urlscan.io logo urlscan.io
SecurityTrails logo

uk.pcmag.com Open in urlscan Pro
23.36.234.181  Public Scan

Go To Rescan Add Verdict Report
URL: https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
Submission: On February 22 via manual from IE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 90 IPs in 9 countries across 77 domains to perform 303 HTTP transactions. The main IP is 23.36.234.181, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is uk.pcmag.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on January 9th 2021. Valid for: a year.
This is the only time uk.pcmag.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 23.36.234.181 16625 (AKAMAI-AS)
5 2.17.178.46 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 3 104.108.64.33 16625 (AKAMAI-AS)
12 216.58.212.130 15169 (GOOGLE)
4 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
3 23.79.153.186 16625 (AKAMAI-AS)
7 2a00:1450:400... 15169 (GOOGLE)
1 2 54.77.118.208 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 23.36.236.158 16625 (AKAMAI-AS)
1 151.101.194.137 54113 (FASTLY)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 151.101.36.84 54113 (FASTLY)
1 2a03:2880:f01... 32934 (FACEBOOK)
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 34.196.200.156 14618 (AMAZON-AES)
12 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 104.108.41.56 16625 (AKAMAI-AS)
7 3.215.15.110 14618 (AMAZON-AES)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:64:... 20940 (AKAMAI-ASN1)
1 184.30.21.15 16625 (AKAMAI-AS)
2 2a02:26f0:10c... 20940 (AKAMAI-ASN1)
2 3.227.166.28 14618 (AMAZON-AES)
19 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 3 185.33.221.91 29990 (ASN-APPNEX)
2 185.64.189.112 62713 (AS-PUBMATIC)
1 69.173.144.143 26667 (RUBICONPR...)
4 2606:2800:233... 15133 (EDGECAST)
2 2a03:2880:f11... 32934 (FACEBOOK)
6 54.236.84.15 14618 (AMAZON-AES)
1 54.165.228.255 14618 (AMAZON-AES)
23 104.126.36.187 20940 (AKAMAI-ASN1)
3 46.51.193.68 16509 (AMAZON-02)
1 3.221.22.39 14618 (AMAZON-AES)
1 151.101.114.133 54113 (FASTLY)
6 12 2a00:1450:400... 15169 (GOOGLE)
2 2 35.156.153.71 16509 (AMAZON-02)
4 4 18.156.0.31 16509 (AMAZON-02)
3 34.202.70.106 14618 (AMAZON-AES)
4 23.218.208.200 16625 (AKAMAI-AS)
1 2 23.218.208.246 16625 (AKAMAI-AS)
1 1 23.37.42.132 16625 (AKAMAI-AS)
2 104.108.50.124 16625 (AKAMAI-AS)
2 4 185.86.137.114 201081 (SMARTADSE...)
2 3.211.2.212 14618 (AMAZON-AES)
1 185.86.139.58 201081 (SMARTADSE...)
2 8 35.244.159.8 15169 (GOOGLE)
2 213.19.147.210 3356 (LEVEL3)
4 63.32.144.77 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 6 54.72.237.129 16509 (AMAZON-02)
2 7 184.30.20.241 16625 (AKAMAI-AS)
1 2 52.94.232.32 16509 (AMAZON-02)
5 5 142.250.186.98 15169 (GOOGLE)
1 1 3.81.223.233 ()
2 63.251.232.170 29791 (VOXEL-DOT...)
1 1 63.35.200.21 16509 (AMAZON-02)
3 3 2620:116:800d... 16509 (AMAZON-02)
4 2600:9000:212... 16509 (AMAZON-02)
8 2a00:1450:400... 15169 (GOOGLE)
2 185.64.190.78 62713 (AS-PUBMATIC)
11 104.244.39.20 7415 (ADSAFE-1)
4 2a00:1450:400... 15169 (GOOGLE)
2 2 213.155.156.166 ()
2 23 185.64.189.110 62713 (AS-PUBMATIC)
1 178.250.2.151 44788 (ASN-CRITE...)
5 5 52.31.242.159 16509 (AMAZON-02)
1 1 185.86.137.131 201081 (SMARTADSE...)
2 2 198.148.27.140 ()
1 1 85.114.159.118 24961 (MYLOC-AS ...)
1 1 87.98.252.5 16276 (OVH)
1 1 213.19.147.150 3356 (LEVEL3)
1 2 104.18.13.5 13335 (CLOUDFLAR...)
1 2 151.101.13.44 54113 (FASTLY)
1 2 35.227.248.159 15169 (GOOGLE)
2 2 3.125.99.7 16509 (AMAZON-02)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 77.243.60.138 42697 (NETIC-AS)
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.189.249 62713 (AS-PUBMATIC)
1 2 169.50.137.190 36351 (SOFTLAYER)
5 6 37.157.6.241 198622 (ADFORM)
4 4 185.29.133.58 30419 (MEDIAMATH...)
3 185.64.190.81 62713 (AS-PUBMATIC)
1 2 2a00:1288:110... 34010 (YAHOO-IRD)
3 3 52.58.45.227 16509 (AMAZON-02)
2 2 3.127.166.11 ()
1 1 2001:678:cb4:... 56396 (TURN)
3 4 151.101.114.49 54113 (FASTLY)
2 2 66.155.71.150 13768 (COGECO-PEER1)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 159.65.196.12 14061 (DIGITALOC...)
1 1 34.98.107.212 ()
1 1 185.33.221.50 29990 (ASN-APPNEX)
2 185.64.190.79 62713 (AS-PUBMATIC)
1 1 52.215.241.211 ()
4 5 69.173.144.139 26667 (RUBICONPR...)
3 3 51.210.112.63 16276 (OVH)
2 2 52.30.234.204 16509 (AMAZON-02)
1 1 52.200.246.203 ()
1 1 8.43.72.98 ()
6 142.250.185.162 15169 (GOOGLE)
1 2 2a00:1288:80:... 203220 (YAHOO-DEB)
4 69.173.144.138 26667 (RUBICONPR...)
1 34.120.207.148 15169 (GOOGLE)
1 2600:9000:20d... 16509 (AMAZON-02)
3 3.231.36.251 14618 (AMAZON-AES)
303 90
16    23.36.234.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-234-181.deploy.static.akamaitechnologies.com
uk.pcmag.com
sm.pcmag.com
assets.pcmag.com
cdn.static.zdbb.net
bbstatic.pcmag.com
5    2.17.178.46 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
cdn.ziffstatic.com
1    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    104.108.64.33 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-64-33.deploy.static.akamaitechnologies.com
sb.scorecardresearch.com
12    216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net
securepubads.g.doubleclick.net
4    2a02:26f0:6c00::210:ba0a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
3    23.79.153.186 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-153-186.deploy.static.akamaitechnologies.com
c.evidon.com
7    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    54.77.118.208 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
secure-us.imrworldwide.com
1    2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
1    23.36.236.158 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
tags.bkrtx.com
1    151.101.194.137 (United States)

ASN54113 (FASTLY, US)
player.ex.co
2    2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)
maxcdn.bootstrapcdn.com
1    151.101.36.84 (Amsterdam, Netherlands)

ASN54113 (FASTLY, US)
api.pinterest.com
1    2a03:2880:f01c:800e:face:b00c:0:2 (United States)

ASN32934 (FACEBOOK, US)
graph.facebook.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.linkedin.com
1    2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    34.196.200.156 (United States)

ASN14618 (AMAZON-AES, US)
gurgle.pcmag.com
gurgle.zdbb.net
12    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.ch
adservice.google.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
1    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
970a91b2ede9c966f542ee0c4fcdd9c1.safeframe.googlesyndication.com
6    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
cdn.ampproject.org
2    104.108.41.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-41-56.deploy.static.akamaitechnologies.com
stags.bluekai.com
7    3.215.15.110 (United States)

ASN14618 (AMAZON-AES, US)
prd-collector-anon.ex.co
3    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a02:26f0:64::210:b571 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.avplayer.com
1    184.30.21.15 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
cdn.playbuzz.com
2    2a02:26f0:10c:4bc::2c79 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.aniview.com
2    3.227.166.28 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
atrack.avplayer.com
19    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    185.33.221.91 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
ib.adnxs.com
2    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    69.173.144.143 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
4    2606:2800:233:97b6:26be:138a:cba8:bb01 (United States)

ASN15133 (EDGECAST, US)
adserver-eu.adtech.advertising.com
2    2a03:2880:f11c:8183:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
6    54.236.84.15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
track1.aniview.com
1    54.165.228.255 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
premiumsrv.aniview.com
23    104.126.36.187 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
mcd.ex.co
3    46.51.193.68 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
zdbb.net
1    3.221.22.39 (United States)

ASN14618 (AMAZON-AES, US)
jogger.zdbb.net
1    151.101.114.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cdn.krxd.net
12    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
cm.g.doubleclick.net
2    35.156.153.71 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pixel.advertising.com
4    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
3    34.202.70.106 (United States)

ASN14618 (AMAZON-AES, US)
sync.aniview.com
4    23.218.208.200 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-200.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    23.218.208.246 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-246.deploy.static.akamaitechnologies.com
ssum.casalemedia.com
1    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    104.108.50.124 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-50-124.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
4    185.86.137.114 (France)

ASN201081 (SMARTADSERVER, FR)
www9.smartadserver.com
2    3.211.2.212 (United States)

ASN14618 (AMAZON-AES, US)
s2s.aniview.com
1    185.86.139.58 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
8    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
playbuzzltd-d.openx.net
u.openx.net
eu-u.openx.net
us-u.openx.net
2    213.19.147.210 (United Kingdom)

ASN3356 (LEVEL3, US)
tag.1rx.io
4    63.32.144.77 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pixel.adsafeprotected.com
2    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
6    54.72.237.129 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.adsrvr.org
7    184.30.20.241 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-241.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
2    52.94.232.32 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
5    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
cm.g.doubleclick.net
1    3.81.223.233 (Ashburn, United States)

ASN- ()
nep.advangelists.com
2    63.251.232.170 (United States)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
1    63.35.200.21 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
d.adroll.com
3    2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
4    2600:9000:2127:e600:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
8    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
11    104.244.39.20 (United States)

ASN7415 (ADSAFE-1, US)
dt.adsafeprotected.com
4    2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    213.155.156.166 (Sweden)

ASN- ()
PTR: 213-155-156-166.teliacarrier-cust.com
d5p.de17a.com
23    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
5    52.31.242.159 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-242-159.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    185.86.137.131 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
2    198.148.27.140 (New York, United States)

ASN- ()
bh.contextweb.com
1    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    87.98.252.5 (France)

ASN16276 (OVH, FR)
PTR: ip5.ip-87-98-252.eu
green.erne.co
1    213.19.147.150 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
2    104.18.13.5 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
trc.taboola.com
match.taboola.com
2    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
2    3.125.99.7 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pm.w55c.net
2    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
spl.zeotap.com
2    77.243.60.138 (Aalborg, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
1    185.64.189.249 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
2    169.50.137.190 (United States)

ASN36351 (SOFTLAYER, US)
PTR: be.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
6    37.157.6.241 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
4    185.29.133.58 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
2    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
3    52.58.45.227 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
x.bidswitch.net
2    3.127.166.11 (Frankfurt am Main, Germany)

ASN- ()
prod.perf-serving.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
4    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    2a02:fa8:8806:12::1400 (United States)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    159.65.196.12 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    34.98.107.212 (Kansas City, United States)

ASN- ()
ads.playground.xyz
1    185.33.221.50 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
2    185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
1    52.215.241.211 (Dublin, Ireland)

ASN- ()
rtb.gumgum.com
5    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
3    51.210.112.63 (France)

ASN16276 (OVH, FR)
PTR: ns3174889.ip-51-210-112.eu
pixel.onaudience.com
2    52.30.234.204 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.crwdcntrl.net
1    52.200.246.203 (New York, United States)

ASN- ()
sync.ipredictive.com
1    8.43.72.98 (United States)

ASN- ()
pixel-us-east.rubiconproject.com
6    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
pubads.g.doubleclick.net
2    2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
cookiex.ngd.yahoo.com
4    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    34.120.207.148 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 148.207.120.34.bc.googleusercontent.com
id.rlcdn.com
1    2600:9000:20d7:5e00:10:27b4:f500:93a1 (United States)

