7ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&zMoatAdUnit1=aw-zdnet&zMoatAdUnit2=security&wf=1&ra=3&pxm=&sgs=3&vb=6&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=REDVENTURES_GAM_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-xSErBeoFGpG4fz6GF1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-P35B1BNzsquFgA%3D%3D&sc=1&os=1-4w%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%3B4*E%3Amx5%60K&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-banking-trojan-sharkbot-makes-waves-across-europe%2F%3Fftag%3DCOS-05-10aaa0g%26taid%3D6193bce8ea82b400012e6cdb%26utm_campaign%3DtrueAnthem%253A%2BTrending%2BContent%26utm_medium%3DtrueAnthem%26utm_source%3Dtwitter&pcode=redventuresgamheader644747280705&rx=559297423070&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&zMoatpos=nav&zMoatvguid=-&zMoatptype=-&zMoatsl=nav-ad-plus-leader%3FT-1000&g=3&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=728&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-banking-trojan-sharkbot-makes-waves-across-europe%2F%3Fftag%3DCOS-05-10aaa0g%26taid%3D6193bce8ea82b400012e6cdb%26utm_campaign%3DtrueAnthem%253A%2BTrending%2BContent%26utm_medium%3DtrueAnthem%26utm_source%3Dtwitter&id=1&ii=4&f=0&j=https%3A%2F%2Ft.co&t=1637597056115&de=227713099391&cu=1637597056115&m=1964&ar=7e5b6a28623-clean&iw=a0d9f77&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3101&le=1&lf=163&lg=1&lh=25&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A824%3A824%3A831%3A784&as=1&ag=1198&an=1198&gi=1&gf=1198&gg=1198&ix=1198&ic=1198&ez=1&ck=1198&kw=1118&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1198&bx=1198&ci=1198&jz=1118&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1118&cd=1118&ah=1118&am=1118&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5024496911%3A2870786075%3A5718138840%3A138352803033&bo=aw-zdnet&bd=security&gw=redventuresgamheader644747280705&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&zMoatAType=content_article&zMoatTest=zdnet&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&jk=4&jm=-1&tc=0&fs=195794&na=967542096&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 16:04:18 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 22 Nov 2021 16:04:18 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 7ms
7ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&zMoatAdUnit1=aw-zdnet&zMoatAdUnit2=security&wf=1&ra=3&pxm=&sgs=3&vb=6&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=REDVENTURES_GAM_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-xSErBeoFGpG4fz6GF1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-P35B1BNzsquFgA%3D%3D&sc=1&os=1-4w%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%3B4*E%3Amx5%60K&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-banking-trojan-sharkbot-makes-waves-across-europe%2F%3Fftag%3DCOS-05-10aaa0g%26taid%3D6193bce8ea82b400012e6cdb%26utm_campaign%3DtrueAnthem%253A%2BTrending%2BContent%26utm_medium%3DtrueAnthem%26utm_source%3Dtwitter&pcode=redventuresgamheader644747280705&rx=559297423070&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&zMoatpos=top&zMoatvguid=-&zMoatptype=-&zMoatsl=mpu-plus-top%3FLL%7CT-1000&g=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=600&w=300&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-banking-trojan-sharkbot-makes-waves-across-europe%2F%3Fftag%3DCOS-05-10aaa0g%26taid%3D6193bce8ea82b400012e6cdb%26utm_campaign%3DtrueAnthem%253A%2BTrending%2BContent%26utm_medium%3DtrueAnthem%26utm_source%3Dtwitter&id=1&ii=4&f=0&j=https%3A%2F%2Ft.co&t=1637597056115&de=134299799349&cu=1637597056115&m=1965&ar=7e5b6a28623-clean&iw=a0d9f77&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3101&le=1&lf=163&lg=1&lh=25&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A824%3A824%3A831%3A784&as=1&ag=1038&an=22&gi=1&gf=1038&gg=22&ix=1038&ic=1038&ez=1&ck=1038&kw=858&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1038&bx=22&ci=1038&jz=858&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=858&cd=43&ah=858&am=43&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5024496911%3A2870786075%3A5718138840%3A138352803033&bo=aw-zdnet&bd=security&gw=redventuresgamheader644747280705&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&zMoatAType=content_article&zMoatTest=zdnet&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&jk=4&jm=-1&tc=0&fs=195794&na=961351027&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 16:04:18 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 22 Nov 2021 16:04:18 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 9ms
9ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&zMoatAdUnit1=aw-zdnet&zMoatAdUnit2=security&wf=1&ra=3&pxm=&sgs=3&vb=6&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=REDVENTURES_GAM_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-xSErBeoFGpG4fz6GF1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-P35B1BNzsquFgA%3D%3D&sc=1&os=1-4w%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%3B4*E%3Amx5%60K&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-banking-trojan-sharkbot-makes-waves-across-europe%2F%3Fftag%3DCOS-05-10aaa0g%26taid%3D6193bce8ea82b400012e6cdb%26utm_campaign%3DtrueAnthem%253A%2BTrending%2BContent%26utm_medium%3DtrueAnthem%26utm_source%3Dtwitter&pcode=redventuresgamheader644747280705&rx=559297423070&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&zMoatpos=top&zMoatvguid=-&zMoatptype=-&zMoatsl=mpu-plus-top%3FLL%7CT-1000&g=2&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=600&w=300&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-banking-trojan-sharkbot-makes-waves-across-europe%2F%3Fftag%3DCOS-05-10aaa0g%26taid%3D6193bce8ea82b400012e6cdb%26utm_campaign%3DtrueAnthem%253A%2BTrending%2BContent%26utm_medium%3DtrueAnthem%26utm_source%3Dtwitter&id=1&ii=4&f=0&j=https%3A%2F%2Ft.co&t=1637597056115&de=134299799349&cu=1637597056115&m=1965&ar=7e5b6a28623-clean&iw=a0d9f77&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3101&le=1&lf=163&lg=1&lh=25&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A824%3A824%3A831%3A784&as=1&ag=1038&an=1038&gi=1&gf=1038&gg=1038&ix=1038&ic=1038&ez=1&ck=1038&kw=858&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1038&bx=1038&ci=1038&jz=858&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=858&cd=858&ah=858&am=858&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5024496911%3A2870786075%3A5718138840%3A138352803033&bo=aw-zdnet&bd=security&gw=redventuresgamheader644747280705&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&zMoatAType=content_article&zMoatTest=zdnet&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&jk=4&jm=-1&tc=0&fs=195794&na=1796527309&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 16:04:18 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 22 Nov 2021 16:04:18 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 18ms
18ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&zMoatAdUnit1=aw-zdnet&zMoatAdUnit2=security&wf=1&ra=3&pxm=&sgs=3&vb=6&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=REDVENTURES_GAM_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-xSErBeoFGpG4fz6GF1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-P35B1BNzsquFgA%3D%3D&sc=1&os=1-4w%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%3B4*E%3Amx5%60K&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-banking-trojan-sharkbot-makes-waves-across-europe%2F%3Fftag%3DCOS-05-10aaa0g%26taid%3D6193bce8ea82b400012e6cdb%26utm_campaign%3DtrueAnthem%253A%2BTrending%2BContent%26utm_medium%3DtrueAnthem%26utm_source%3Dtwitter&pcode=redventuresgamheader644747280705&rx=559297423070&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&zMoatpos=top&zMoatvguid=-&zMoatptype=-&zMoatsl=mpu-plus-top%3FLL%7CT-1000&g=3&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=600&w=300&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-banking-trojan-sharkbot-makes-waves-across-europe%2F%3Fftag%3DCOS-05-10aaa0g%26taid%3D6193bce8ea82b400012e6cdb%26utm_campaign%3DtrueAnthem%253A%2BTrending%2BContent%26utm_medium%3DtrueAnthem%26utm_source%3Dtwitter&id=1&ii=4&f=0&j=https%3A%2F%2Ft.co&t=1637597056115&de=134299799349&cu=1637597056115&m=1966&ar=7e5b6a28623-clean&iw=a0d9f77&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3101&le=1&lf=163&lg=1&lh=25&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A824%3A824%3A831%3A784&as=1&ag=1038&an=1038&gi=1&gf=1038&gg=1038&ix=1038&ic=1038&ez=1&ck=1038&kw=858&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1038&bx=1038&ci=1038&jz=858&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=858&cd=858&ah=858&am=858&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5024496911%3A2870786075%3A5718138840%3A138352803033&bo=aw-zdnet&bd=security&gw=redventuresgamheader644747280705&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&zMoatAType=content_article&zMoatTest=zdnet&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&jk=4&jm=-1&tc=0&fs=195794&na=283295727&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 16:04:18 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 22 Nov 2021 16:04:18 GMT

POST /
684dd32d.akstat.io/ 0
0

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 101ms
100ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&zMoatAdUnit1=aw-zdnet&zMoatAdUnit2=security&wf=1&ra=3&pxm=&sgs=3&vb=6&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=REDVENTURES_GAM_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-xSErBeoFGpG4fz6GF1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-P35B1BNzsquFgA%3D%3D&sc=1&os=1-4w%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%3B4*E%3Amx5%60K&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-banking-trojan-sharkbot-makes-waves-across-europe%2F%3Fftag%3DCOS-05-10aaa0g%26taid%3D6193bce8ea82b400012e6cdb%26utm_campaign%3DtrueAnthem%253A%2BTrending%2BContent%26utm_medium%3DtrueAnthem%26utm_source%3Dtwitter&pcode=redventuresgamheader644747280705&rx=559297423070&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&zMoatpos=nav&zMoatvguid=-&zMoatptype=-&zMoatsl=nav-ad-plus-leader%3FT-1000&g=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=728&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-banking-trojan-sharkbot-makes-waves-across-europe%2F%3Fftag%3DCOS-05-10aaa0g%26taid%3D6193bce8ea82b400012e6cdb%26utm_campaign%3DtrueAnthem%253A%2BTrending%2BContent%26utm_medium%3DtrueAnthem%26utm_source%3Dtwitter&id=1&ii=4&f=0&j=https%3A%2F%2Ft.co&t=1637597056115&de=227713099391&cu=1637597056115&m=5813&ar=7e5b6a28623-clean&iw=a0d9f77&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3101&le=1&lf=163&lg=1&lh=25&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A824%3A824%3A831%3A784&as=1&ag=5048&an=1198&gi=1&gf=5048&gg=1198&ix=5048&ic=5048&ez=1&ck=1198&kw=1118&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5048&bx=1198&ci=1198&jz=1118&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4968&cd=1118&ah=4968&am=1118&xd=00&rf=0&re=0&wb=2&cl=0&at=0&d=5024496911%3A2870786075%3A5718138840%3A138352803033&bo=aw-zdnet&bd=security&gw=redventuresgamheader644747280705&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&zMoatAType=content_article&zMoatTest=zdnet&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&jk=5&jm=-1&tc=0&fs=195794&na=1300869012&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 16:04:21 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 22 Nov 2021 16:04:21 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 7ms
7ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&zMoatAdUnit1=aw-zdnet&zMoatAdUnit2=security&wf=1&ra=3&pxm=&sgs=3&vb=6&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=REDVENTURES_GAM_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-xSErBeoFGpG4fz6GF1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-P35B1BNzsquFgA%3D%3D&sc=1&os=1-4w%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%3B4*E%3Amx5%60K&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-banking-trojan-sharkbot-makes-waves-across-europe%2F%3Fftag%3DCOS-05-10aaa0g%26taid%3D6193bce8ea82b400012e6cdb%26utm_campaign%3DtrueAnthem%253A%2BTrending%2BContent%26utm_medium%3DtrueAnthem%26utm_source%3Dtwitter&pcode=redventuresgamheader644747280705&rx=559297423070&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&zMoatpos=top&zMoatvguid=-&zMoatptype=-&zMoatsl=mpu-plus-top%3FLL%7CT-1000&g=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=600&w=300&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-banking-trojan-sharkbot-makes-waves-across-europe%2F%3Fftag%3DCOS-05-10aaa0g%26taid%3D6193bce8ea82b400012e6cdb%26utm_campaign%3DtrueAnthem%253A%2BTrending%2BContent%26utm_medium%3DtrueAnthem%26utm_source%3Dtwitter&id=1&ii=4&f=0&j=https%3A%2F%2Ft.co&t=1637597056115&de=134299799349&cu=1637597056115&m=6015&ar=7e5b6a28623-clean&iw=a0d9f77&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3101&le=1&lf=163&lg=1&lh=25&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A824%3A824%3A831%3A784&as=1&ag=5090&an=1038&gi=1&gf=5090&gg=1038&ix=5090&ic=5090&ez=1&ck=1038&kw=858&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5090&bx=1038&ci=1038&jz=858&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4909&cd=858&ah=4909&am=858&xd=00&rf=0&re=0&wb=2&cl=0&at=0&d=5024496911%3A2870786075%3A5718138840%3A138352803033&bo=aw-zdnet&bd=security&gw=redventuresgamheader644747280705&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&zMoatAType=content_article&zMoatTest=zdnet&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&jk=5&jm=-1&tc=0&fs=195794&na=1587861354&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 16:04:22 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 22 Nov 2021 16:04:22 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 7ms
7ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&zMoatAdUnit1=aw-zdnet&zMoatAdUnit2=security&wf=1&ra=3&pxm=&sgs=3&vb=6&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=REDVENTURES_GAM_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-xSErBeoFGpG4fz6GF1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-P35B1BNzsquFgA%3D%3D&sc=1&os=1-4w%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%3B4*E%3Amx5%60K&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-banking-trojan-sharkbot-makes-waves-across-europe%2F%3Fftag%3DCOS-05-10aaa0g%26taid%3D6193bce8ea82b400012e6cdb%26utm_campaign%3DtrueAnthem%253A%2BTrending%2BContent%26utm_medium%3DtrueAnthem%26utm_source%3Dtwitter&pcode=redventuresgamheader644747280705&rx=559297423070&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&zMoatpos=bottom&zMoatvguid=-&zMoatptype=-&zMoatsl=mpu-bottom%3FLL%7CT-1000&g=