ASN16509 (AMAZON-02, US)
iabmap.evidon.com
3    3.231.36.251 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
l.evidon.com
Apex Domain
Subdomains		 Transfer
37 pubmatic.com
hbopenbid.pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
aud.pubmatic.com
image4.pubmatic.com
image8.pubmatic.com
simage4.pubmatic.com
71 KB
34 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
googleads.g.doubleclick.net
pubads.g.doubleclick.net
160 KB
31 ex.co
player.ex.co
prd-collector-anon.ex.co
mcd.ex.co
2 MB
29 googlesyndication.com
970a91b2ede9c966f542ee0c4fcdd9c1.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
329 KB
19 adsafeprotected.com
pixel.adsafeprotected.com
static.adsafeprotected.com
dt.adsafeprotected.com
188 KB
16 pcmag.com
uk.pcmag.com
sm.pcmag.com
assets.pcmag.com
gurgle.pcmag.com
bbstatic.pcmag.com
253 KB
14 rubiconproject.com
fastlane.rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
21 KB
14 aniview.com
player.aniview.com
track1.aniview.com
premiumsrv.aniview.com
sync.aniview.com
s2s.aniview.com
176 KB
11 googleapis.com
fonts.googleapis.com
imasdk.googleapis.com
1 MB
9 casalemedia.com
ssum.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
10 KB
8 openx.net
playbuzzltd-d.openx.net
u.openx.net
eu-u.openx.net
us-u.openx.net
2 KB
8 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
ads.yahoo.com
cookiex.ngd.yahoo.com
5 KB
8 google.com
adservice.google.com
www.google.com
940 B
8 google-analytics.com
www.google-analytics.com
20 KB
7 evidon.com
c.evidon.com
iabmap.evidon.com
l.evidon.com
6 KB
6 adform.net
c1.adform.net
2 KB
6 adsrvr.org
match.adsrvr.org
2 KB
6 smartadserver.com
www9.smartadserver.com
prg.smartadserver.com
rtb-csync.smartadserver.com
4 KB
6 advertising.com
adserver-eu.adtech.advertising.com
pixel.advertising.com
935 B
6 zdbb.net
cdn.static.zdbb.net
gurgle.zdbb.net
zdbb.net
jogger.zdbb.net
25 KB
5 bidr.io
match.prod.bidr.io
2 KB
5 ampproject.org
cdn.ampproject.org
99 KB
5 ziffstatic.com
cdn.ziffstatic.com
52 KB
4 everesttech.net
sync-tm.everesttech.net
1 KB
4 mathtag.com
sync.mathtag.com
2 KB
4 2mdn.net
s0.2mdn.net
42 KB
4 adnxs.com
ib.adnxs.com
secure.adnxs.com
4 KB
4 typekit.net
use.typekit.net
159 KB
3 onaudience.com
pixel.onaudience.com
1 KB
3 bidswitch.net
x.bidswitch.net
1 KB
3 quantserve.com
pixel.quantserve.com
1 KB
3 1rx.io
tag.1rx.io
sync.1rx.io
910 B
3 gstatic.com
fonts.gstatic.com
33 KB
3 googletagservices.com
www.googletagservices.com
93 KB
3 avplayer.com
player.avplayer.com
atrack.avplayer.com
71 KB
3 facebook.com
graph.facebook.com
www.facebook.com
1 KB
3 scorecardresearch.com
sb.scorecardresearch.com
2 KB
2 crwdcntrl.net
sync.crwdcntrl.net
991 B
2 sitescout.com
pixel-sync.sitescout.com
947 B
2 perf-serving.com
prod.perf-serving.com
1 KB
2 simpli.fi
um.simpli.fi
1 KB
2 fiftyt.com
visitor.fiftyt.com
988 B
2 semasio.net
uipglob.semasio.net
1 KB
2 zeotap.com
mwzeom.zeotap.com
spl.zeotap.com
8 KB
2 w55c.net
pm.w55c.net
2 KB
2 tapad.com
pixel.tapad.com
615 B
2 taboola.com
trc.taboola.com
match.taboola.com
558 B
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 contextweb.com
bh.contextweb.com
1 KB
2 de17a.com
d5p.de17a.com
637 B
2 adgrx.com
cm.adgrx.com
816 B
2 amazon-adsystem.com
s.amazon-adsystem.com
1 KB
2 bluekai.com
stags.bluekai.com
772 B
2 facebook.net
connect.facebook.net
93 KB
2 imrworldwide.com
secure-us.imrworldwide.com
945 B
1 rlcdn.com
id.rlcdn.com
66 B
1 ipredictive.com
sync.ipredictive.com
522 B
1 gumgum.com
rtb.gumgum.com
336 B
1 playground.xyz
ads.playground.xyz
485 B
1 bidtheatre.com
match.adsby.bidtheatre.com
550 B
1 dotomi.com
pubmatic-match.dotomi.com
104 B
1 turn.com
ad.turn.com
518 B
1 erne.co
green.erne.co
325 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 criteo.com
dis.criteo.com
325 B
1 adroll.com
d.adroll.com
112 B
1 advangelists.com
nep.advangelists.com
231 B
1 krxd.net
cdn.krxd.net
394 B
1 playbuzz.com
cdn.playbuzz.com
19 KB
1 google.ch
adservice.google.ch
803 B
1 linkedin.com
www.linkedin.com
1 pinterest.com
api.pinterest.com
359 B
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com
6 KB
1 bkrtx.com
tags.bkrtx.com
16 KB
1 onesignal.com
cdn.onesignal.com
3 KB
0 consensu.org Failed
vendorlist.consensu.org Failed
0 kargo.com Failed
krk.kargo.com Failed
303 77
Domain Requested by
23 mcd.ex.co player.avplayer.com
20 tpc.googlesyndication.com securepubads.g.doubleclick.net
uk.pcmag.com
tpc.googlesyndication.com
cdn.ampproject.org
15 simage2.pubmatic.com 2 redirects image6.pubmatic.com
ads.pubmatic.com
14 cm.g.doubleclick.net 11 redirects u.openx.net
12 securepubads.g.doubleclick.net uk.pcmag.com
securepubads.g.doubleclick.net
www.googletagservices.com
11 dt.adsafeprotected.com
8 image2.pubmatic.com image6.pubmatic.com
ads.pubmatic.com
8 imasdk.googleapis.com player.aniview.com
8 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
srcdoc
www.googletagservices.com
8 www.google-analytics.com uk.pcmag.com
www.google-analytics.com
8 uk.pcmag.com uk.pcmag.com
7 prd-collector-anon.ex.co player.ex.co
6 pubads.g.doubleclick.net imasdk.googleapis.com
6 c1.adform.net 5 redirects image6.pubmatic.com
6 dsum-sec.casalemedia.com 2 redirects ssum.casalemedia.com
6 match.adsrvr.org 4 redirects ssum.casalemedia.com
u.openx.net
6 track1.aniview.com uk.pcmag.com
player.aniview.com
5 token.rubiconproject.com 4 redirects
5 match.prod.bidr.io 5 redirects
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 adservice.google.com securepubads.g.doubleclick.net
imasdk.googleapis.com
5 cdn.ziffstatic.com uk.pcmag.com
cdn.ziffstatic.com
4 pixel.rubiconproject.com
4 sync-tm.everesttech.net 3 redirects ads.pubmatic.com
4 sync.mathtag.com 4 redirects
4 s0.2mdn.net imasdk.googleapis.com
4 static.adsafeprotected.com pixel.adsafeprotected.com
uk.pcmag.com
4 pixel.adsafeprotected.com uk.pcmag.com
4 www9.smartadserver.com 2 redirects
4 ads.pubmatic.com player.aniview.com
ads.pubmatic.com
4 ups.analytics.yahoo.com 4 redirects
4 adserver-eu.adtech.advertising.com uk.pcmag.com
4 use.typekit.net uk.pcmag.com
3 l.evidon.com
3 pixel.onaudience.com 3 redirects
3 eu-u.openx.net 1 redirects u.openx.net
3 x.bidswitch.net 3 redirects
3 pixel.quantserve.com 3 redirects
3 www.google.com 1 redirects securepubads.g.doubleclick.net
3 sync.aniview.com player.aniview.com
ssum.casalemedia.com
3 bbstatic.pcmag.com cdn.static.zdbb.net
3 zdbb.net uk.pcmag.com
cdn.static.zdbb.net
3 ib.adnxs.com 2 redirects uk.pcmag.com
3 fonts.gstatic.com fonts.googleapis.com
3 www.googletagservices.com securepubads.g.doubleclick.net
3 fonts.googleapis.com uk.pcmag.com
securepubads.g.doubleclick.net
3 c.evidon.com uk.pcmag.com
cdn.ziffstatic.com
3 sb.scorecardresearch.com 1 redirects uk.pcmag.com
2 sync.crwdcntrl.net 2 redirects
2 us-u.openx.net u.openx.net
2 image8.pubmatic.com ads.pubmatic.com
2 pixel-sync.sitescout.com 2 redirects
2 prod.perf-serving.com 2 redirects
2 pr-bh.ybp.yahoo.com 1 redirects ads.pubmatic.com
2 image4.pubmatic.com ads.pubmatic.com
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 visitor.fiftyt.com 2 redirects
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 pm.w55c.net 2 redirects
2 pixel.tapad.com 1 redirects image6.pubmatic.com
2 bh.contextweb.com 2 redirects
2 d5p.de17a.com 2 redirects
2 u.openx.net 1 redirects player.aniview.com
2 image6.pubmatic.com ads.pubmatic.com
2 cm.adgrx.com ssum.casalemedia.com
image6.pubmatic.com
2 s.amazon-adsystem.com 1 redirects ssum.casalemedia.com
2 tag.1rx.io player.aniview.com
2 s2s.aniview.com player.aniview.com
2 eus.rubiconproject.com player.aniview.com
eus.rubiconproject.com
2 ssum.casalemedia.com 1 redirects player.aniview.com
2 pixel.advertising.com 2 redirects
2 www.facebook.com uk.pcmag.com
connect.facebook.net
2 hbopenbid.pubmatic.com uk.pcmag.com
player.aniview.com
2 atrack.avplayer.com uk.pcmag.com
2 player.aniview.com player.ex.co
player.aniview.com
2 stags.bluekai.com tags.bkrtx.com
bbstatic.pcmag.com
2 connect.facebook.net uk.pcmag.com
connect.facebook.net
2 secure-us.imrworldwide.com 1 redirects uk.pcmag.com
2 assets.pcmag.com uk.pcmag.com
2 sm.pcmag.com uk.pcmag.com
1 simage4.pubmatic.com ads.pubmatic.com
1 iabmap.evidon.com cdn.ziffstatic.com
1 id.rlcdn.com
1 cookiex.ngd.yahoo.com
1 ads.yahoo.com 1 redirects
1 pixel-us-east.rubiconproject.com 1 redirects
1 sync.ipredictive.com 1 redirects
1 spl.zeotap.com ads.pubmatic.com
1 rtb.gumgum.com 1 redirects
1 secure.adnxs.com 1 redirects
1 ads.playground.xyz 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 ad.turn.com 1 redirects
1 aud.pubmatic.com ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 match.taboola.com image6.pubmatic.com
1 trc.taboola.com 1 redirects
1 s.tribalfusion.com image6.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 sync.1rx.io 1 redirects
1 green.erne.co 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 dis.criteo.com image6.pubmatic.com
1 googleads.g.doubleclick.net
1 d.adroll.com 1 redirects
1 nep.advangelists.com 1 redirects
1 ssum-sec.casalemedia.com ssum.casalemedia.com
1 playbuzzltd-d.openx.net player.aniview.com
1 prg.smartadserver.com player.aniview.com
1 secure-assets.rubiconproject.com 1 redirects
1 cdn.krxd.net bbstatic.pcmag.com
1 jogger.zdbb.net cdn.static.zdbb.net
1 premiumsrv.aniview.com player.aniview.com
1 fastlane.rubiconproject.com uk.pcmag.com
1 cdn.playbuzz.com uk.pcmag.com
1 player.avplayer.com player.ex.co
1 970a91b2ede9c966f542ee0c4fcdd9c1.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.ch securepubads.g.doubleclick.net
1 gurgle.zdbb.net uk.pcmag.com
1 gurgle.pcmag.com 1 redirects
1 stats.g.doubleclick.net www.google-analytics.com
1 www.linkedin.com uk.pcmag.com
1 graph.facebook.com uk.pcmag.com
1 api.pinterest.com uk.pcmag.com
1 maxcdn.bootstrapcdn.com uk.pcmag.com
1 player.ex.co uk.pcmag.com
1 tags.bkrtx.com uk.pcmag.com
1 cdn.onesignal.com uk.pcmag.com
1 cdn.static.zdbb.net uk.pcmag.com
0 vendorlist.consensu.org Failed cdn.ziffstatic.com
0 krk.kargo.com Failed uk.pcmag.com
303 133
Subject Issuer Validity Valid
ziffdavis.com
DigiCert SHA2 Secure Server CA		 2021-01-09 -
2022-01-13		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
sb.scorecardresearch.com
DigiCert Secure Site ECC CA-1		 2020-07-17 -
2021-06-02		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
use.typekit.net
DigiCert SHA2 Secure Server CA		 2020-01-28 -
2022-02-01		 2 years crt.sh
*.evidon.com
DigiCert Secure Site ECC CA-1		 2020-04-29 -
2021-07-29		 a year crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-28 -
2022-02-01		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-04 -
2021-08-04		 a year crt.sh
*.bkrtx.com
DigiCert SHA2 Secure Server CA		 2020-02-28 -
2021-05-29		 a year crt.sh
*.ex.co
Go Daddy Secure Certificate Authority - G2		 2020-12-27 -
2022-01-28		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-02-10 -
2021-05-10		 3 months crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2020-09-22 -
2021-10-12		 a year crt.sh
*.pinterest.com
DigiCert SHA2 High Assurance Server CA		 2020-07-16 -
2021-08-04		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2021-02-17 -
2021-08-16		 6 months crt.sh
*.zdbb.net
Amazon		 2020-06-03 -
2021-07-03		 a year crt.sh
*.google.ch
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
odc-prod-01.oracle.com
DigiCert Secure Site ECC CA-1		 2020-10-15 -
2021-04-09		 6 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
outstreamedia.com
R3		 2020-12-17 -
2021-03-17		 3 months crt.sh
*.playbuzz.com
Sectigo RSA Domain Validation Secure Server CA		 2020-11-17 -
2021-12-03		 a year crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA		 2020-01-22 -
2021-04-22		 a year crt.sh
*.gstatic.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA		 2019-01-23 -
2021-03-08		 2 years crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-18 -
2022-01-18		 a year crt.sh
*.adtech.advertising.com
DigiCert SHA2 Secure Server CA		 2020-04-16 -
2022-04-21		 2 years crt.sh
cdn.krxd.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2021-02-08 -
2022-02-07		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2020-03-02 -
2021-04-01		 a year crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2019-06-28 -
2021-06-27		 2 years crt.sh
fw.adsafeprotected.com
Amazon		 2020-09-09 -
2021-10-09		 a year crt.sh
www.google.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
misc-sni.google.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.adsrvr.org
Trustwave Organization Validation SHA256 CA, Level 1		 2019-03-07 -
2021-04-19		 2 years crt.sh
s.amazon-adsystem.com
Amazon		 2020-08-28 -
2021-08-20		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2020-09-09 -
2021-03-23		 6 months crt.sh
static.adsafeprotected.com
Amazon		 2020-10-03 -
2021-11-03		 a year crt.sh
*.adsafeprotected.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-17 -
2021-06-17		 a year crt.sh
*.doubleclick.net
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-01-30 -
2021-04-28		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.tapad.com
DigiCert SHA2 Secure Server CA		 2020-10-05 -
2021-11-06		 a year crt.sh
*.semasio.net
Sectigo ECC Domain Validation Secure Server CA		 2020-03-09 -
2021-03-27		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-10-30 -
2021-04-27		 6 months crt.sh
h2.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2021-02-11 -
2021-04-20		 2 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-02-09 -
2021-03-09		 a month crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-14 -
2021-04-23		 a year crt.sh

This page contains 47 frames:

Primary Page: https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
Frame ID: E3E41D6441332852FB9DB8ADF28DF7B2
Requests: 150 HTTP requests in this frame

Frame: https://stags.bluekai.com/site/30629?ret=html&phint=site%3Duk.pcmag.com&phint=referer%3Dhttps%3A%2F%2Fuk.pcmag.com%2Fmacos%2F131862%2Fsilver-sparrow-malware-discovered-on-30k-infected-macs&phint=bbseg%3D8001&phint=bbseg%3D1100481&phint=bbseg%3D1200481&phint=bbseg%3D1100744&phint=bbseg%3D6953&phint=bbseg%3D1200744&phint=bbseg%3D1100058&phint=bbseg%3D1100699&phint=bbseg%3D6910&phint=__bk_t%3DSilver%20Sparrow%20Malware%20Discovered%20on%2030K%20Infected%20Macs&phint=__bk_k%3DHome%2C%20Software%20%26%20Services%2C%20Operating%20Systems%2C%20MacOS&phint=__bk_l%3Dhttps%3A%2F%2Fuk.pcmag.com%2Fmacos%2F131862%2Fsilver-sparrow-malware-discovered-on-30k-infected-macs&limit=10&bknms=ver=2.0,ua=d8bd5e10404670a7201877f317e1eb71,t=1614009609386,m=4b4e4ecaab1f1c93ab1f1c93ab1f1c93,k=1,lang=07ef608d8a7e9677f0b83775f0b83775,sr=1600x1200x24,tzo=-60,hss=true,hls=false,idb=true,addb=undefined,odb=undefined,cpu=4b4e4ecaab1f1c93ab1f1c93ab1f1c93,platform=1c17637dbf2f8edebf2f8edebf2f8ede,notrack=,plugins=4b4e4ecaab1f1c93ab1f1c93ab1f1c93&r=36514322
Frame ID: 2B88C94E6CEFADDF14646260AFFE54E4
Requests: 2 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Frame ID: 4B73017539D8E7147C7A9FC96A8458A8
Requests: 2 HTTP requests in this frame

Frame: data://truncated
Frame ID: EE9EA54D35D08CA478AACA0026FC42A9
Requests: 3 HTTP requests in this frame

Frame: data://truncated
Frame ID: 2050E21EE349006C8D2B62C047149172
Requests: 3 HTTP requests in this frame

Frame: data://truncated
Frame ID: 62130B0DD5DCCE76F9DBB9B19CD9A1F3
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: F8B612C967ACDFB86DFA727E9C9BB5CD
Requests: 2 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?biddername=25&key=y-BGKbbrR1l2a04mwnF5Et.fodkWu1oEMV~UP0a03af44-7527-11eb-887b-06d94a4d8262
Frame ID: DCD386DDA6B81AD09E309543C41795FC
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1614009609342-925891584731-020540-007-008288%26biddername%3D1%26key%3D
Frame ID: 65A0EDAFE81AADF48ED061898792D209
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1614009609342-925891584731-020540-007-008288%26biddername%3D42%26key%3D&C=1
Frame ID: 1DF7A4B50A02AD161668CDF9837BC105
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Frame ID: 157AA6C7C3591E48A2DB8F49C6EE969E
Requests: 12 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=7529&campId=728x90&pubId=51174092&chanId=187124372&placementId=96127892&pubCreative=41913316652&pubOrder=166163612&cb=1087763091&adsafe_par&impId=
Frame ID: 4EA60FFC98726FDCDCDAF5D62FD8CDAE
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstZMwQVMaFGr_ojb4hZoIqVs5aHCVrE7FZ6K6xsaN883cx4SrMXrPsUB4T6cnSWXuCdbj_0LfB4mVQ7XEfFaLsPhw8RloBdRXn7llldWQpRgKHRKL1ZpeSWXwP1c8nodD--9j8TfHIUAL-qTgb5uiclO1ThO3nJlCcbn_FykzMIkpGuNOanZyLuu86Gvm4L6cJ39JoE_XxlTy-F6gOcZHg5ygI57K791nOjnC8C448VEtALHRLGGdgMoR9fj_miAYpNIjOTqI9ZMsnm35alOQ6nuO0-OrsKb9veZ8ebQKoz6JwXpHNxqjTRmtgwPC2-0zYkZ9bRZrQ&sig=Cg0ArKJSzJ5oukharC36EAE&adurl=
Frame ID: B888732AB9CA517334E7C83FF74CF147
Requests: 9 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032101070013000/amp4ads-v0.mjs
Frame ID: D83E72E6F9C24F18E8DA78BE2E223807
Requests: 20 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=7529&campId=300x250&pubId=51174092&chanId=187124732&placementId=96127892&pubCreative=54467904452&pubOrder=166163612&cb=506000332&adsafe_par&impId=
Frame ID: C5F17216C3D6D97501DF1AFE6AFB478F
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvsm-11L7__zuyVctIY3fSzRH1xI_MrpsVgUosjzgLygy7HxPt9VcqteXHzAybtmO-GSf6l6wl8BEqylsIXpWeTTVxbyG3G2cSSK6Dl0MTlSk13CSuIhk8RgF1U39GlkiT3b_zOhFZyPFFoLTZYyf7SAl3tH0Q47yPj0DOS9pfQVoD65AB578bTTtqyhAJcnzCo1cd_0MS5r_zX6wrmCyPpm-f9L_4Hx-Xv3Xj7V7CL8fMsTolWPqECmr4y-Siap-8NI7g4uHiZX5ZDgzXCv1uKrqAM6NZDg69x4NcFkLkSIADbTHnnyDNvd2_vTJ6Gc_B7Nr8&sig=Cg0ArKJSzAST0vRZ3vm-EAE&adurl=
Frame ID: 4873E75BC05836EDF788D3039F2A18DB
Requests: 8 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 259026F6AF54E3F73503EBC8467AF375
Requests: 24 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 76FD78F167F04DC9A644EA2170AE6F07
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 91FF9BEC97A41C78CD90C829946A533F
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 769438CC3B6BD3A9A65D6538D6A83483
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.4.114.js
Frame ID: 7422590BEE3EF5779710E4A3C8E685A0
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.4.114.js
Frame ID: DA3FBD246CBEFD1F7153555809E0D0D2
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 36CBA8F9E64CF541FBDC0D1599E949FE
Requests: 6 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?cc=1&us_privacy=1---
Frame ID: C920A1CCC66D7AFEB6348788DE057A3E
Requests: 7 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.443.0_en.html
Frame ID: C2271EDB33393D6C9A154A6C2E664412
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.443.0_en.html
Frame ID: 9F0E2BE8EB17B8F5820A9FCF8A908F3B
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.443.0_en.html
Frame ID: 343AB8D221FD420F2968D53A3DC8557C
Requests: 2 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2171332683830403272
Frame ID: FE3B13095C224F5EB96FE62F7CE1A1CE
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 16696BC37E3977965EAD04E1F0A62A00
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACE7k7AZ6oAABDXLuQQcw
Frame ID: 3A30E8B51E88BC9E2B0A70D25D95343D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6932118520472926348
Frame ID: 3706D28E997D6CF889CF4D65BF6CEB3B
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=bivVlFwF9iLKI33i01nOWXGA
Frame ID: 8C8A97393E0464B09926CCE2C22C71B7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Frame ID: C56CFA45598654A9ADE5D508A254883F
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 77AF52BDEB86C0AD71251B1743EFFD5B
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 3E31BB7285635732026CA053580C46A2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=knkG3Zm2zLqN&pid=557219
Frame ID: E2647D278AE0F11625FBB77C84A32079
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=3fb505d1-1d4f-4712-9482-3145a25063e1-tuct72d5a91&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 6B481D903C46CD711EAFFC4145B1B057
Requests: 1 HTTP requests in this frame