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=300&rm=1&fy=1050&gp=2006.640625&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-banking-trojan-sharkbot-makes-waves-across-europe%2F%3Fftag%3DCOS-05-10aaa0g%26taid%3D6193bce8ea82b400012e6cdb%26utm_campaign%3DtrueAnthem%253A%2BTrending%2BContent%26utm_medium%3DtrueAnthem%26utm_source%3Dtwitter&id=1&ii=4&f=0&j=https%3A%2F%2Ft.co&t=1637597056115&de=871818286955&cu=1637597056115&m=6217&ar=7e5b6a28623-clean&iw=a0d9f77&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=2006.640625&lb=3101&le=1&lf=163&lg=1&lh=25&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A824%3A824%3A831%3A784&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5068&cd=143&ah=5068&am=143&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5024496911%3A2870786075%3A5718138840%3A138352803033&bo=aw-zdnet&bd=security&gw=redventuresgamheader644747280705&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&zMoatAType=content_article&zMoatTest=zdnet&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&jk=3&jm=-1&tc=0&fs=195794&na=1314837829&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 16:04:22 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 22 Nov 2021 16:04:22 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 6A4E 43 B
260 B 10ms
10ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&ra=1&pxm=&sgs=3&bo=22308610192&bp=22364980590&bd=undefined&zMoatNotCnet=true&zMoatPT=article&zMoatFT=COS-05-10aaa0g&zMoatSZ=0x0&zMoatPS=top&zMoatSZPS=0x0%20%7C%20top&zMoatPTAT=article&zMoatPTATSECT=article&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=REDVENTURES_GAM_DISPLAY1&ol=3408615744&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-wz%2BHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-kd5aRxmAS248Xw%3D%3D&sc=1&os=1-1Q%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=770&qe=123&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=78&w=150&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-banking-trojan-sharkbot-makes-waves-across-europe%2F%3Fftag%3DCOS-05-10aaa0g%26taid%3D6193bce8ea82b400012e6cdb%26utm_campaign%3DtrueAnthem%253A%2BTrending%2BContent%26utm_medium%3DtrueAnthem%26utm_source%3Dtwitter&id=1&ii=3&f=1&j=https%3A%2F%2Fwww.zdnet.com&lp=https%3A%2F%2Fwww.zdnet.com&t=1637597056568&de=820238277060&cu=1637597056568&m=5766&ar=b4494b788bb-clean&iw=5b2ce75&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=123&le=1&lf=215&lg=1&lh=147&gm=1&io=1&fa=1&ch=0&vv=3&vw=0%3A3%3A0&vp=0&vx=-%3A0%3A-&pe=0%3A87%3A204%3A719%3A333&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5075&cd=90&ah=5075&am=90&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=5029661432%3A2929336068%3A5823350303%3A138371350639&gw=redventuresgamdisplay60805146916&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22364980590&dfp=0%2C1&la=22364980590&zMoatW=0&zMoatH=0&zMoatVGUID=46f03238-12ed-4d41-b892-3369670a5bc9&zMoatSN=b&zMoatSL=sharethrough-top%3FLL%7CT-1000&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fnew-banking-trojan-sharkbot-makes-waves-across-europe&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&jk=3&jm=-1&iq=na&tt=na&tu=&tp=&tc=0&fs=195602&na=1662614723&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 16:04:22 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 22 Nov 2021 16:04:22 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 7ms
7ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&zMoatAdUnit1=aw-zdnet&zMoatAdUnit2=security&wf=1&ra=3&pxm=&sgs=3&vb=6&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=REDVENTURES_GAM_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-xSErBeoFGpG4fz6GF1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-P35B1BNzsquFgA%3D%3D&sc=1&os=1-4w%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%3B4*E%3Amx5%60K&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-banking-trojan-sharkbot-makes-waves-across-europe%2F%3Fftag%3DCOS-05-10aaa0g%26taid%3D6193bce8ea82b400012e6cdb%26utm_campaign%3DtrueAnthem%253A%2BTrending%2BContent%26utm_medium%3DtrueAnthem%26utm_source%3Dtwitter&pcode=redventuresgamheader644747280705&rx=559297423070&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&zMoatpos=middle&zMoatvguid=-&zMoatptype=-&zMoatsl=mpu-middle%3FLL%7CT-1000&g=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=157&w=300&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-banking-trojan-sharkbot-makes-waves-across-europe%2F%3Fftag%3DCOS-05-10aaa0g%26taid%3D6193bce8ea82b400012e6cdb%26utm_campaign%3DtrueAnthem%253A%2BTrending%2BContent%26utm_medium%3DtrueAnthem%26utm_source%3Dtwitter&id=1&ii=4&f=0&j=https%3A%2F%2Ft.co&t=1637597056115&de=298293411447&cu=1637597056115&m=6419&ar=7e5b6a28623-clean&iw=a0d9f77&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3101&le=1&lf=163&lg=1&lh=25&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A824%3A824%3A831%3A784&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5080&cd=21&ah=5080&am=21&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5024496911%3A2870786075%3A5718138840%3A138352803033&bo=aw-zdnet&bd=security&gw=redventuresgamheader644747280705&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&zMoatAType=content_article&zMoatTest=zdnet&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&jk=3&jm=-1&tc=0&fs=195794&na=623186279&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 16:04:22 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 22 Nov 2021 16:04:22 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 684dd32d.akstat.io
URL: https://684dd32d.akstat.io/

Domain: 684dd32d.akstat.io
URL: https://684dd32d.akstat.io/

Verdicts & Comments Add Verdict or Comment

141 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe	1970-01-19 22:54:03	Name: pv Value: 1
www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe	1969-12-31 23:59:59	Name: zdnet_ad Value: %7B%22type%22%3A%22gpt%22%2C%22region%22%3A%22aw%22%2C%22subses%22%3A%224%22%2C%22session%22%3A%22b%22%7D
www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe	1969-12-31 23:59:59	Name: zdnet_ad_ftag Value: COS-05-10aaa0g
.t.co/	1970-01-20 16:24:29	Name: muc Value: 84d6ab35-9ab7-4118-8818-f2d741f8dba7
.t.co/	1970-01-20 16:24:29	Name: muc_ads Value: 84d6ab35-9ab7-4118-8818-f2d741f8dba7
.zdnet.com/	1970-01-19 22:57:07	Name: nemo_highlander Value: related_rr:1:a
.zdnet.com/	1970-01-19 23:03:21	Name: fly_geo Value: {"countryCode": "de"}
.zdnet.com/	1970-01-19 23:03:21	Name: fly_device Value: desktop
.zdnet.com/	1969-12-31 23:59:59	Name: fly_preferred_edition Value: eu
.zdnet.com/	1969-12-31 23:59:59	Name: fly_default_edition Value: eu
www.zdnet.com/	1969-12-31 23:59:59	Name: viewGuid Value: 46f03238-12ed-4d41-b892-3369670a5bc9
.zdnet.com/	1970-01-19 23:36:29	Name: arrowImp Value: true
.zdnet.com/	1970-01-19 23:36:29	Name: arrowImpCnt Value: 1
.zdnet.com/	1970-01-19 23:36:29	Name: ugc Value: 1637597055
.zdnet.com/	1970-01-20 07:38:53	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Mon+Nov+22+2021+16%3A04%3A15+GMT%2B0000+(GMT)&version=6.20.0&hosts=&consentId=4167c00a-62cf-4b98-a2c1-7bdd7a53c832&interactionCount=0&landingPath=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-banking-trojan-sharkbot-makes-waves-across-europe%2F%3Fftag%3DCOS-05-10aaa0g%26taid%3D6193bce8ea82b400012e6cdb%26utm_campaign%3DtrueAnthem%253A+Trending+Content%26utm_medium%3DtrueAnthem%26utm_source%3Dtwitter&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0
.zdnet.com/	1969-12-31 23:59:59	Name: fly_session Value: 8c90f642a004f529a04ed35ea8d20e5d
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 9a47bad4fdaa906a
www.zdnet.com/	1970-01-20 07:38:53	Name: _mfuuid_ Value: 006fb2a1-ea81-4d9f-9f63-259baa929da5
.www.zdnet.com/	1970-01-20 16:24:29	Name: chsn_cnsnt Value: tglr_ref%2Ctglr_req%2Ctglr_sess_id%2Ctglr_sess_count%2Ctglr_anon_id%2Ctglr_tenant_id%2Ctglr_virtual_ref%2Ctglr_transit_id%2Cchsn_dcsn_cache%2Cpmpdid%2Cpmpredirected%2Cpmpredir%2Cfuseid%2Ccohsn_xs_id%2Cchsn_auth_id%2ChashID%2CetagID%2CreinforcedID%2ChttpOnlyID%2CfpID%2CflID%2Ctglr_smpl%2Ctglr_reinforce%2Ctglr_gpc_sess_id%2Ctglr_hash_id
.www.zdnet.com/	1970-01-20 16:24:29	Name: tglr_tenant_id Value: src_1kYsAcdpfzbZ8UlNLYht1RPg3m2
.www.zdnet.com/	1970-01-19 22:53:18	Name: tglr_sess_id Value: 6592ccc6-9b6d-4d50-b04d-9684f836f7cd
.www.zdnet.com/	1970-01-20 16:24:29	Name: tglr_sess_count Value: 1
.www.zdnet.com/	1970-01-19 22:53:18	Name: tglr_req Value: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter
.www.zdnet.com/	1970-01-19 22:53:18	Name: tglr_ref Value: https://t.co/
.www.zdnet.com/	1970-01-20 16:24:29	Name: tglr_anon_id Value: 72b353bb-e586-4675-94f0-4b2eecc71642
.cohesionapps.com/	1970-01-20 16:24:29	Name: cohsn_xs_id Value: 8e6db338-c00c-4425-9a69-00bca19faf10
.www.zdnet.com/	1970-01-20 16:24:29	Name: cohsn_xs_id Value: 8e6db338-c00c-4425-9a69-00bca19faf10
.doubleclick.net/	1970-01-20 08:14:53	Name: IDE Value: AHWqTUlqLpu1HhTJ-sujZW-VfmPD5BS8RnIBgC9_7s4mFZLT-x1PkFnR660CvB_Lfi4
.zdnet.com/	1970-01-20 08:14:53	Name: __gads Value: ID=5ff14ca4d1a3aadc-22bceec1eccb0050:T=1637597056:S=ALNI_Ma5CwSUmDtwFdfaXN2qGSBqiA4bgw
.doubleclick.net/	1970-01-19 22:53:20	Name: DSID Value: NO_DATA
.zdnet.com/	1970-01-19 23:03:21	Name: RT Value: "z=1&dm=zdnet.com&si=098dcc78-0053-4f6f-937d-1f4a7061075d&ss=kwav0684&sl=1&tt=23t&bcn=%2F%2F684dd32d.akstat.io%2F&ld=2w0"