Frame: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Frame ID: 07CD0F7E8832BD996515FFEDFC21240D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:BHCUr5Nr1LedDb5&gdpr=0&gdpr_consent=
Frame ID: 42B4C0A7A3F350E4C59ABFE3B2F055E5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 35A28640EBC5B51E6C75F88FBEFD9557
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: D5BEF712E6C800584ACAF6904B24AA8F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 120646227AEF740FA53D83CE9373BEEA
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=6E401453-64A9-4385-B8A7-DD2DDC32D731
Frame ID: 8E5CCD5F2A5F592A81BB3DE3CD6DD072
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:147B183288AB413E88232D407DC04390
Frame ID: A405782D3D187867DBB9ED7CF63302D6
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 736453E27C77FDF8B4C33B22CD27B463
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.443.0_en.html
Frame ID: 768A47873ED5087867B1AFDF35FD0F6F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 9837848590D6B8CD0B633694FB9DF7FF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Page Statistics

303
Requests

99 %
HTTPS

30 %
IPv6

77
Domains

133
Subdomains

90
IPs

9
Countries

5382 kB
Transfer

11581 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://sb.scorecardresearch.com/b?c1=2&c2=6036202&cs_ucfr=1&ns__t=1614009607858&ns_c=UTF-8&cv=3.5&c8=Silver%20Sparrow%20Malware%20Discovered%20on%2030K%20Infected%20Macs&c7=https%3A%2F%2Fuk.pcmag.com%2Fmacos%2F131862%2Fsilver-sparrow-malware-discovered-on-30k-infected-macs&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6036202&cs_ucfr=1&ns__t=1614009607858&ns_c=UTF-8&cv=3.5&c8=Silver%20Sparrow%20Malware%20Discovered%20on%2030K%20Infected%20Macs&c7=https%3A%2F%2Fuk.pcmag.com%2Fmacos%2F131862%2Fsilver-sparrow-malware-discovered-on-30k-infected-macs&c9=&cs_ak_ss=1
Request Chain 30
  • https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-806031h&cg=0&cc=1&si=https%3A//uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs&rp=&ts=compact&rnd=1614009607885 HTTP 302
  • https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-806031h&cg=0&cc=1&si=https%3A//uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs&rp=&ts=compact&rnd=1614009607885&ja=1
Request Chain 45
  • https://gurgle.pcmag.com/info?url=https%3A%2F%2Fuk.pcmag.com%2Fmacos%2F131862%2Fsilver-sparrow-malware-discovered-on-30k-infected-macs&fp=1 HTTP 302
  • https://gurgle.zdbb.net/info?url=https%3A%2F%2Fuk.pcmag.com%2Fmacos%2F131862%2Fsilver-sparrow-malware-discovered-on-30k-infected-macs&fpx=1
Request Chain 110
  • https://pixel.advertising.com/ups/58195/sync?&gdpr=0&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58195/sync?&gdpr=0&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58195/sync?&gdpr=0&gdpr_consent=&redir=true&apid=UP0a03af44-7527-11eb-887b-06d94a4d8262 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58195/sync?&gdpr=0&gdpr_consent=&redir=true&apid=UP0a03af44-7527-11eb-887b-06d94a4d8262&verify=true HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?biddername=25&key=y-BGKbbrR1l2a04mwnF5Et.fodkWu1oEMV~UP0a03af44-7527-11eb-887b-06d94a4d8262
Request Chain 112
  • https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1614009609342-925891584731-020540-007-008288%26biddername%3D42%26key%3D HTTP 302
  • https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1614009609342-925891584731-020540-007-008288%26biddername%3D42%26key%3D&C=1
Request Chain 113
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17136&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Request Chain 114
  • https://www9.smartadserver.com/ac?siteid=218209&pgid=1027757&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1872210759263690914&pgdomain=https%3A%2F%2Fuk.pcmag.com%2Fmacos%2F131862%2Fsilver-sparrow-malware-discovered-on-30k-infected-macs&vph=468&vpw=831&gdpr_consent=&us_privacy=1---&schain=1.0,1!playbuzz.com,0016M00002FrnXbQAJ,1,,Ziff%20Davis%20EMEA,uk.pcmag.com&cbb=4009609477 HTTP 302
  • https://www9.smartadserver.com/ac?siteid=218209&pgid=1027757&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1872210759263690914&pgdomain=https%3A%2F%2Fuk.pcmag.com%2Fmacos%2F131862%2Fsilver-sparrow-malware-discovered-on-30k-infected-macs&vph=468&vpw=831&gdpr_consent=&us_privacy=1---&schain=1.0%2C1!playbuzz.com%2C0016M00002FrnXbQAJ%2C1%2C%2CZiff+Davis+EMEA%2Cuk.pcmag.com&cbb=4009609477&cklb=1
Request Chain 115
  • https://www9.smartadserver.com/ac?siteid=218209&pgid=1027756&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1872210759263690927&pgdomain=https%3A%2F%2Fuk.pcmag.com%2Fmacos%2F131862%2Fsilver-sparrow-malware-discovered-on-30k-infected-macs&vph=468&vpw=831&gdpr_consent=&us_privacy=1---&schain=1.0,1!playbuzz.com,0016M00002FrnXbQAJ,1,,Ziff%20Davis%20EMEA,uk.pcmag.com&cbb=4009609480 HTTP 302
  • https://www9.smartadserver.com/ac?siteid=218209&pgid=1027756&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1872210759263690927&pgdomain=https%3A%2F%2Fuk.pcmag.com%2Fmacos%2F131862%2Fsilver-sparrow-malware-discovered-on-30k-infected-macs&vph=468&vpw=831&gdpr_consent=&us_privacy=1---&schain=1.0%2C1!playbuzz.com%2C0016M00002FrnXbQAJ%2C1%2C%2CZiff+Davis+EMEA%2Cuk.pcmag.com&cbb=4009609480&cklb=1
Request Chain 164
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YDPVCR-5EZdYAaX5Qx7MVwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELR6cOmK25S2Sv166zSnFPA&google_cver=1
Request Chain 165
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YDPVCR_5EZdYAaX5Qx7MVwAABGcAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YDPVCR_5EZdYAaX5Qx7MVwAABGcAAAAB&dcc=t
Request Chain 166
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YDPVCR_5EZdYAaX5Qx7MVwAABGcAAAAB HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEFTufj9exooHH8jUPo8Ex1g&google_cver=1
Request Chain 167
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-2c2d0ee2-5895-46df-9205-2d52abf5d92e HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-2c2d0ee2-5895-46df-9205-2d52abf5d92e&C=1
Request Chain 169
  • https://d.adroll.com/cm/index/ssp HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 170
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=6e--krvqvcDy77XC7-igxbq6v5Xy7O6Y772Zhgft
Request Chain 173
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 194
  • https://u.openx.net/w/1.0/pd?us_privacy=1--- HTTP 302
  • https://u.openx.net/w/1.0/pd?cc=1&us_privacy=1---
Request Chain 201
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2171332683830403272
Request Chain 203
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDRTdrN0FaNm9BQUJEWEx1UVFjdw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACE7k7AZ6oAABDXLuQQcw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=5952543493786370114 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACE7k7AZ6oAABDXLuQQcw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D5952543493786370114%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?userid=5952543493786370114&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AACE7k7AZ6oAABDXLuQQcw&pid=558502&do=add HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACE7k7AZ6oAABDXLuQQcw
Request Chain 204
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6932118520472926348
Request Chain 205
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=bivVlFwF9iLKI33i01nOWXGA
Request Chain 206
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Request Chain 208
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 209
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=knkG3Zm2zLqN&pid=557219
Request Chain 210
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=3fb505d1-1d4f-4712-9482-3145a25063e1-tuct72d5a91&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 211
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID} HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Request Chain 212
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:BHCUr5Nr1LedDb5&gdpr=0&gdpr_consent=
Request Chain 213
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=bkAUU2SpQ4W4p90t3DLXMQ%3D%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=bkAUU2SpQ4W4p90t3DLXMQ%3D%3D&google_tc= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 215
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=6E401453-64A9-4385-B8A7-DD2DDC32D731&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=6E401453-64A9-4385-B8A7-DD2DDC32D731&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 216
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=6E401453-64A9-4385-B8A7-DD2DDC32D731&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=6E401453-64A9-4385-B8A7-DD2DDC32D731&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=6E401453-64A9-4385-B8A7-DD2DDC32D731&addseg=31
Request Chain 217
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NkU0MDE0NTMtNjRBOS00Mzg1LUI4QTctREQyRERDMzJENzMx&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NkU0MDE0NTMtNjRBOS00Mzg1LUI4QTctREQyRERDMzJENzMx&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 218
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDnjVG4mWOFQy7DW9q4TTFs&google_cver=1
Request Chain 220
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=0d1e756f-abce-4cb6-9bea-f851dba09aca
Request Chain 221
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8520028515291496594
Request Chain 222
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:24ad6033-d50b-4200-9ad7-d444e7a3f355&gdpr=0&gdpr_consent=
Request Chain 223
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=401048334689360585&gdpr=0&gdpr_consent=
Request Chain 224
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=6E401453-64A9-4385-B8A7-DD2DDC32D731&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=6E401453-64A9-4385-B8A7-DD2DDC32D731&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-RxmiZpZ1l2Ljp7FX3kaJufKOslqjZWQ-&gdpr=0&gdpr_consent=
Request Chain 226
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://prod.perf-serving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=366&expires=14&user_id=b5409027-e4d8-4ae2-b83e-8f15e7d09ad1&ssp=pubmatic&user_group=1 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1cd2b2a5-ec3e-4230-9471-ea577ae0b6c1&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 227
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8fi9SqP9vhjqqutBpq6jS6T87E3q_rwY8Pjm9tUm
Request Chain 228
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8477461954459000418&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 229
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YDPVCwAAAKstWVZV
Request Chain 230
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=d5098916-d31d-4fc7-a5dc-9fd352e31b35-6033d50c-4348&gdpr=0&gdpr_consent=
Request Chain 232
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:34608b61-e42d-4952-8882-a03a3d99ffce&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 233
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=401048334689360585 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 234
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_c5f7405e-7e56-4a34-bdaa-b275729c803d
Request Chain 246
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=0fb46033-d50b-4a00-88ec-3b2f0117701d
Request Chain 247
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=AYlEDlOMR1wa2xIFVt9aD1SNFQkaj0VcAIn_iNgm
Request Chain 248
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3282073050862722575 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=3282073050862722575
Request Chain 251
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELnWrnXMJniTS-ZgjOTaYYw&google_cver=1
Request Chain 254
  • https://c1.adform.net/serving/cookie/match?party=14&cid=6E401453-64A9-4385-B8A7-DD2DDC32D731 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=6E401453-64A9-4385-B8A7-DD2DDC32D731
Request Chain 255
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:147B183288AB413E88232D407DC04390
Request Chain 256
  • https://pixel.onaudience.com/?partner=214&mapped=6E401453-64A9-4385-B8A7-DD2DDC32D731 HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=bb4d16bd87545c44737f19723c44e0c8 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=accce2d2-2fa9-4799-95f4-47e720b56711&icm HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=532ed4457ee3a24d
Request Chain 257
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=fad56033-d50b-4a00-af98-f2db1bb62233
Request Chain 258
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=0f22b870-7527-11eb-856d-ff5f678799de&gdpr=0&gdpr_consent=
Request Chain 260
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=17136 HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?pid=56ea678d181f46c76f8b45fb&biddername=5&key=KLGRNE4W-K-MAOJ
Request Chain 267
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KLGRNE4W-K-MAOJ&sigv=1&esig=2~8a8f0ea3418aec46bbef5490f77af2f060572282 HTTP 302
  • https://cookiex.ngd.yahoo.com/ack?xid=E0&eid=KLGRNE4W-K-MAOJ
Request Chain 268
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWRiNzA5ODFhNGJiNjM5Y2NjMzQyYjNjNWVmYzBmMDdkNjQzMzFlYw
Request Chain 269
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/k3RnW7_zqa18Zy5ziAb64A?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=931097411575739350
Request Chain 270
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBt98Lvye-IrBAmZXERI4pk&google_cver=1
Request Chain 271
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YDPVCwAAAI8Eb1LS HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YDPVCwAAAI8Eb1LS&_test=YDPVCwAAAI8Eb1LS
Request Chain 272
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=874d6033-d50b-4100-8551-068f3f0ab7e0
Request Chain 274
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xHUk5FNFctSy1NQU9K

303 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request silver-sparrow-malware-discovered-on-30k-infected-macs
uk.pcmag.com/macos/131862/ 		108 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.36.234.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-234-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0093b4064c279af2c4b60b65b455264836e4beed5f94630cd95874f26d09c17b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.pcmag.com *.ampproject.org *.zdbb.net *.disqus.com widgets.ign.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
uk.pcmag.com
:scheme
https
:path
/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
last-modified
Mon, 22 Feb 2021 15:27:38 GMT
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors 'self' *.pcmag.com *.ampproject.org *.zdbb.net *.disqus.com widgets.ign.com;
x-xss-protection
1; mode=block
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
content-length
24838
cache-control
max-age=1943
expires
Mon, 22 Feb 2021 16:32:30 GMT
date
Mon, 22 Feb 2021 16:00:07 GMT
vary
Accept-Encoding
set-cookie
geoCC=CH; expires=Mon, 22-Feb-2021 20:00:07 GMT; path=/; domain=.pcmag.com
zdconsent.js
cdn.ziffstatic.com/jst/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ziffstatic.com/jst/zdconsent.js
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.17.178.46 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
/
Resource Hash
c8737b1ea22cd82e02253937128d8cb841c94414b9c771e6abadda4c6e361e05

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
J2NQSfRtnCFZssxos6GtuT.R230GGUP5
content-encoding
gzip
last-modified
Wed, 10 Feb 2021 13:36:47 GMT
x-amz-request-id
F3AB770DA29BEB07
date
Mon, 22 Feb 2021 16:00:07 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
x-amz-replication-status
PENDING
accept-ranges
bytes
content-length
10645
x-amz-id-2
ekR2Lk9tdHAhtworLbVOK8nTkwRHy2zPJhxu3vbfjznV1QaHl0QB1qGGJGdrkUaO7/iWfhTSFVw=
expires
Mon, 22 Feb 2021 17:00:07 GMT
bundle_pcmag.js
uk.pcmag.com/s/ 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uk.pcmag.com/s/bundle_pcmag.js?392
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.36.234.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-234-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3ed694267721e19f3c598de96efd4305cb99f38e46fa8f09c60e67d234989506

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:07 GMT
content-encoding
gzip
last-modified
Thu, 18 Feb 2021 13:41:47 GMT
etag
W/"602e6e9b-a3c9"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31182387
content-length
12858
expires
Fri, 18 Feb 2022 13:46:34 GMT
zdadkit2.js
sm.pcmag.com/ 		59 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sm.pcmag.com/zdadkit2.js?392
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.36.234.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-234-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0ee00e32155b0b1b4e790b5919961d414fbd302d38e473c5d27484d2b2e9bfaf