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
javascript	warning	URL: https://z.moatads.com/redventuresgamdisplay60805146916/moatad.js(Line 133) Message: The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
javascript	error	URL: https://www.zdnet.com/article/new-banking-trojan-sharkbot-makes-waves-across-europe/?ftag=COS-05-10aaa0g&taid=6193bce8ea82b400012e6cdb&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter Message: Access to XMLHttpRequest at 'https://684dd32d.akstat.io/' from origin 'https://www.zdnet.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://684dd32d.akstat.io/ Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

684dd32d.akstat.io
85972591c3e5cb0d0b32019134a0ac88.safeframe.googlesyndication.com
a.myfidevs.io
ad.doubleclick.net
adservice.google.com
adservice.google.de
at.adtech.redventures.io
bam-cell.nr-data.net
c.go-mpulse.net
cdn.ampproject.org
cdn.cohesionapps.com
cdn.cookielaw.org
confiant-integrations.global.ssl.fastly.net
fonts.googleapis.com
fonts.gstatic.com
geo.moatads.com
geolocation.onetrust.com
googleads.g.doubleclick.net
ingest.make.rvapps.io
js-agent.newrelic.com
mb.moatads.com
media-mtml.mt.rvapps.io
pagead2.googlesyndication.com
protected-by.clarium.io
px.moatads.com
redventuresgamdisplay60805146916.s.moatpixel.com
redventuresgamheader644747280705.s.moatpixel.com
securepubads.g.doubleclick.net
static.myfinance.com
t.co
taggy.cohesionapps.com
tpc.googlesyndication.com
urs.zdnet.com
www.google.com
www.googletagservices.com
www.myfinance.com
www.zdnet.com
z.moatads.com
684dd32d.akstat.io
104.244.42.69
142.250.185.66
143.204.98.124
151.101.194.154
151.101.2.137
151.101.65.194
162.247.243.146
18.171.9.184
18.194.83.218
184.72.183.173
2.18.235.40
216.58.212.166
2606:4700:10::6814:b844
2606:4700:3030::ac43:b431
2606:4700:3037::6815:2b8a
2606:4700::6810:9540
2a00:1450:4001:80f::2001
2a00:1450:4001:811::2002
2a00:1450:4001:812::2001
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:827::200a
2a00:1450:4001:828::2003
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2002
2a02:26f0:6c00:1bb::11a6
2a02:26f0:6c00:2b9::11a6
2a04:4e42:4c::666
34.120.203.121
34.199.156.235
34.246.74.180
52.7.5.26
0072f2a89bd32697c990a647ce4577265131df2f7d089ecef8eb14d50abdfb36
035b260b05b3b5a0a62054408a3ef45b2b39e589fd55ff8c02cc86178ceb8424
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0a830965bf0ca79c75b43b1daac3fd85af97805d62d551b7773792b2a9eac461
0b19d7b02efa2e63180e064f2801718bccb6fd3c2c307ee41110e21e2e4ad390
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f23aaa9d0fec5942a9907b88ad801ff3eff3abede69bf286d869061201c67fe
106eb783b9848548d8dd1e2a4b5420ad5e6282da83d7c4be902aebba69bb665e
10ce79bea7fb9c262fd38c6aaf63dca35853a485decd7be1c09c88522d29504c
12717f96c61a500136a8564d666db9b960869a71dd3176a438b53fb08be5c7bb
1515534809a50b5a7f5cc377a64079e7af7890fd66544868dcfdf03ed41f9a2b
15d822764234aff49119c215a88e3a6570111a715b17ba3511170067b7443b3f
15f76772a89434e406eecaeef78f5afee1dbdd1d227487dbe0d6a00f9bfd2f4d
15fc6da0c56525b38a69504e4d5e73d1126290aff814150c4468d303a73bc727
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a479c129d4c289159a7ad8bd9b8d575c6dad0e40ef1d25ab77cd3d011a2a17c
1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f
1f664440b22951b8c5a35f38ec7b463978c388cfe465c397f45bfbe26c50be84