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:07 GMT
content-encoding
gzip
last-modified
Thu, 18 Feb 2021 13:42:11 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=7200
accept-ranges
bytes
content-length
15696
expires
Mon, 22 Feb 2021 18:00:07 GMT
analytics.js
www.google-analytics.com/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
770
date
Mon, 22 Feb 2021 15:47:17 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Mon, 22 Feb 2021 17:47:17 GMT
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.64.33 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-64-33.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 22 Feb 2021 16:00:07 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
884
Expires
Tue, 23 Feb 2021 16:00:07 GMT
zad.js
uk.pcmag.com/s/js/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uk.pcmag.com/s/js/zad.js?392
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.36.234.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-234-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a3e2f6c4103c3cbcda310ad6141a28b95a0afd99ff65529544cb824de88d646f

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:07 GMT
content-encoding
gzip
last-modified
Thu, 18 Feb 2021 13:41:52 GMT
etag
W/"602e6ea0-4484"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31182443
content-length
6331
expires
Fri, 18 Feb 2022 13:47:30 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		57 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
sffe /
Resource Hash
7c4ba33482794b59c27a4997518ab222f126d97d9601a6375d7793fc9c7d3a8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"791 / 966 of 1000 / last-modified: 1613995820"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19560
x-xss-protection
0
expires
Mon, 22 Feb 2021 16:00:07 GMT
pcmag_navlogo.png
uk.pcmag.com/s/pcmag/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uk.pcmag.com/s/pcmag/pcmag_navlogo.png
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.36.234.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-234-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4eff198a38b748af2e3b6e0630a3e4674d69642cc378c96b23962d0c80018f1d

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:07 GMT
last-modified
Sat, 26 Sep 2020 10:37:41 GMT
etag
"5f6f19f5-b32"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=23348090
accept-ranges
bytes
content-length
2866
expires
Fri, 19 Nov 2021 21:34:57 GMT
522190-matthew-humphries.jpg
assets.pcmag.com/media/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.pcmag.com/media/images/522190-matthew-humphries.jpg?thumb=y&width=85&height=85?thumb=y&width=180
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.36.234.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-234-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6ea4929daf2c6a8f2b4fc57aac26f0e4f568e6658621d7562424de264af78364

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

prxy
PROXY01-R2
x-amz-version-id
null
last-modified
Thu, 03 Nov 2016 19:38:02 GMT
x-amz-request-id
4FAC9FC9FDA508AE
etag
"0359a5a708aa13cd8d6ca03fb6a49530"
content-type
image/JPEG
cache-control
max-age=604800
date
Mon, 22 Feb 2021 16:00:07 GMT
content-length
2138
x-amz-id-2
Zzd2UB5CB6nA/Qezw2H7pS+KZzosoep8UQRR7tytwSEsFs5DScUbNy5HTbSCffDszscoNt150vs=
expires
Mon, 01 Mar 2021 16:00:07 GMT
l
use.typekit.net/af/343e47/00000000000000003b9b2cf9/27/ 		38 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/343e47/00000000000000003b9b2cf9/27/l?fvd=n7&primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&v=3
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
53f3935b185e0bef573c305468c9386e77590db8182dff6837508803bb7abd83

Request headers

Origin
https://uk.pcmag.com
Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:07 GMT
server
nginx
etag
"9a0ddb2a9b3aa5e4eb0cc25f50e612d5ae59958a"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
39328
l
use.typekit.net/af/738ece/00000000000000003b9b2cf5/27/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/738ece/00000000000000003b9b2cf5/27/l?fvd=n5&primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&v=3
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
dc4d221c0a55d4986ad8bc0ecab574e7eb40db719a6030127615968ec27f4cb9

Request headers

Origin
https://uk.pcmag.com
Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:07 GMT
server
nginx
etag
"aa39c805f4650c65f41a1f8248d3d554b73f7ec9"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
39696
l
use.typekit.net/af/81a344/00000000000000003b9b2d0a/27/ 		42 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/81a344/00000000000000003b9b2d0a/27/l?fvd=i7&primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&v=3
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
7f9e9939f4daa87d45b3ab1cc67fde1d1044e0dff5816f4819699894b657ed5e

Request headers

Origin
https://uk.pcmag.com
Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:07 GMT
server
nginx
etag
"52053c2833724f80d7cce491711f9c11076be75d"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
43360
l
use.typekit.net/af/bb6c4e/00000000000000003b9b2cf8/27/ 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/bb6c4e/00000000000000003b9b2cf8/27/l?fvd=n6&primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&v=3
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
5bd5a6698812259b3bddd35af61ed552dbb2748dc988e9053b4463a2bfc8b64d

Request headers

Origin
https://uk.pcmag.com
Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:07 GMT
server
nginx
etag
"3bd094436e8172ab61cda9f0fed997dd1ff37d39"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
38940
522190-matthew-humphries.jpg
assets.pcmag.com/media/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.pcmag.com/media/images/522190-matthew-humphries.jpg?thumb=y&width=85&height=85
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.36.234.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-234-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6ea4929daf2c6a8f2b4fc57aac26f0e4f568e6658621d7562424de264af78364

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

prxy
PROXY01-R2
x-amz-version-id
null
last-modified
Thu, 03 Nov 2016 19:38:02 GMT
x-amz-request-id
2A17B4FE701F06F8
etag
"0359a5a708aa13cd8d6ca03fb6a49530"
content-type
image/JPEG
cache-control
max-age=604800
date
Mon, 22 Feb 2021 16:00:07 GMT
content-length
2138
x-amz-id-2
JGBMMMEfOSVpH9f4p0fEg1Dv10CnVedrTr3MFAGFffvlebPbZMGV3oCD/chv1Vp8xanjr7/1Sao=
expires
Mon, 01 Mar 2021 16:00:07 GMT
social-share.js
uk.pcmag.com/s/pcmag/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uk.pcmag.com/s/pcmag/social-share.js?392
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.36.234.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-234-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
351ddf8de16c0e9529a22c9d615d64a614a422e742bd61198a17c580df1db8c9

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:07 GMT
content-encoding
gzip
last-modified
Thu, 18 Feb 2021 13:42:50 GMT
etag
W/"602e6eda-16393"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31182598
content-length
29074
expires
Fri, 18 Feb 2022 13:50:05 GMT
silver-sparrow-malware-discovered-on-30k-infected-macs_5xf9.1920.jpg
sm.pcmag.com/t/pcmag_uk/news/s/silver-spa/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sm.pcmag.com/t/pcmag_uk/news/s/silver-spa/silver-sparrow-malware-discovered-on-30k-infected-macs_5xf9.1920.jpg
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.36.234.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-234-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c149e7c3c14d02289c0fcee794b24d7bb2b2bf700798f9415122dc218e43fbd3

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:07 GMT
last-modified
Mon, 22 Feb 2021 12:23:58 GMT
content-type
image/webp
cache-control
private, max-age=31523787
accept-ranges
bytes
x-webp
/im.ziffdavisinternational.com/t/pcmag_uk/news/s/silver-spa/silver-sparrow-malware-discovered-on-30k-infected-macs_5xf9.1920.jpg.webp
content-length
49936
expires
Tue, 22 Feb 2022 12:36:34 GMT
icong1.png
c.evidon.com/pub/ 		600 B
907 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.evidon.com/pub/icong1.png
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.79.153.186 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-153-186.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
40d2dae0209b964e6ceb2607faafc02bb3d6efa0d73f47a4ab2a17279f642b91

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:07 GMT
content-encoding
gzip
last-modified
Tue, 21 May 2019 16:14:21 GMT
server
AkamaiNetStorage
etag
"d08da9f445b63100a56646de99043059:1558455261"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET,OPTIONS,POST
content-type
image/png
access-control-allow-origin
access-control-max-age
108000
cache-control
max-age=864000
accept-ranges
bytes
access-control-allow-headers
*
content-length
623
footer_zdworld.png
uk.pcmag.com/s/ 		890 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uk.pcmag.com/s/footer_zdworld.png
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.36.234.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-234-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8f89e0647be96ce565ccbc8db04c2dfde8d1746d0982c7fd377fb332d00c52e0

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:07 GMT
last-modified
Fri, 15 May 2020 13:37:59 GMT
etag
"5ebe9b37-37a"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=23348103
accept-ranges
bytes
content-length
890
expires
Fri, 19 Nov 2021 21:35:10 GMT
z0WVjCBSEeGLoxIxOQVEwQ.min.js
cdn.static.zdbb.net/js/ 		83 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.36.234.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-234-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
793ee28befd8d5e8e63fb3f6abe7448e5c8c585eb745847d01db0230d83ee64d

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
LAHCYDcs6fGMk37t125e00J4ov8kpJBB
content-encoding
gzip
last-modified
Wed, 10 Feb 2021 14:58:00 GMT
x-amz-request-id
A0122AEF055E8C43
date
Mon, 22 Feb 2021 16:00:07 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
content-length
24046
x-amz-id-2
FRkiH3pk8AAam5BjMmJQFcQUhvlT4Tn7J+hwfRw6sbnRpogZ+FNOD5e6B9cG9WYhdd3WihRFz7A=
expires
Mon, 22 Feb 2021 17:00:07 GMT
collect
www.google-analytics.com/j/ 		4 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1129465775&t=pageview&_s=1&dl=https%3A%2F%2Fuk.pcmag.com%2Fmacos%2F131862%2Fsilver-sparrow-malware-discovered-on-30k-infected-macs&ul=en-us&de=UTF-8&dt=Silver%20Sparrow%20Malware%20Discovered%20on%2030K%20Infected%20Macs&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=703261736&gjid=1993735736&cid=1708592404.1614009608&tid=UA-48039815-1&_gid=1901585472.1614009608&_r=1&_slc=1&z=1581993890
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Feb 2021 16:00:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://uk.pcmag.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
86 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j88&a=1129465775&t=event&ni=1&_s=2&dl=https%3A%2F%2Fuk.pcmag.com%2Fmacos%2F131862%2Fsilver-sparrow-malware-discovered-on-30k-infected-macs&ul=en-us&de=UTF-8&dt=Silver%20Sparrow%20Malware%20Discovered%20on%2030K%20Infected%20Macs&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=template&ea=News&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=1708592404.1614009608&tid=UA-48039815-1&_gid=1901585472.1614009608&z=954138278
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Feb 2021 23:01:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
61133
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
86 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j88&a=1129465775&t=event&ni=1&_s=3&dl=https%3A%2F%2Fuk.pcmag.com%2Fmacos%2F131862%2Fsilver-sparrow-malware-discovered-on-30k-infected-macs&ul=en-us&de=UTF-8&dt=Silver%20Sparrow%20Malware%20Discovered%20on%2030K%20Infected%20Macs&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=TAG&ea=software-services&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=1708592404.1614009608&tid=UA-48039815-1&_gid=1901585472.1614009608&z=17517130
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Feb 2021 04:40:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
40757
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
86 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j88&a=1129465775&t=event&ni=1&_s=4&dl=https%3A%2F%2Fuk.pcmag.com%2Fmacos%2F131862%2Fsilver-sparrow-malware-discovered-on-30k-infected-macs&ul=en-us&de=UTF-8&dt=Silver%20Sparrow%20Malware%20Discovered%20on%2030K%20Infected%20Macs&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=TAG&ea=homepage&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=1708592404.1614009608&tid=UA-48039815-1&_gid=1901585472.1614009608&z=1984603929
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Feb 2021 07:22:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
31029
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
86 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j88&a=1129465775&t=event&ni=1&_s=5&dl=https%3A%2F%2Fuk.pcmag.com%2Fmacos%2F131862%2Fsilver-sparrow-malware-discovered-on-30k-infected-macs&ul=en-us&de=UTF-8&dt=Silver%20Sparrow%20Malware%20Discovered%20on%2030K%20Infected%20Macs&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=TAG&ea=operating-systems&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=1708592404.1614009608&tid=UA-48039815-1&_gid=1901585472.1614009608&z=67147079
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Feb 2021 18:28:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
77493
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
86 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j88&a=1129465775&t=event&ni=1&_s=6&dl=https%3A%2F%2Fuk.pcmag.com%2Fmacos%2F131862%2Fsilver-sparrow-malware-discovered-on-30k-infected-macs&ul=en-us&de=UTF-8&dt=Silver%20Sparrow%20Malware%20Discovered%20on%2030K%20Infected%20Macs&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=TAG&ea=article&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=1708592404.1614009608&tid=UA-48039815-1&_gid=1901585472.1614009608&z=1159059521
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Feb 2021 19:41:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
73122
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j88&a=1129465775&t=event&ni=1&_s=7&dl=https%3A%2F%2Fuk.pcmag.com%2Fmacos%2F131862%2Fsilver-sparrow-malware-discovered-on-30k-infected-macs&ul=en-us&de=UTF-8&dt=Silver%20Sparrow%20Malware%20Discovered%20on%2030K%20Infected%20Macs&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=TAG&ea=macos&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=1708592404.1614009608&tid=UA-48039815-1&_gid=1901585472.1614009608&z=1592545537
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Feb 2021 08:30:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
26961
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
prebid3.24.0.js
uk.pcmag.com/s/js/ 		296 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uk.pcmag.com/s/js/prebid3.24.0.js
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/s/js/zad.js?392
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.36.234.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-234-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
895677130a22a616ba48a80d3531d374dc260769b1decf68da3706b71dd45753

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:07 GMT
content-encoding
gzip
last-modified
Mon, 03 Aug 2020 15:19:49 GMT
etag
"5f282b15-4a06c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=23329287
content-length
93996
expires
Fri, 19 Nov 2021 16:21:34 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6036202&cs_ucfr=1&ns__t=1614009607858&ns_c=UTF-8&cv=3.5&c8=Silver%20Sparrow%20Malware%20Discovered%20on%2030K%20Infected%20Macs&c7=https%3A%2F%2Fuk.pcmag....
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6036202&cs_ucfr=1&ns__t=1614009607858&ns_c=UTF-8&cv=3.5&c8=Silver%20Sparrow%20Malware%20Discovered%20on%2030K%20Infected%20Macs&c7=https%3A%2F%2Fuk.pcmag...
0
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6036202&cs_ucfr=1&ns__t=1614009607858&ns_c=UTF-8&cv=3.5&c8=Silver%20Sparrow%20Malware%20Discovered%20on%2030K%20Infected%20Macs&c7=https%3A%2F%2Fuk.pcmag.com%2Fmacos%2F131862%2Fsilver-sparrow-malware-discovered-on-30k-infected-macs&c9=&cs_ak_ss=1
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.64.33 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-64-33.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Feb 2021 16:00:08 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/b2?c1=2&c2=6036202&cs_ucfr=1&ns__t=1614009607858&ns_c=UTF-8&cv=3.5&c8=Silver%20Sparrow%20Malware%20Discovered%20on%2030K%20Infected%20Macs&c7=https%3A%2F%2Fuk.pcmag.com%2Fmacos%2F131862%2Fsilver-sparrow-malware-discovered-on-30k-infected-macs&c9=&cs_ak_ss=1
Pragma
no-cache
Date
Mon, 22 Feb 2021 16:00:07 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
country.js
c.evidon.com/geo/ 		299 B
493 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/geo/country.js
Requested by
Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/jst/zdconsent.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.79.153.186 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-153-186.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a34de1a7fa8ea23a916005e590bf982aa4fb0f645a6fa908c4144bd7074148ee

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:07 GMT
content-encoding
gzip
last-modified
Sat, 14 Mar 2020 22:02:45 GMT
server
AkamaiNetStorage
etag
"1503f70c7bb024bac76b917ae38a7af3:1584223365.978506"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET,OPTIONS,POST
content-type
application/x-javascript
access-control-allow-origin
access-control-max-age
108000
accept-ranges
bytes
access-control-allow-headers
*
content-length
209
pubads_impl_2021021101.js
securepubads.g.doubleclick.net/gpt/ 		289 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
sffe /
Resource Hash
a533e6ac10f159c258a7737b2a63378e910622fcc61e6c90be14d6d95328fb64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 11 Feb 2021 09:38:54 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
103545
x-xss-protection
0
expires
Mon, 22 Feb 2021 16:00:08 GMT
m
secure-us.imrworldwide.com/cgi-bin/
Redirect Chain
  • https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-806031h&cg=0&cc=1&si=https%3A//uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs&rp=&ts=compact&rnd=1614009607885
  • https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-806031h&cg=0&cc=1&si=https%3A//uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs&rp=&ts=compact&rnd=1614009607885&ja=1
44 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-806031h&cg=0&cc=1&si=https%3A//uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs&rp=&ts=compact&rnd=1614009607885&ja=1
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.118.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Feb 2021 16:00:08 GMT
server
nginx
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-us.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
content-type
image/gif
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 Feb 2021 16:00:08 GMT
server
nginx
location
https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-806031h&cg=0&cc=1&si=https%3A//uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs&rp=&ts=compact&rnd=1614009607885&ja=1
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-us.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
content-length
0
expires
Thu, 01 Dec 1994 16:00:00 GMT
cookienotice.js
uk.pcmag.com/ 		0
356 B 		Script
General
Check archive.org
Download Go to
Full URL
https://uk.pcmag.com/cookienotice.js?392
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/s/bundle_pcmag.js?392
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.36.234.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-234-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.pcmag.com *.ampproject.org *.zdbb.net *.disqus.com widgets.ign.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' *.pcmag.com *.ampproject.org *.zdbb.net *.disqus.com widgets.ign.com;
content-encoding
gzip
last-modified
Thu, 18 Feb 2021 13:46:02 GMT
x-frame-options
SAMEORIGIN
date
Mon, 22 Feb 2021 16:00:07 GMT
vary
Accept-Encoding
content-type
text/html; charset=utf-8
cache-control
max-age=7422576
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
20
x-xss-protection
1; mode=block
expires
Wed, 19 May 2021 13:49:43 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/s/bundle_pcmag.js?392
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17f03942e210bdf9fdfdcd76549c9c962b2c103f4eb9ac27f3b227ffa6631848