21c9c7889404394d4e4c780022b56b5fa39e83b19c34eb0508561a115a1dcc6a
295c66c14524b77dd1271317457dec037b5ef0943da346b9b73681e54da826e0
2c125e6a12e3dd1d1d1aec93292e90fb3c28f36646a954402702b1d9c25175b1
2e69746041c55bf0f480952a7d1140cb5fddae77ffdc4ff455c187ee5af87397
2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
364e9fa8e5ebd2723bceb6ad16241c713dbf20df34f4694041995de5b499eca3
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
3c2c275622093f9012768ff2e30be9dafee750f18b0938feacb193559db34ebd
3c84c94e70bd37564096b570ff0a98dbc422b0fded8d2cf43bf2fa26e11a35b4
3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5
3d9f5324cc8086574958194a80c0c709dcfd3d797620de8b9fa151dd26f98dc8
3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc
44b52e57fb51976705c6a0ab20755b61c9664820d38be225809057cff032075d
451b65c3e2b0ec7b9220d3f4ce562519c3523cbe7146aefefd56c785d511a071
4be568cb286ae4d81203303a724d1b8e936ccc8a5555fd389c1f3e8806e472e7
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
514cde76833bbb8f2303b54be841b31d44d54a70e552dd317d0c2e43681740d4
527dc53f94ab0f44263231857f9318476af93b8d35df919e53393f6ec61c90f7
52a334839997f9a6b5058a4034dbc89651c7ab64d3eef1f3bf77f9334e32bc9a
58627b0bebaa9e090b75bc6ac90c84f1c92785702f082197c1c5a97bb4e62729
5bbe3fc1b22e847e9b39b5e3d2e0a3a1d7bc3f0881af180e2a702aa3a4a10266
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2
660c4944d12218cf2b184d845516f3930ba222de846078099256b70ea7acaf90
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
69721aa2f1085046c84d1943a1daa0515be8e2f060c21063024ea117789e425c
6c0cd7b80611259d4ccce9165e8b5dd062aad43e3e3e19a404fe967c49795d03
6e613560cec9fd4e47e04029561769e9e9d4f28d0592b217f007772f00348cfe
6edbe2f6d2afbae11a835d9caac9e1b4f558ca7e0c2e14bffcc504e90c5e55dc
72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4
758c7d9d726719d14444ed93bfb64d21c84342d6ca479826b1477d7da24b3a14
7f43f0b94a59b6c70df8f03207eb3d63f5d925540b0031e66321eec9db124260
7fa1c7b1686f9f116183456c39f7b3ed9cce063cfb428e575fe4a29ae05c4fa6
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
816c5b4567ad1085a3755393c050814529c332dbfbefeaa89f59dd7b2c4ac7a4
829c410a6b21a34e4127e1ae45f244189a83493c13712d9e5d98f1d2dc19c3f7
82f947d14a0a198dfe3cec2fde7896f6e332eb798cc193dad8da9ed2225277cd
8542bf67ba9c4f606f81e7712ae864ab488925129decdba1932ffbbffd44c126
88b8a3cb9df436d6910440c58428516accee080be4fa556d3cf10ec6905cf1b9
8986c8a27ea34a01d82f0e858982f1214fa530a8f95fa818c7425cce2202c975
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8aa891f09153fae1df0c870f2452ef8c9e1e25625eb3596e227f0d533f3644cb
8aed12b8b95a1d49011f3e134dc8e71804a3576818d1d1334145aaa96d71aa5e
914a1e5fb452f9eaa15950cca99676679420af1fbd5f033e9c243f1de4128849
916a33fa567e1ef02bb792ff9e0361a0e28f43967aba94e18a119e2328c3f0b9
94afe7062a05c16236aa62c120d3fe0790661086cbd242a2130beacce19234e0
95783bf43b78701a92daf5ec7268db97c7144599c774821126b8cc5396724bfa
98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf
9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508
9b7909cb9edd007095b41a13617b66208e4210fff9c5e411a7db116efefc8e71
9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b
9ee1fd501edebb80562e0856e95252de088d4ff0f753672c22d0f4096871d655
9f4b2bd8b5636a2efd3f471694a3f7ff2dd3451e9bd7fc3daa3d3dd41607398c
9f682d22d4af295f13735efdb26af3b5f106a580f65d6863739872b4dad7bbee
a0233f2a52d38bb92f54e15bdcc0bfe964c74921d560de3ece5f51aaeb3c8a80
a0a97a5a7dc2b30e9a76ff211332f36d435293c19ed91ca1ad6a66adc1dc50cd
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5bca99152b0f9454e121f2650f9609147fcca8a6b5e499952035617948371bf
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a70d5b9ad136255942779acf94da5cc72316fde5c10c5e7707d6f1888f43dcb8
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8a94d42c979e478050545342252366082c4e5f3aeff8dc27bae989a22f6ca34
ae082ab699acd7d8674e1c8796930d21b314aa7959704c0d26e82c6f07084f4c
af8fb029061e1df61de7659ae089d32efccef1dd44ab5c732187621b7cb5fe20
afac3a301d848688d0748228296ec7ae26369f67c2df29f3f480ef3ab0bc6ef9
b4b1d1d87ac3ccaa6ba5c10e29284746c7c628fada8676455f4c5da925bee5ca
b505f5d393b6b62983f657a23b1e1919e169a34141db106f666a7099248a6e9c
b5cff7bfde110434ccdb2ef8e1ec164a255a7eee40baa8ed851559d26e2d9161
b87c45f1d64779700f784d84c40cdb0c358a056258ef43318ee7b7c3c07ee51b
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bb852945d8e9ae2dddadccfbce542830d5e86adf940a29239fa2742d6e79e2fb
c50d5d10df377bd960648973b53891bfcaf48f457503eed023ad2c29f28e49b2
c83de3876b70820a0a835648010dc49a5600d6c3dd65f1a1e19ff44d33663083
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd715c0fa7d69e85432e8b08d0a02b9613edf40212cca2040bde31670167638e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1472fdfcf7336fd1e43589cc1663eab224de820c944d12e7e9563a6b9b6b529
d7d3855320fad55978ed4ebec77d1e43047eb690faa20a20529c83b5df23ce9c
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
dfd272053c730cd470302af475eb401d9be41c81f0081c20d7910f6c12732c9d
e0d71e9e83d526a320cdee881361d1abcf386a92a21c116a31976690453bc75c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
ea7373d7059ab32d4304249b48a91311f91d2dce5e1ebf10450f33f9a8c5f5ec
eaf765d314b24473895a9ece61135d31023528c3b65129051b2c5a471d780604
ebfe453394ff1be6ef75d380ab7c5535aea0b51832d045f0d5d0ef7e6535969c
ec960d20bf77ffa7878ef85052bd131ccbc4730e5c8b3741b9d782f04f9a1a78
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f20dbee1e70d8390ce94c0ed81f80d1578b79ed3f3699b574942c63cc2bcdab0
f3e2e0f12c5badfe408d69bf6c0fa9ce6247f9a45c849851a53b8647637cfcd0
f40e742b5c3fbfe8b422267d62427039ea3fc64f314e0507ad8f9418069b5796
f688aad8d8953c9586424c1fc0681431beccff71385ae17c4b701df836d29fc1
f6bdd8e675d64d4250b059922bcd5e404fd432efb805885ebe68291b2a75b18c
f77d9714c6b72e642d375ea5dccf7925440a5fee7c37114262b5020454a18d14
f93fa3cef5bf93b0a552e9de0130cf801382e69d0b12de6deb64d0e0865181d2
fa3c2e6e0681eb8d99c0bc06918e317abac8bd4d184290d05d21cf94a490f023
fb7a86f12d2f0ac2f4111c147415ab30f9c7d84c5e15faba3875fce7ce590127
ff2ae991ac0efdb5ae8b4428ba8555a0aeb0fd94b8014ce290c484242c524097

www.zdnet.com Open in urlscan Pro 2a04:4e42:4c::666 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

215 Requests

97 %HTTPS

52 %IPv6

25 Domains

38 Subdomains

34 IPs

4 Countries

15966 kBTransfer

19975 kBSize

31 Cookies

16 Outgoing links

Page URL History

Redirected requests

215 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.zdnet.com Open in urlscan Pro
2a04:4e42:4c::666 Public Scan

Screenshot
Live screenshot

Full Image

215
Requests

97 %
HTTPS

52 %
IPv6

25
Domains

38
Subdomains

34
IPs

4
Countries

15966 kB
Transfer

19975 kB
Size

31
Cookies

215 HTTP transactions
8 data transactions