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:07 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
2888
etag
W/"b952f25ea8995726c8678b65dfe57a51"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=3600
cf-ray
6259eb117ec94a56-FRA
cf-request-id
086c113eee00004a56331d7000000001
expires
Mon, 22 Feb 2021 17:00:07 GMT
bk-coretag.js
tags.bkrtx.com/js/ 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.bkrtx.com/js/bk-coretag.js
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/s/bundle_pcmag.js?392
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.36.236.158 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
nginx/1.15.8 /
Resource Hash
aae36e0135bd89b347e31e575989c25a954a96c797c678610aeaa080694ba8de
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains
Content-Encoding
gzip
Last-Modified
Mon, 01 Feb 2021 19:39:43 GMT
Server
nginx/1.15.8
ETag
W/"601858ff-cae3"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=604800
Date
Mon, 22 Feb 2021 16:00:07 GMT
Connection
keep-alive
Content-Length
16039
Expires
Mon, 01 Mar 2021 16:00:07 GMT
85f28425-6f28-464b-80f0-545fb7018a84
player.ex.co/player/ 		570 KB
174 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.ex.co/player/85f28425-6f28-464b-80f0-545fb7018a84
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/s/bundle_pcmag.js?392
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
60df4ed2e8aceb068d0b5c2c63acbcefb76fe346ce1b3b0cbd6e6989962cd662

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:08 GMT
content-encoding
gzip
age
5550
x-cache
HIT
access-control-max-age
600
content-length
178025
x-served-by
cache-hhn4031-HHN
access-control-allow-origin
*
server
nginx
x-timer
S1614009608.006076,VS0,VE0
etag
W/"8e958-f0wEcf/3OpHzB84PaHlajgKY8g8"
vary
Accept-Encoding, x-pb-country, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
no-cache
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Content-Type
x-cache-hits
2
fbevents.js
connect.facebook.net/en_US/ 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/s/bundle_pcmag.js?392
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23762
x-fb-rlafr
0
pragma
public
x-fb-debug
UBNSDGrSr88F/kWa2tuxWI7o9TdfJkdjuHeNPvgAZG494+17fLupfGN5AkgGJGFNGP/VK/Dz1yLuhPwmrbz4VQ==
x-fb-trip-id
2050670934
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Mon, 22 Feb 2021 16:00:07 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ 		27 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/s/pcmag/social-share.js?392
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:35:19 GMT
etag
"1544639719"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
6241
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67c34443f3670b6eaab5d7a3f7692b637c1f2367bb957be6cb397247853d9a9e

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0eb0ae904500721030f2e51629446c468abbd30251539695d56eb2f7454ca28e

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
224508e5c95577c33b08c250f64d8ab69e2a4719e97cb7aaf760e35c3b85e736

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
de6c4dcf1ac4ded78139ea8f01792bcc6b2fbd949cfdab2c5a761bca8a5c498d

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
count.json
api.pinterest.com/v1/urls/ 		132 B
359 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fuk.pcmag.com%2Fmacos%2F131862%2Fsilver-sparrow-malware-discovered-on-30k-infected-macs&callback=this.pinterestCallback
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/s/pcmag/social-share.js?392
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.36.84 Amsterdam, Netherlands, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9709bc89c6d2e099bf95a95c489a867f8995fcda45c5e102191844c14e3f2036
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:08 GMT
x-content-type-options
nosniff
x-cdn
fastly
age
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
private
x-envoy-upstream-service-time
1
x-pinterest-rid
8391162303521357
content-length
132
expires
Mon, 22 Feb 2021 16:15:08 GMT
/
graph.facebook.com/ 		231 B
629 B 		Script
General
Check archive.org
Download Go to
Full URL
https://graph.facebook.com/?id=https%3A%2F%2Fuk.pcmag.com%2Fmacos%2F131862%2Fsilver-sparrow-malware-discovered-on-30k-infected-macs&callback=this.facebookCallback
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/s/pcmag/social-share.js?392
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:800e:face:b00c:0:2 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bbf45b159c481fc534138527cac99d314213d0d8a338cd9dd97a7f8208bc512b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
www-authenticate
OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
x-fb-rev
1003338758
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
171
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
ggnHNcfTy8pcDDVfW85a4i77wT62wQlm65YVFmgQGQiQnKEwkB7AZ67B7NOLfc2IG/7m7PRZRj/4dpTLLlvqFA==
x-fb-trace-id
DJjBykJLq0p
date
Mon, 22 Feb 2021 16:00:08 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-fb-request-id
AIAcjqk2v3-ffCSj8W28yaO
cache-control
no-store
facebook-api-version
v3.2
expires
Sat, 01 Jan 2000 00:00:00 GMT
share
www.linkedin.com/countserv/count/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.linkedin.com/countserv/count/share?url=https%3A%2F%2Fuk.pcmag.com%2Fmacos%2F131862%2Fsilver-sparrow-malware-discovered-on-30k-infected-macs&format=jsonp&callback=this.linkedinCallback
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/s/pcmag/social-share.js?392
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
collect
stats.g.doubleclick.net/j/ 		1 B
83 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-48039815-1&cid=1708592404.1614009608&jid=703261736&gjid=1993735736&_gid=1901585472.1614009608&_u=IEBAAEAAAAAAAC~&z=258829217
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 22 Feb 2021 16:00:08 GMT
content-type
text/plain
access-control-allow-origin
https://uk.pcmag.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
info
gurgle.zdbb.net/
Redirect Chain
  • https://gurgle.pcmag.com/info?url=https%3A%2F%2Fuk.pcmag.com%2Fmacos%2F131862%2Fsilver-sparrow-malware-discovered-on-30k-infected-macs&fp=1
  • https://gurgle.zdbb.net/info?url=https%3A%2F%2Fuk.pcmag.com%2Fmacos%2F131862%2Fsilver-sparrow-malware-discovered-on-30k-infected-macs&fpx=1
237 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gurgle.zdbb.net/info?url=https%3A%2F%2Fuk.pcmag.com%2Fmacos%2F131862%2Fsilver-sparrow-malware-discovered-on-30k-infected-macs&fpx=1
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.200.156 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
3d3db159f520c69a3486a65416c5c63d80ca0c211477a6228055be3335e08e35

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
null
date
Mon, 22 Feb 2021 16:00:08 GMT
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control
content-length
237
access-control-allow-methods
GET, OPTIONS
content-type
application/json

Redirect headers

date
Mon, 22 Feb 2021 16:00:08 GMT
location
https://gurgle.zdbb.net/info?url=https%3A%2F%2Fuk.pcmag.com%2Fmacos%2F131862%2Fsilver-sparrow-malware-discovered-on-30k-infected-macs&fpx=1
access-control-allow-methods
GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://uk.pcmag.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control
content-length
0
integrator.js
adservice.google.ch/adsid/ 		109 B
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ch/adsid/integrator.js?domain=uk.pcmag.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 22 Feb 2021 16:00:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
169 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=uk.pcmag.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 22 Feb 2021 16:00:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		10 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3673414383207411&correlator=2688337997958141&output=ldjh&impl=fifs&eid=21068773%2C21068891%2C21069918%2C21065724&vrg=2021021101&ptt=17&gdpr_consent=tcunavailable&gdpr=0&tcfe=3&us_privacy=1---&guci=2.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210222&iu_parts=4585%2CPCMag.com_International%2CPCMAG_INT_OOP_stitial%2CPCMAG_INT_OOP_inpage%2CPCMAG_INT_inread&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4&prev_iu_szs=1x1%2C1x1%2C1x1&ists=7&prev_scp=oop_type%3DOOP_stitial%26pos%3DOOP_stitial%26position%3DOOP_stitial%7Coop_type%3DOOP_inpage%26pos%3DOOP_inpage%26position%3DOOP_inpage%7Coop_type%3Dinread%26pos%3Dinread%26position%3Dinread&eri=1&cust_params=ref%3D%26locationpath%3D%252Fmacos%252F131862%252Fsilver-sparrow-malware-discovered-on-30k-infected-macs%26gdpr%3D0%26tags%3Dsoftware-services%252Chomepage%252Coperating-systems%252Carticle%252Cmacos%26products%3D%26zdtopic%3Dhomepage%252Csoftware-services%252Csoftware%252Cservices%252Coperating-systems%252Coperating%252Csystems%252Cmacos%26companies%3D%26page%3Dros%26lang%3Den%26article_id%3D131862&cookie_enabled=1&bc=31&abxe=1&lmt=1614007658&dt=1614009608242&dlt=1614009607375&idt=815&frm=20&biw=1600&bih=1200&oid=3&adxs=1598%2C1598%2C1598&adys=0%2C1%2C2&adks=4173793638%2C1078255490%2C2743466315&ucis=1%7C2%7C3&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fuk.pcmag.com%2Fmacos%2F131862%2Fsilver-sparrow-malware-discovered-on-30k-infected-macs&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x4392%7C1600x4392%7C1600x4392&msz=1x1%7C1x1%7C1x1&ga_vid=1708592404.1614009608&ga_sid=1614009608&ga_hid=1129465775&fws=0%2C0%2C0&ohw=0%2C0%2C0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
fd8fd413a00a64f547f27df5754883091e5624a8b69ad412675680e541e736cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:08 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4227
x-xss-protection
0
google-lineitem-id
4910077359,4910077359,4910077359
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138256924689,138256970540,138256924656
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://uk.pcmag.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
970a91b2ede9c966f542ee0c4fcdd9c1.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://970a91b2ede9c966f542ee0c4fcdd9c1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
20180
stags.bluekai.com/site/ Frame 2B88 		71 B
434 B 		Document
General
Check archive.org
Download Go to
Full URL
https://stags.bluekai.com/site/20180?ret=html&phint=sections%3D&phint=userType%3D&phint=authors%3D&phint=__bk_t%3DSilver%20Sparrow%20Malware%20Discovered%20on%2030K%20Infected%20Macs&phint=__bk_k%3DHome%2C%20Software%20%26%20Services%2C%20Operating%20Systems%2C%20MacOS&phint=__bk_l%3Dhttps%3A%2F%2Fuk.pcmag.com%2Fmacos%2F131862%2Fsilver-sparrow-malware-discovered-on-30k-infected-macs&phint=__bk_v%3D3.1.9&limit=10&r=18794997
Requested by
Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.41.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-41-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3

Request headers

Host
stags.bluekai.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs

Response headers

Content-Type
text/html
Content-Length
71
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Pragma
no-cache
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Cache-Control
max-age=0, no-cache, no-store
BK-Server
73ae
Date
Mon, 22 Feb 2021 16:00:08 GMT
Connection
keep-alive
322220058389212
connect.facebook.net/signals/config/ 		241 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/322220058389212?v=2.9.33&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8c54847eaed3dd4fd66967a2bedc95b625ef34f6e23196335f7a505b6c241468
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
70974
x-fb-rlafr
0
pragma
public
x-fb-debug
ImrEtcuaux+kkRf75oSe+0Q1swcxSj8fCzGj+BFspiTNHGvLSMvtvdhlLa9bEutBkymsYT3tDR91XzpKzoSJlw==
x-fb-trip-id
2050670934
x-frame-options
DENY
date
Mon, 22 Feb 2021 16:00:08 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-content-id
1953155542
expires
Sat, 01 Jan 2000 00:00:00 GMT
events
prd-collector-anon.ex.co/main/ 		0
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/85f28425-6f28-464b-80f0-545fb7018a84
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.15.110 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://uk.pcmag.com
date
Mon, 22 Feb 2021 16:00:08 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
css2
fonts.googleapis.com/ 		2 KB
650 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto&display=swap
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a430a3f10ce490ee3be6f3159a368b22de00eb7089b4f7980e7de5bf943ad1d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 22 Feb 2021 15:03:39 GMT
server
ESF
date
Mon, 22 Feb 2021 16:00:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 Feb 2021 16:00:08 GMT
events
prd-collector-anon.ex.co/main/ 		0
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/85f28425-6f28-464b-80f0-545fb7018a84
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.15.110 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://uk.pcmag.com
date
Mon, 22 Feb 2021 16:00:08 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
hls.min.js
player.avplayer.com/script/2/2.55/libs/ 		247 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/85f28425-6f28-464b-80f0-545fb7018a84
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:b571 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:08 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-Uxu1dKx6LlJTShyUwnH-A8MNGa0Uc6ftZ309G_-PcBZA5zvnETlHpLPodazavG4SLH2uWEOVwch5l9bsL9fxLc
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
71831
last-modified
Sun, 10 Jan 2021 14:52:52 GMT
server
UploadServer
etag
"7888b98658e8cef4a98786556ccdab66"
vary
Accept-Encoding
x-goog-hash
crc32c=vMWMIg==, md5=eIi5hljozvSph4ZVbM2rZg==
content-language
en
x-goog-generation
1610290372874389
cache-control
public, max-age=300
x-goog-stored-content-length
71831
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 22 Feb 2021 16:05:08 GMT
truncated
/ 		548 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
902dde5c61e28b2ea557a81ff2d3a2be505654f7a8d74b35c52410f47dc75f66

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		484 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f677418329f1492ff13d5041c5872f1570eda43eaca5d1854a61de27385dab66

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		478 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
23727e1fd90dc2bc2566aeef37ee69dd72c888dd8ba8d726f45e843c85eb0d67

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		411 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		365 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04b2684e2a85ed8bf65eb0e6a3b4d942ebe82fcec4169bf3b322b9ad06f6565f

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
85f28425-6f28-464b-80f0-545fb7018a84_1612184236399.png
cdn.playbuzz.com/logos/ 		20 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.playbuzz.com/logos/85f28425-6f28-464b-80f0-545fb7018a84_1612184236399.png
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.15 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
192cadf7cd2ac89341d828514022ecd009550d029d615464e9e740409f434ad0

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:08 GMT
content-encoding
gzip
last-modified
Mon, 01 Feb 2021 12:57:17 GMT
server
AmazonS3
etag
"d029c0c437753341893d57c9633af9a9"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
19237
AVmanager.js
player.aniview.com/script/6.1/ Frame 4B73 		330 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/85f28425-6f28-464b-80f0-545fb7018a84
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:10c:4bc::2c79 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
27f134473172d14cd47354c8f5d5471b58b392adc74da3ce4616b17655033c97

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:08 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-Uwy3EFL7k_PBNqC2n4PTfirVIazT9oJTH7og4w1OaUxSyPts3R4XUXjk-6LpX9F4L6VWz9sT2OYJt5SkGWIZkVrGXPF7Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
95508
last-modified
Tue, 16 Feb 2021 14:44:45 GMT
server
UploadServer
etag
"d447c51bbdfe52658d6ed28dd532d206"
vary
Accept-Encoding
x-goog-hash
crc32c=Uzkbzw==, md5=1EfFG73+UmWNbtKN1TLSBg==
content-language
en
access-control-allow-origin
*
x-goog-generation
1613486685436363
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
95508
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 22 Feb 2021 16:05:08 GMT
track
atrack.avplayer.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://atrack.avplayer.com/track?pid=56ea678d181f46c76f8b45fb&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&e=playerLoaded&cb=1614009608410&cid=6019260a91fd901a1a3118e8&cou=CH&AV_PAGE_LOAD_UID=e3a7852b-baed-42a3-bdb4-18a2213dd2f8&AV_CDIM4=e3a7852b-baed-42a3-bdb4-18a2213dd2f8&INTEGRATION_TYPE=default&AV_CDIM5=default
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.166.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:08 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
events
prd-collector-anon.ex.co/main/ 		0
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/85f28425-6f28-464b-80f0-545fb7018a84
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.15.110 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://uk.pcmag.com
date
Mon, 22 Feb 2021 16:00:08 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
truncated
/ Frame EE9E 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b7e85885b3b3d8ff8c3d1c65691518efd766eaf873ec72e2a8eefeb0660daa3e

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 2050 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
610abac5f91364f99c4e961fa13445d771b1ff8275d3ce71734f4b079610286f

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 6213 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c5bfe82e55d67ad0c94bc81efe21b32298adbb25186365201c6f7098122f3e65

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
1153452811013376518
tpc.googlesyndication.com/simgad/ Frame EE9E 		826 B
852 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1153452811013376518?
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba2ad3ab1a3bc76b2d09ae1becfd7e6bd9d868eecc6af4d2fed12915d1d77315
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 19:41:42 GMT
x-content-type-options
nosniff
age
332306
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
826
x-xss-protection
0
last-modified
Thu, 03 Jan 2019 21:31:22 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Feb 2022 19:41:42 GMT
view%3Fxai%3DAKAOjsv20ogOOW3qTrYkgvjtc7G1Iu3I2cRODOghe2BcuO6Fu-09b_bnAEo78M4vOe-3Q_UVewEP9FGx5OPHeJgfN81EKxbdMm4gYfyJRiLqy3Dww2M0qixxzRiOsYrhNydMP_doC7CDw5i8GyPD3BsuhLQNpEQctXGqrjcrjE1BzqrzgqWvnIrN...
securepubads.g.doubleclick.net/pcs/ Frame EE9E 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjsv20ogOOW3qTrYkgvjtc7G1Iu3I2cRODOghe2BcuO6Fu-09b_bnAEo78M4vOe-3Q_UVewEP9FGx5OPHeJgfN81EKxbdMm4gYfyJRiLqy3Dww2M0qixxzRiOsYrhNydMP_doC7CDw5i8GyPD3BsuhLQNpEQctXGqrjcrjE1BzqrzgqWvnIrNDfiefeCkCvlgnqu6y3hMer2vutUH7on3Wk74tCySg1YMEMpFs0qJBqIQsByDnDeivGI_PsCTSZW1I2lCIqrn95pSGaORdx7QzxdVGmPFSM1Ev-zSO6lJb1d0CSPGID71V7g1_JNbbtq2hvM-OZyuNNvCjCvu%26sai%3DAMfl-YQVR0ztJA2vq7Ud-osYMEqnjbb7QAVNGYakAnAWk5GV5dXUemE84cvNaE8EFhmqJWNr23RQUUiUWB4_K4C_n68A63IB0j6y3TT84CT3olNpQgbx-X9wRLzxC3C52rM%26sig%3DCg0ArKJSzLVsWismTsq_EAE%26urlfix%3D1%26adurl%3D
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 22 Feb 2021 16:00:08 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 22 Feb 2021 16:00:08 GMT
1153452811013376518
tpc.googlesyndication.com/simgad/ Frame 2050 		826 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1153452811013376518?
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba2ad3ab1a3bc76b2d09ae1becfd7e6bd9d868eecc6af4d2fed12915d1d77315
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 19:41:42 GMT
x-content-type-options
nosniff
age
332306
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
826
x-xss-protection
0
last-modified
Thu, 03 Jan 2019 21:31:22 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Feb 2022 19:41:42 GMT
view%3Fxai%3DAKAOjsvMQPa3VSVEQMHfHYLwfmoBbi-7byG7zn8TeSgLGruraWnYgkSjOaIrZ_V8TvKGjc2rHCbtiSUFm0Vk58BvXIq4-emxgrZt5dzNBBeWUq60397h242L-lVT1-SHZuHO-sb0ndw3wKVfPjZZi3TZj2b8zDZ0K3OMC-MUR6VLlI6ubxLSX6MS...
securepubads.g.doubleclick.net/pcs/ Frame 2050 		0
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjsvMQPa3VSVEQMHfHYLwfmoBbi-7byG7zn8TeSgLGruraWnYgkSjOaIrZ_V8TvKGjc2rHCbtiSUFm0Vk58BvXIq4-emxgrZt5dzNBBeWUq60397h242L-lVT1-SHZuHO-sb0ndw3wKVfPjZZi3TZj2b8zDZ0K3OMC-MUR6VLlI6ubxLSX6MSdbfqIZ9YcqRNC73VDN7yUnNAc2o3XKJsQKF3Ol9jjTDtqGnj8b9z3uwbOK_Sdqt0aEvlJztfanno7ULngfHGDZ49liNUeLPieTNGE27FpRupfJn5A--eUtvNnHxiHTwDQLzZjPkBFkUWBG3b5ld9TTF3vpE%26sai%3DAMfl-YSvaj4sxvZKetNgYE-TCThUMENQ6pIzgbW8MUHlpY6EuVu44PnnTACjpjwJFzjq-KajaVnM-TSEPbS48l0WlqDq2TJAIH_qRg3BrnvELWvghDemumTs5yALUIBOvF4%26sig%3DCg0ArKJSzA5ER6Gpt5kEEAE%26urlfix%3D1%26adurl%3D
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 22 Feb 2021 16:00:08 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 22 Feb 2021 16:00:08 GMT
1153452811013376518
tpc.googlesyndication.com/simgad/ Frame 6213 		826 B
852 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1153452811013376518?
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba2ad3ab1a3bc76b2d09ae1becfd7e6bd9d868eecc6af4d2fed12915d1d77315
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 19:41:42 GMT
x-content-type-options
nosniff
age
332306
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
826
x-xss-protection
0
last-modified
Thu, 03 Jan 2019 21:31:22 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Feb 2022 19:41:42 GMT
view%3Fxai%3DAKAOjsur7DarlOiduYDVukhB1kEadSffciJc-16qAxHlulXRKoJTCkTvBYTYQ2R593_ICN_1WoSHCPcGVlVrWlsANQDr_ynh42uE2W6H3eWO4acsZmNQsF3OJ2Ovcz9i6MMCSKQaMZq10moYmME_p4cMolWlAWK10bGikKE7zRQPhGPpewOkMVz2...
securepubads.g.doubleclick.net/pcs/ Frame 6213 		0
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjsur7DarlOiduYDVukhB1kEadSffciJc-16qAxHlulXRKoJTCkTvBYTYQ2R593_ICN_1WoSHCPcGVlVrWlsANQDr_ynh42uE2W6H3eWO4acsZmNQsF3OJ2Ovcz9i6MMCSKQaMZq10moYmME_p4cMolWlAWK10bGikKE7zRQPhGPpewOkMVz2JU661lvUMjsRCVJXiDEUtXqM6D-LSzl4awBAkTgjkDyFJ5R8BAhhJDZrRlfUuv174jXghMfPatrSj5y6Qr2278ur_gBoeNSdkcV2FarkyF0NyshbLyZLeEpOY_X_9bnRCb59379xg4t9y0FaYpdIUA%26sai%3DAMfl-YR7QgyQFRBieYf_nu2tGFSYmZSe577j8JrjzUYTZQp8iiWR5YOiMavv4JxYncyCOXnM2BdIsJ3gycjDyTdlmPEQ1jPy0aJbYRgAMJqJL-izxZ3NxpLYD4_R45pyhpw%26sig%3DCg0ArKJSzCaE4K7z9V50EAE%26urlfix%3D1%26adurl%3D
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 22 Feb 2021 16:00:08 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 22 Feb 2021 16:00:08 GMT
osd.js
www.googletagservices.com/activeview/js/current/ 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ce8006f3571742a6891ba13084c53ec56bddb61d338b733847b1736da9456ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1613767901381048"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28346
x-xss-protection
0
expires
Mon, 22 Feb 2021 16:00:08 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://uk.pcmag.com
Referer
https://fonts.googleapis.com/css2?family=Roboto&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 03:58:38 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
302490
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Sat, 19 Feb 2022 03:58:38 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
712 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/s/js/prebid3.24.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 22 Feb 2021 16:00:09 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 721.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.239:80
AN-X-Request-Uuid
6c12d9cb-adfa-4969-8afb-f71850816c7a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://uk.pcmag.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/s/js/prebid3.24.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://uk.pcmag.com
date
Mon, 22 Feb 2021 16:00:13 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ 		622 B
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9470&site_id=57242&zone_id=317282%3B518280%3B165524%3B317282&size_id=2%3B15%3B15%3B2&alt_size_ids=55%2C57%3B10%3B10%3B55&gdpr=0&us_privacy=1---&rf=https%3A%2F%2Fuk.pcmag.com%2Fmacos%2F131862%2Fsilver-sparrow-malware-discovered-on-30k-infected-macs&tk_flint=pbjs_lite_v3.24.0&x_source.tid=8ff71322-1cfc-4f5b-91f7-8b93f5b69c63%3B9964dde8-cc4b-4700-83e4-7e459134072f%3B87d1aaaf-158b-49a7-a22b-7c904979926c%3Ba63b93ee-87ad-4039-8545-fa19bb1cdcd1&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=4&rand=0.36529201741224426
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/s/js/prebid3.24.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
1f3e83d448a2882dc68e6191ebf4ede43af6338592f43af3b615b0f1b6e0a6cc

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 22 Feb 2021 16:00:09 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://uk.pcmag.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
622
Expires
Wed, 17 Sep 1975 21:32:10 GMT
ADTECH;v=2;cmd=bid;cors=yes;alias=26857488d4f1e3f;misc=1614009608820;us_privacy=1---;
adserver-eu.adtech.advertising.com/pubapi/3.0/4900.1/6536634/0/0/ 		0
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-eu.adtech.advertising.com/pubapi/3.0/4900.1/6536634/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=26857488d4f1e3f;misc=1614009608820;us_privacy=1---;
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/s/js/prebid3.24.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Feb 2021 16:00:08 GMT
server
nginx
access-control-allow-methods
POST,GET,HEAD,OPTIONS
access-control-allow-origin
https://uk.pcmag.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT
ADTECH;v=2;cmd=bid;cors=yes;alias=272a8b67e4f888f;misc=1614009608820;us_privacy=1---;
adserver-eu.adtech.advertising.com/pubapi/3.0/4900.1/6536635/0/0/ 		0
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-eu.adtech.advertising.com/pubapi/3.0/4900.1/6536635/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=272a8b67e4f888f;misc=1614009608820;us_privacy=1---;
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/s/js/prebid3.24.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Feb 2021 16:00:08 GMT
server
nginx
access-control-allow-methods
POST,GET,HEAD,OPTIONS
access-control-allow-origin
https://uk.pcmag.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT
ADTECH;v=2;cmd=bid;cors=yes;alias=28dea310e2b9504;misc=1614009608820;us_privacy=1---;
adserver-eu.adtech.advertising.com/pubapi/3.0/4900.1/6536644/0/0/ 		0
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-eu.adtech.advertising.com/pubapi/3.0/4900.1/6536644/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=28dea310e2b9504;misc=1614009608820;us_privacy=1---;
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/s/js/prebid3.24.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Feb 2021 16:00:08 GMT
server
nginx
access-control-allow-methods
POST,GET,HEAD,OPTIONS
access-control-allow-origin
https://uk.pcmag.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT
ADTECH;v=2;cmd=bid;cors=yes;alias=29f9a34a1b168e7;misc=1614009608820;us_privacy=1---;
adserver-eu.adtech.advertising.com/pubapi/3.0/4900.1/6536636/0/0/ 		0
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-eu.adtech.advertising.com/pubapi/3.0/4900.1/6536636/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=29f9a34a1b168e7;misc=1614009608820;us_privacy=1---;
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/s/js/prebid3.24.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Feb 2021 16:00:08 GMT
server
nginx
access-control-allow-methods
POST,GET,HEAD,OPTIONS
access-control-allow-origin
https://uk.pcmag.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT
bid
krk.kargo.com/api/v2/ 		0
0
/
www.facebook.com/tr/ 		44 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=322220058389212&ev=PageView&dl=https%3A%2F%2Fuk.pcmag.com%2Fmacos%2F131862%2Fsilver-sparrow-malware-discovered-on-30k-infected-macs&rl=&if=false&ts=1614009608856&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1614009608854.530409384&it=1614009608328&coo=false&rqm=GET
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:08 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Mon, 22 Feb 2021 16:00:08 GMT
track
track1.aniview.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=uk.pcmag.com&sn=&cd4=e3a7852b-baed-42a3-bdb4-18a2213dd2f8&cd5=default&ic=0&tgt=0&app=&wi=831&he=468&test=&apppkg=&fv=3&proto=https&pid=56ea678d181f46c76f8b45fb&cid=6019260a91fd901a1a3118e8&e=inventory&vi=0&cb=1614009608966
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.84.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:09 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
premiumsrv.aniview.com/api/adserver/tag/ 		18 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://premiumsrv.aniview.com/api/adserver/tag/?cou=CH&AV_PAGE_LOAD_UID=e3a7852b-baed-42a3-bdb4-18a2213dd2f8&AV_CDIM4=e3a7852b-baed-42a3-bdb4-18a2213dd2f8&INTEGRATION_TYPE=default&AV_CDIM5=default&AV_VIDEOURL=https%3A%2F%2Fmcd.ex.co%2Fvideo%2Fupload%2Fsp_hd%2Fv1490095101%2Flandscapea87e9519-2161-4e14-8cb6-f6ff76872643_1614000684082.m3u8&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fuk.pcmag.com%2Fmacos%2F131862%2Fsilver-sparrow-malware-discovered-on-30k-infected-macs&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&AV_CHANNELID=6019260a91fd901a1a3118e8&format=json&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DNT=0&AV_DETDOMAIN=uk.pcmag.com&AV_DADPOS=3&v=6.1.1.243&responsive=1&avtoken=608965&AV_WIDTH=831&AV_HEIGHT=468&AV_CCPA=1---&cb=1614009609025
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.228.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
f846fdb8d66b149cd8dcb996f062d88f1a7818985fe00a33f596dda6cdc38a79

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:09 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://uk.pcmag.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Thu, 11 Feb 2021 02:13:29 GMT
landscapea87e9519-2161-4e14-8cb6-f6ff76872643_1614000684082.m3u8
mcd.ex.co/video/upload/sp_hd/v1490095101/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/sp_hd/v1490095101/landscapea87e9519-2161-4e14-8cb6-f6ff76872643_1614000684082.m3u8
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.126.36.187 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
cfd0e579226e8c77cbeae64562a4e7892442a3b1b2a232a3c130e7c46d0cf090

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 22 Feb 2021 16:00:09 GMT
Status
200 OK
Connection
keep-alive
Content-Length
1077
X-Request-Id
2a22191376ede50c6658e1d2ab35a77a
X-Served-By
cache-wdc5526-WDC
Last-Modified
Mon, 22 Feb 2021 13:36:38 GMT
Server
cloudinary
X-Timer
S1614000990.074269,VS0,VE8035
ETag
"c443022b99d0e57e9b889b43b915da10"
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31549043
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
0
z0WVjCBSEeGLoxIxOQVEwQ
zdbb.net/l/ 		43 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zdbb.net/l/z0WVjCBSEeGLoxIxOQVEwQ?additionalInformation=&cms_page_id=&local_uid=&referrer=&zd_pageview_id=fe1a2e03-c59a-4d49-9111-6cf44589c766&zd_location=https%3A%2F%2Fuk.pcmag.com%2Fmacos%2F131862%2Fsilver-sparrow-malware-discovered-on-30k-infected-macs&evidon_consent=undefined&third_party_consent=&fu=true
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.51.193.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:09 GMT
content-length
43
content-type
image/gif
eAAAAAAAAAAAAAAAAAAAAA
zdbb.net/n/ 		43 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zdbb.net/n/eAAAAAAAAAAAAAAAAAAAAA?tp=fbaoieljflkjslkwrkfbid&tpc=fb.1.1614009608854.530409384&zd_pageview_id=fe1a2e03-c59a-4d49-9111-6cf44589c766&zd_location=https%3A%2F%2Fuk.pcmag.com%2Fmacos%2F131862%2Fsilver-sparrow-malware-discovered-on-30k-infected-macs&evidon_consent=undefined&third_party_consent=&fu=true
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.51.193.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:09 GMT
content-length
43
content-type
image/gif
ads
securepubads.g.doubleclick.net/gampad/ 		171 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3673414383207411&correlator=1491320631646121&output=ldjh&impl=fifs&adsid=NT&eid=21068773%2C21068891%2C21069918%2C21065724&vrg=2021021101&ptt=17&gdpr_consent=tcunavailable&gdpr=0&tcfe=3&us_privacy=1---&guci=2.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210222&iu_parts=4585%2CPCMag.com_International%2CPCMAG_INT_ATF_Leader%2CPCMAG_INT_ATF_mpu%2CPCMAG_INT_BTF_mpu%2CPCMAG_INT_BTF_footer&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5&prev_iu_szs=970x250%7C970x180%7C970x90%7C728x90%2C300x600%7C300x250%2C300x600%7C300x250%2C997x123%7C970x90%7C728x90&ppid=170af904493d4bb6817de2accfda1770&prev_scp=slot%3Dbillboard%26rfr%3Dfalse%26pos%3Datf%2Ctop%26npos%3D1%7Cslot%3Dhalfpage%26rfr%3Dfalse%26pos%3Dbtf%2Cbottom%26npos%3D1%7Cslot%3Dhalfpage%26rfr%3Dfalse%26pos%3Dbtf%2Cbottom%26npos%3D2%7Cslot%3Dfooter%26rfr%3Dfalse%26pos%3Dbtf%2Cbottom%26npos%3D1&eri=1&cust_params=ref%3D%26locationpath%3D%252Fmacos%252F131862%252Fsilver-sparrow-malware-discovered-on-30k-infected-macs%26gdpr%3D0%26tags%3Dsoftware-services%252Chomepage%252Coperating-systems%252Carticle%252Cmacos%26products%3D%26zdtopic%3Dhomepage%252Csoftware-services%252Csoftware%252Cservices%252Coperating-systems%252Coperating%252Csystems%252Cmacos%26companies%3D%26page%3Dros%26lang%3Den%26article_id%3D131862%26pageviewid%3Dfe1a2e03-c59a-4d49-9111-6cf44589c766%26zdid%3D5a0d01f4f05f2ab17b4207edb7874f20%26s%3D%26p2%3D8001%252C1100481%252C1200481%252C1100744%252C6953%252C1200744%252C1100058%252C1100699%252C6910%26zdbb%3D&cookie=ID%3D29b2d2ab60d1a435-22494bb98dba00db%3AT%3D1614009608%3AS%3DALNI_MZarcQL0oyAFOxrCo4KvszmYscN9Q&bc=31&abxe=1&lmt=1614007658&dt=1614009609130&dlt=1614009607375&idt=815&frm=20&biw=1600&bih=1200&oid=3&adxs=315%2C1204%2C1204%2C302&adys=120%2C1282%2C1882%2C4233&adks=305664200%2C1559458739%2C3949853441%2C3511723887&ucis=4%7C5%7C6%7C7&ifi=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fuk.pcmag.com%2Fmacos%2F131862%2Fsilver-sparrow-malware-discovered-on-30k-infected-macs&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x5009%7C300x1200%7C300x1200%7C1600x5009&msz=1600x250%7C300x600%7C300x600%7C1600x123&psts=AGkb-H-Jz1CFHKAH1y796wLJ_B6t_xxh3ldo6TN7ZlJV0dl4CC7wWlYctSzbepRywhDwj3eD5e6MbV5fbfE%2CAGkb-H-6YfnsLOgJJxPkh6EVjhqtPT4wkX5cako1tvW7ATzJxvVi3jJwdsmj9b-6kGAyzs1UL6Nxn4N9ZQc%2CAGkb-H-p3bESiF48hlpsneBK_MZtKRk57EBgx3izby0LIa52hm36sqSxgohf0fazKDH0-TZKNJLgDg&ga_vid=1708592404.1614009608&ga_sid=1614009608&ga_hid=1129465775&fws=0%2C512%2C512%2C0&ohw=0%2C0%2C0%2C0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
ed099a5a927a0e20bd69317f049b42cbac8332ea3bef2116ce910be15fff83bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:09 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26554
x-xss-protection
0
google-lineitem-id
96127892,-1,96127892,96127892
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
41913316652,-1,54467904452,39236404532
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://uk.pcmag.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
landscapea87e9519-2161-4e14-8cb6-f6ff76872643_1614000684082.m3u8
mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1614000936/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1614000936/landscapea87e9519-2161-4e14-8cb6-f6ff76872643_1614000684082.m3u8
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.126.36.187 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
6a2ad268cfdffbb9570afbe1bc223d1e47db6b5ea734f5d7af02f2f183f90048

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 22 Feb 2021 16:00:09 GMT
Last-Modified
Mon, 22 Feb 2021 13:35:44 GMT
Server
cloudinary
X-Timer
S1614001074.428795,VS0,VE1
ETag
"d62c89a751cd2e841aa1db183de1019f"
X-Served-By
cache-wdc5576-WDC
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31549041
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
Content-Length
1221
X-Cache-Hits
1
landscapea87e9519-2161-4e14-8cb6-f6ff76872643_1614000684082.ts
mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1614000936/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1614000936/landscapea87e9519-2161-4e14-8cb6-f6ff76872643_1614000684082.ts
Protocol
HTTP/1.1
Server
104.126.36.187 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://uk.pcmag.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Mon, 22 Feb 2021 16:00:09 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
landscapea87e9519-2161-4e14-8cb6-f6ff76872643_1614000684082.ts
mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1614000936/ 		50 KB
51 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1614000936/landscapea87e9519-2161-4e14-8cb6-f6ff76872643_1614000684082.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.126.36.187 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
6b2c97d29f9cad3f180c2d0f467df328a1c4b8f0e7a697932a6ca500c49089e9

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range
bytes=0-51323

Response headers

Date
Mon, 22 Feb 2021 16:00:09 GMT
Content-Range
bytes 0-51323/961620
Connection
keep-alive
Content-Length
51324
X-Served-By
cache-wdc5553-WDC
Last-Modified
Mon, 22 Feb 2021 13:35:43 GMT
Server
cloudinary
X-Timer
S1614001075.598094,VS0,VE0
ETag
"fe0bc4598690f10bf22f8d08ceae1605"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31549068
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
0c9ccc99-bd28-4ca3-b05c-715a76594d96
https://uk.pcmag.com/ 		63 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://uk.pcmag.com/0c9ccc99-bd28-4ca3-b05c-715a76594d96
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length
64352
Content-Type
text/javascript
landscapea87e9519-2161-4e14-8cb6-f6ff76872643_1614000684082.m3u8
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614000936/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614000936/landscapea87e9519-2161-4e14-8cb6-f6ff76872643_1614000684082.m3u8
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.126.36.187 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
4ec68e819882c78534a832859b38091d9804aea1cf9f5c4c64d4fc77433133c1

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 22 Feb 2021 16:00:09 GMT
Last-Modified
Mon, 22 Feb 2021 13:35:55 GMT
Server
cloudinary
X-Timer
S1614001075.865143,VS0,VE1
ETag
"e109de2546746a39c2bef7c3e4665df6"
X-Served-By
cache-wdc5576-WDC
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31548987
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
Content-Length
1233
X-Cache-Hits
1
check
jogger.zdbb.net/ 		5 B
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jogger.zdbb.net/check?href=https%3A%2F%2Fuk.pcmag.com%2Fmacos%2F131862%2Fsilver-sparrow-malware-discovered-on-30k-infected-macs
Requested by
Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.22.39 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
4e523a5ae5b4636c75901b79fafbd3912e41dc7987414e688b09d4b436ff22b3

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:09 GMT
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=851035
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control
content-length
5
zd-core-olt.min.js
bbstatic.pcmag.com/js/ 		844 B
776 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bbstatic.pcmag.com/js/zd-core-olt.min.js?v=5
Requested by
Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.36.234.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-234-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1331ce07d67579b7a85c3f1deb9479460b198356c6d1aee8de72daa1d5e377b2

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
SB5Zb.JQr3Vk6VrKr9DnOzFSowr6zF3N
content-encoding
gzip
last-modified
Wed, 10 Feb 2021 14:57:59 GMT
x-amz-request-id
FA81DB1112F28638
date
Mon, 22 Feb 2021 16:00:09 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
accept-ranges
bytes
content-length
464
x-amz-id-2
XGyzhq8mKOOjufY/AkVg2eoX6obnm8cd+MpuC4scNI/84H9fQdR66YZGI/D3cO6Nz2YeN2DRW9E=
expires
Mon, 01 Mar 2021 16:00:09 GMT
bk-coretag.js
bbstatic.pcmag.com/js/ 		38 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bbstatic.pcmag.com/js/bk-coretag.js
Requested by
Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.36.234.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-234-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f6de9ced41ed54dbfc4f51abfeb65d843bd8dd33a45cbb773ecf5f92d065dd52

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
HpjBQZRG__1jGVkV540oBSoZ9C5IJsUg
content-encoding
gzip
last-modified
Wed, 10 Feb 2021 14:57:59 GMT
x-amz-request-id
58EEA95D8D17EB8C
date
Mon, 22 Feb 2021 16:00:09 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
accept-ranges
bytes
content-length
13297
x-amz-id-2
JeO/Ta1Tu8d2V87w4xC573HSnuwAedFVcfNx0JHFCVbf8ILWLbGXKrPWtSlru4M6bLMb2XuNi20=
expires
Mon, 01 Mar 2021 16:00:09 GMT
krux-coretag.js
bbstatic.pcmag.com/js/ 		335 B
565 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bbstatic.pcmag.com/js/krux-coretag.js
Requested by
Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.36.234.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-234-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4f30bdeed794aeb92d85e55d901c0bdb634df32432010792e3b569ea73cae443

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
o2JEkGunhRs73Op0GuV2hc5ayS5Hg8U0
content-encoding
gzip
last-modified
Wed, 10 Feb 2021 14:58:00 GMT
x-amz-request-id
4A307EE6612FB271
date
Mon, 22 Feb 2021 16:00:09 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
content-length
255
x-amz-id-2
+gOAhqcTd2rm2/cKQkyxsP/7KG5pILHI3Du27JeS8WkAqIbaFHx29xf4k//ilgVLA+tw8FBx3NA=
expires
Mon, 22 Feb 2021 17:00:09 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021021101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a36c6bd5894ade963b5ad277d5ce55a7aa56a7795d45fb7f154fc7d04e8a224
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 22 Feb 2021 16:00:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6429
x-xss-protection
0
landscapea87e9519-2161-4e14-8cb6-f6ff76872643_1614000684082.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614000936/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614000936/landscapea87e9519-2161-4e14-8cb6-f6ff76872643_1614000684082.ts
Protocol
HTTP/1.1
Server
104.126.36.187 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://uk.pcmag.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Mon, 22 Feb 2021 16:00:09 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
landscapea87e9519-2161-4e14-8cb6-f6ff76872643_1614000684082.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614000936/ 		101 KB
102 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614000936/landscapea87e9519-2161-4e14-8cb6-f6ff76872643_1614000684082.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.126.36.187 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
2d8b542c1c5ed917c99ce002e4e8e222d5302ce6bf42ed3f4443a9ada7017a68

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range
bytes=0-103399

Response headers

Date
Mon, 22 Feb 2021 16:00:09 GMT
Content-Range
bytes 0-103399/2225732
Connection
keep-alive
Content-Length
103400
X-Served-By
cache-wdc5534-WDC
Last-Modified
Mon, 22 Feb 2021 13:35:54 GMT
Server
cloudinary
X-Timer
S1614001075.317842,VS0,VE0
ETag
"ea2d82003dd91279bfc91d75e424ee6b"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31549080
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
/
www.facebook.com/tr/ 		0
105 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryTdy9mDBrGPKDbDaN

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Mon, 22 Feb 2021 16:00:09 GMT
content-type
text/plain
access-control-allow-origin
https://uk.pcmag.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Mon, 22 Feb 2021 16:00:09 GMT
spgdj7g8u.js
cdn.krxd.net/controltag/ 		2 B
394 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/controltag/spgdj7g8u.js
Requested by
Host: bbstatic.pcmag.com
URL: https://bbstatic.pcmag.com/js/krux-coretag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Mon, 22 Feb 2021 16:00:09 GMT
via
1.1 varnish, 1.1 varnish
age
977
x-cache
MISS, HIT, HIT
x-app-cache
MISS
x-age
0
content-encoding
gzip
content-length
22
x-served-by
config-service-a001-ash-prod.krxd.net, cache-bwi5130-BWI, cache-hhn4073-HHN
x-response-time
0
x-do-esi
esi
x-timer
S1614009609.464348,VS0,VE0
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 1, 178
30629
stags.bluekai.com/site/ Frame 2B88 		71 B
338 B 		Document
General
Check archive.org
Download Go to
Full URL
https://stags.bluekai.com/site/30629?ret=html&phint=site%3Duk.pcmag.com&phint=referer%3Dhttps%3A%2F%2Fuk.pcmag.com%2Fmacos%2F131862%2Fsilver-sparrow-malware-discovered-on-30k-infected-macs&phint=bbseg%3D8001&phint=bbseg%3D1100481&phint=bbseg%3D1200481&phint=bbseg%3D1100744&phint=bbseg%3D6953&phint=bbseg%3D1200744&phint=bbseg%3D1100058&phint=bbseg%3D1100699&phint=bbseg%3D6910&phint=__bk_t%3DSilver%20Sparrow%20Malware%20Discovered%20on%2030K%20Infected%20Macs&phint=__bk_k%3DHome%2C%20Software%20%26%20Services%2C%20Operating%20Systems%2C%20MacOS&phint=__bk_l%3Dhttps%3A%2F%2Fuk.pcmag.com%2Fmacos%2F131862%2Fsilver-sparrow-malware-discovered-on-30k-infected-macs&limit=10&bknms=ver=2.0,ua=d8bd5e10404670a7201877f317e1eb71,t=1614009609386,m=4b4e4ecaab1f1c93ab1f1c93ab1f1c93,k=1,lang=07ef608d8a7e9677f0b83775f0b83775,sr=1600x1200x24,tzo=-60,hss=true,hls=false,idb=true,addb=undefined,odb=undefined,cpu=4b4e4ecaab1f1c93ab1f1c93ab1f1c93,platform=1c17637dbf2f8edebf2f8edebf2f8ede,notrack=,plugins=4b4e4ecaab1f1c93ab1f1c93ab1f1c93&r=36514322
Requested by
Host: bbstatic.pcmag.com
URL: https://bbstatic.pcmag.com/js/bk-coretag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.41.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-41-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3

Request headers

Host
stags.bluekai.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs

Response headers

Content-Type
text/html
Content-Length
71
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
BK-Server
dae3
Date
Mon, 22 Feb 2021 16:00:09 GMT
Connection
keep-alive
X-N
S
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame F8B6 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Mon, 22 Feb 2021 15:51:00 GMT
expires
Tue, 22 Feb 2022 15:51:00 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
549
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
dfZxd03ctMAtOzJA0awyJ9FYXT3-SPE4vneR-Lkp6e0.js
pagead2.googlesyndication.com/bg/ Frame F8B6 		14 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/dfZxd03ctMAtOzJA0awyJ9FYXT3-SPE4vneR-Lkp6e0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75f671774ddcb4c02d3b3240d1ac3227d1585d3dfe48f138be7791f8b929e9ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 12:17:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 09 Feb 2021 09:15:00 GMT
server
sffe
age
13359
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6227
x-xss-protection
0
expires
Tue, 22 Feb 2022 12:17:30 GMT
cookiesyncendpoint
sync.aniview.com/ Frame DCD3
Redirect Chain
  • https://pixel.advertising.com/ups/58195/sync?&gdpr=0&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58195/sync?&gdpr=0&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58195/sync?&gdpr=0&gdpr_consent=&redir=true&apid=UP0a03af44-7527-11eb-887b-06d94a4d8262
  • https://ups.analytics.yahoo.com/ups/58195/sync?&gdpr=0&gdpr_consent=&redir=true&apid=UP0a03af44-7527-11eb-887b-06d94a4d8262&verify=true
  • https://sync.aniview.com/cookiesyncendpoint?biddername=25&key=y-BGKbbrR1l2a04mwnF5Et.fodkWu1oEMV~UP0a03af44-7527-11eb-887b-06d94a4d8262
0
38 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?biddername=25&key=y-BGKbbrR1l2a04mwnF5Et.fodkWu1oEMV~UP0a03af44-7527-11eb-887b-06d94a4d8262
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.70.106 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
sync.aniview.com
:scheme
https
:path
/cookiesyncendpoint?biddername=25&key=y-BGKbbrR1l2a04mwnF5Et.fodkWu1oEMV~UP0a03af44-7527-11eb-887b-06d94a4d8262
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs

Response headers

date
Mon, 22 Feb 2021 16:00:10 GMT
content-length
0

Redirect headers

Date
Mon, 22 Feb 2021 16:00:09 GMT
Content-Length
0
Strict-Transport-Security
max-age=31536000
Set-Cookie
IDSYNC=18wj~1wmf;Version=1;Domain=.analytics.yahoo.com;Path=/;Max-Age=31622400;Expires=Wed, 23-Feb-2022 16:00:09 GMT;Secure;SameSite=None APID=UP0a03af44-7527-11eb-887b-06d94a4d8262;Version=1;Domain=.yahoo.com;Path=/;Max-Age=26985590;Expires=Sat, 01-Jan-2022 00:00:00 GMT;Secure;SameSite=None APIDTS=1614009609;Version=1;Domain=.yahoo.com;Path=/;Max-Age=86400;Expires=Tue, 23-Feb-2021 16:00:09 GMT;Secure;SameSite=None A3=d=AQABBAnVM2ACEHOClwFq33uNkFJgZhoxPmcFEgEBAQEmNWA9YAAAAAAA_SMAAA&S=AQAAAo0_-Er34fzh96rBdd1vta4; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly B=6efhh39g37l89&b=3&s=rm; Max-Age=31557600; Domain=.yahoo.com; Path=/
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.aniview.com/cookiesyncendpoint?biddername=25&key=y-BGKbbrR1l2a04mwnF5Et.fodkWu1oEMV~UP0a03af44-7527-11eb-887b-06d94a4d8262
Age
0
Connection
keep-alive
Server
ATS/7.1.2.128
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 65A0 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1614009609342-925891584731-020540-007-008288%26biddername%3D1%26key%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=77043
Expires
Tue, 23 Feb 2021 13:24:12 GMT
Date
Mon, 22 Feb 2021 16:00:09 GMT
Connection
keep-alive
Vary
Accept-Encoding
Cookie set usermatch
ssum.casalemedia.com/ Frame 1DF7
Redirect Chain
  • https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1614009609342-925891584731-020540-007-008288%26biddername%3D42%26key%3D
  • https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1614009609342-925891584731-020540-007-008288%26biddername%3D42%26key%3D&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1614009609342-925891584731-020540-007-008288%26biddername%3D42%26key%3D&C=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6941576fd1e5c3ab682f6337679130abcfdca173c4ae3368d12849d5fe817ce3

Request headers

Host
ssum.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YDPVCR-5EZdYAaX5Qx7MVwAA; CMPS=3202
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs

Response headers

Server
Apache
Content-Type
text/html
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1728
Expires
Mon, 22 Feb 2021 16:00:09 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 22 Feb 2021 16:00:09 GMT
Connection
keep-alive
Set-Cookie
CMID=YDPVCR-5EZdYAaX5Qx7MVwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 22 Feb 2022 16:00:09 GMT CMPS=3202;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 23 May 2021 16:00:09 GMT CMPRO=1127;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 23 May 2021 16:00:09 GMT CMST=YDPVCWAz1QkA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 23 Feb 2021 16:00:09 GMT CMRUM3=296033d50905a00&276033d5090b40&516033d50905a0&c36033d50905a00&f16033d50905a00&696033d50905a0&e66033d50927600&2d6033d50905a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 22 Feb 2022 16:00:09 GMT

Redirect headers

Server
Apache
Content-Length
379
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1614009609342-925891584731-020540-007-008288%26biddername%3D42%26key%3D&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Mon, 22 Feb 2021 16:00:09 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 22 Feb 2021 16:00:09 GMT
Connection
keep-alive
Set-Cookie
CMID=YDPVCR-5EZdYAaX5Qx7MVwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 22 Feb 2022 16:00:09 GMT CMPS=3202;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 23 May 2021 16:00:09 GMT
usync.html
eus.rubiconproject.com/ Frame 157A
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17136&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
291 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-50-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
khaos=KLGRNCO8-1Y-B68A; rsid=1|AIfsdBUH+v3fWCPuzNowDE/csJlhKa2tjCFRUZWfOQd2r4f5PmnhQaqTCqCKieGkTxzCtz/GWjvGSkTNWjmsGgfE/2wGlVwK8BMqZcvhERs6owWuEKlcU66TGfmMWV7/AA==; audit=1|hLZGFuTafB3QuWFmMzHSD3p4/TMPY9Xw+1egRt6SQlYU9JRcABA9PB1QBF2UXcgqaNgdOVL2Yy+QZjN0KInHcNAPlTu0R9RN; ses15=; vis15=57242^1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Mon, 28 Sep 2020 17:02:39 GMT
ETag
"4000c-123-5b062a240e9c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
238
Content-Type
text/html; charset=UTF-8
Date
Mon, 22 Feb 2021 16:00:09 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Date
Mon, 22 Feb 2021 16:00:09 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
ac
www9.smartadserver.com/
Redirect Chain
  • https://www9.smartadserver.com/ac?siteid=218209&pgid=1027757&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1872210759263690914&pgdomain=https%3A%2F%2Fuk.pcmag.com%2Fmacos%2F131...
  • https://www9.smartadserver.com/ac?siteid=218209&pgid=1027757&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1872210759263690914&pgdomain=https%3A%2F%2Fuk.pcmag.com%2Fmacos%2F131...
129 B
528 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www9.smartadserver.com/ac?siteid=218209&pgid=1027757&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1872210759263690914&pgdomain=https%3A%2F%2Fuk.pcmag.com%2Fmacos%2F131862%2Fsilver-sparrow-malware-discovered-on-30k-infected-macs&vph=468&vpw=831&gdpr_consent=&us_privacy=1---&schain=1.0%2C1!playbuzz.com%2C0016M00002FrnXbQAJ%2C1%2C%2CZiff+Davis+EMEA%2Cuk.pcmag.com&cbb=4009609477&cklb=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
0d782e0d957a825f22dbac3cd223537a4b428d1bdd6118eb8f18007ba6fa4c76

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Feb 2021 16:00:08 GMT
content-encoding
br
vary
Accept-Encoding
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://uk.pcmag.com
x-smrt-reason
5
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
text/xml; charset=UTF-8
transfer-encoding
chunked

Redirect headers

pragma
no-cache
date
Mon, 22 Feb 2021 16:00:09 GMT
location
https://www9.smartadserver.com/ac?siteid=218209&pgid=1027757&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1872210759263690914&pgdomain=https%3A%2F%2Fuk.pcmag.com%2Fmacos%2F131862%2Fsilver-sparrow-malware-discovered-on-30k-infected-macs&vph=468&vpw=831&gdpr_consent=&us_privacy=1---&schain=1.0%2C1!playbuzz.com%2C0016M00002FrnXbQAJ%2C1%2C%2CZiff+Davis+EMEA%2Cuk.pcmag.com&cbb=4009609477&cklb=1
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://uk.pcmag.com
x-smrt-reason
5
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
ac
www9.smartadserver.com/
Redirect Chain
  • https://www9.smartadserver.com/ac?siteid=218209&pgid=1027756&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1872210759263690927&pgdomain=https%3A%2F%2Fuk.pcmag.com%2Fmacos%2F131...
  • https://www9.smartadserver.com/ac?siteid=218209&pgid=1027756&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1872210759263690927&pgdomain=https%3A%2F%2Fuk.pcmag.com%2Fmacos%2F131...
129 B
528 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www9.smartadserver.com/ac?siteid=218209&pgid=1027756&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1872210759263690927&pgdomain=https%3A%2F%2Fuk.pcmag.com%2Fmacos%2F131862%2Fsilver-sparrow-malware-discovered-on-30k-infected-macs&vph=468&vpw=831&gdpr_consent=&us_privacy=1---&schain=1.0%2C1!playbuzz.com%2C0016M00002FrnXbQAJ%2C1%2C%2CZiff+Davis+EMEA%2Cuk.pcmag.com&cbb=4009609480&cklb=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
0d782e0d957a825f22dbac3cd223537a4b428d1bdd6118eb8f18007ba6fa4c76

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Feb 2021 16:00:09 GMT
content-encoding
br
vary
Accept-Encoding
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://uk.pcmag.com
x-smrt-reason
5
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
text/xml; charset=UTF-8
transfer-encoding
chunked

Redirect headers

pragma
no-cache
date
Mon, 22 Feb 2021 16:00:08 GMT
location
https://www9.smartadserver.com/ac?siteid=218209&pgid=1027756&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1872210759263690927&pgdomain=https%3A%2F%2Fuk.pcmag.com%2Fmacos%2F131862%2Fsilver-sparrow-malware-discovered-on-30k-infected-macs&vph=468&vpw=831&gdpr_consent=&us_privacy=1---&schain=1.0%2C1!playbuzz.com%2C0016M00002FrnXbQAJ%2C1%2C%2CZiff+Davis+EMEA%2Cuk.pcmag.com&cbb=4009609480&cklb=1
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://uk.pcmag.com
x-smrt-reason
5
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
s2s
s2s.aniview.com/api/adserver/ 		1 B
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.aniview.com/api/adserver/s2s?auc_id=95117a8d898f2258260cfc4de9af055f_172315653&wpm=&ssrtb=&pbjs=&AV_C_USER_ID=1614009609342-925891584731-020540-007-008288&cou=CH&AV_PAGE_LOAD_UID=e3a7852b-baed-42a3-bdb4-18a2213dd2f8&AV_CDIM4=e3a7852b-baed-42a3-bdb4-18a2213dd2f8&INTEGRATION_TYPE=default&AV_CDIM5=default&AV_VIDEOURL=https%3A%2F%2Fmcd.ex.co%2Fvideo%2Fupload%2Fsp_hd%2Fv1490095101%2Flandscapea87e9519-2161-4e14-8cb6-f6ff76872643_1614000684082.m3u8&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fuk.pcmag.com%2Fmacos%2F131862%2Fsilver-sparrow-malware-discovered-on-30k-infected-macs&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&AV_CHANNELID=6019260a91fd901a1a3118e8&format=json&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DNT=0&AV_DETDOMAIN=uk.pcmag.com&AV_DADPOS=3&v=6.1.1.243&responsive=1&avtoken=608965&AV_WIDTH=831&AV_HEIGHT=468&AV_CCPA=1---&cb=4009609481&tgt=0&
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.2.212 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:09 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://uk.pcmag.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Thu, 11 Feb 2021 02:13:29 GMT
avpb3.js
player.aniview.com/script/6.1/ Frame 4B73 		243 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/avpb3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:10c:4bc::2c79 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
b6ddf48274bd04af2292ab4363ce45c514cad97b2092f40ba670c29c1a287d91

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:09 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-UyqTLlkhStQuOa1yAZMNVz_CPRGIm9EXInl7ZsD4DP3dodBfYtgLxtZgTPgksPIMBZtRd0erxqhKJjt1wEB9alRxjfLxQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
78485
last-modified
Tue, 16 Feb 2021 10:53:10 GMT
server
UploadServer
etag
"4a955913e8844f429b38ade7b912b780"
vary
Accept-Encoding
x-goog-hash
crc32c=rnkRlQ==, md5=SpVZE+iET0KbOK3nuRK3gA==
content-language
en
access-control-allow-origin
*
x-goog-generation
1613472790520348
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
78485
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 22 Feb 2021 16:05:09 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=CH&cos=OSX&r=uk.pcmag.com&rs=uk.pcmag.com&sid=11470&t=1614009609&cip=185.156.175.107&sn=&tgt=0&osv=10.14.5&bv=83.0&brn=Chrome&wi=831&he=468&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1614009609342-925891584731-020540-007-008288&cha=0.7&cb=18722107592&cd4=e3a7852b-baed-42a3-bdb4-18a2213dd2f8&cd5=default&d9=0000&AV_WIDTH=831&AV_HEIGHT=468&nid=56ea678d181f46c76f8b45fb&ncid=6019260a91fd901a1a3118e8&e=request&cb=1614009609483&asid=6019260842581808e0130ea5%2C601926083804054202410299%2C5c18de8528a061035b671e18%2C5ee3d57071193a26344a4076%2C5ff1826de52e2f2dd148e0f4%2C5e9d5c4680b86937d23eb75b%2C5fcc9aaba63c2431742b91a6%2C5c18de8b073ef432d306911b%2C5fa2711a54dbb238c9289f7d&ofpr=%2C%2C%2C%2C3%2C1.2%2C2%2C%2C2&fpo=%2C%2C%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.84.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:09 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
327 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Feb 2021 16:00:09 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://uk.pcmag.com
x-smrt-reason
5
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
avjp
playbuzzltd-d.openx.net/v/1.0/ 		106 B
475 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://playbuzzltd-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fuk.pcmag.com%2Fmacos%2F131862%2Fsilver-sparrow-malware-discovered-on-30k-infected-macs&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=f88fe5e5-a4f1-42ad-ab1c-a254b6bd81cb&nocache=1614009609565&us_privacy=1---&schain=1.0%2C1!playbuzz.com%2C0016M00002FrnXbQAJ%2C1%2C95117a8d898f2258260cfc4de9af055f_172315653%2CZiff%20Davis%20EMEA%2Cuk.pcmag.com&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%2C%22w%22%3A831%2C%22h%22%3A468%7D%7D%5D%2C%22w%22%3A831%2C%22v%22%3A468%7D&auid=543669279&vwd=831&vht=468
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.202.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Feb 2021 16:00:09 GMT
via
1.1 google
server
OXGW/16.202.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://uk.pcmag.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://uk.pcmag.com
date
Mon, 22 Feb 2021 16:00:08 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
mvo
tag.1rx.io/rmp/217532/0/ 		0
269 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/217532/0/mvo?z=1r&hbv=4.20,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.210 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://uk.pcmag.com
Pragma
no-cache
Date
Mon, 22 Feb 2021 16:00:09 GMT
Cache-Control
private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Server
Tengine
Connection
keep-alive
landscapea87e9519-2161-4e14-8cb6-f6ff76872643_1614000684082.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614000936/ 		245 KB
245 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614000936/landscapea87e9519-2161-4e14-8cb6-f6ff76872643_1614000684082.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.126.36.187 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
eb022ac36b1bf57a195a1748c283f23c68ca410ed78a78154b177ac976dcda6c

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range
bytes=103400-353815

Response headers

Date
Mon, 22 Feb 2021 16:00:09 GMT
Content-Range
bytes 103400-353815/2225732
Connection
keep-alive
Content-Length
250416
X-Served-By
cache-wdc5534-WDC
Last-Modified
Mon, 22 Feb 2021 13:35:54 GMT
Server
cloudinary
X-Timer
S1614001075.317842,VS0,VE0
ETag
"ea2d82003dd91279bfc91d75e424ee6b"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31549080
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscapea87e9519-2161-4e14-8cb6-f6ff76872643_1614000684082.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614000936/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614000936/landscapea87e9519-2161-4e14-8cb6-f6ff76872643_1614000684082.ts
Protocol
HTTP/1.1
Server
104.126.36.187 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://uk.pcmag.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Mon, 22 Feb 2021 16:00:09 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
jload
pixel.adsafeprotected.com/ Frame 4EA6 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=7529&campId=728x90&pubId=51174092&chanId=187124372&placementId=96127892&pubCreative=41913316652&pubOrder=166163612&cb=1087763091&adsafe_par&impId=
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.144.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
8661da35a849235b663a03e43f72bd3808f917e012686b4585e254bfd5c303a0

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Feb 2021 16:00:09 GMT
content-encoding
gzip
x-server-name
app02.ie.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame B888 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstZMwQVMaFGr_ojb4hZoIqVs5aHCVrE7FZ6K6xsaN883cx4SrMXrPsUB4T6cnSWXuCdbj_0LfB4mVQ7XEfFaLsPhw8RloBdRXn7llldWQpRgKHRKL1ZpeSWXwP1c8nodD--9j8TfHIUAL-qTgb5uiclO1ThO3nJlCcbn_FykzMIkpGuNOanZyLuu86Gvm4L6cJ39JoE_XxlTy-F6gOcZHg5ygI57K791nOjnC8C448VEtALHRLGGdgMoR9fj_miAYpNIjOTqI9ZMsnm35alOQ6nuO0-OrsKb9veZ8ebQKoz6JwXpHNxqjTRmtgwPC2-0zYkZ9bRZrQ&sig=Cg0ArKJSzJ5oukharC36EAE&adurl=
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 22 Feb 2021 16:00:09 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/ Frame B888 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4db6732268b3d9330df1068351b18e2fd1c1c6da87b5953259b022a19ddfe7a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 15:58:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
107
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7377
x-xss-protection
0
server
cafe
etag
10747045913157086108
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 08 Mar 2021 15:58:22 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame B888 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 15:57:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
185
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
cafe
etag
8852521427838746165
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 08 Mar 2021 15:57:04 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B888 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1849dfa3c9eecd9464dea7f1279908a5503a9286169ffe8bf05f129ea9ffc8d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1613767888072973"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33369
x-xss-protection
0
expires
Mon, 22 Feb 2021 16:00:09 GMT
l
www.google.com/ads/measurement/ Frame B888 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSXHmzDPdv490tlh8f7nMlqf1TvOaDl3ZnLBl96sq8fqpzDYM5lv8Hw2Yj2C4mpOV5P0w2QfaWy-Fa-T1_GKaQhMkRHHg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
17722970540873164142
tpc.googlesyndication.com/simgad/ Frame B888 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17722970540873164142
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e137741ea4118803504bfa65a5a915a48776fa7bb6a43cbbbe19a3112c089d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 17 Feb 2021 06:19:18 GMT
x-content-type-options
nosniff
age
466851
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73435
x-xss-protection
0
last-modified
Wed, 28 Jun 2017 18:55:28 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Feb 2022 06:19:18 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/032101070013000/ Frame D83E 		185 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032101070013000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0f59622e2b26255471d645d7d7f8d43af7ba7afcd7933e873bf6dd091b667e8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uk.pcmag.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
502645
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53774
x-xss-protection
0
server
sffe
date
Tue, 16 Feb 2021 20:22:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"b7a446e7a0853ea3"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Feb 2022 20:22:44 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/032101070013000/v0/ Frame D83E 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032101070013000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uk.pcmag.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
470134
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4559
x-xss-protection
0
server
sffe
date
Wed, 17 Feb 2021 05:24:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"c3a321a15743f406"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Feb 2022 05:24:35 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/032101070013000/v0/ Frame D83E 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032101070013000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uk.pcmag.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
420557
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27206
x-xss-protection
0
server
sffe
date
Wed, 17 Feb 2021 19:10:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1f991b6a8daa2b14"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Feb 2022 19:10:52 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/032101070013000/v0/ Frame D83E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032101070013000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uk.pcmag.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
300869
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1376
x-xss-protection
0
server
sffe
date
Fri, 19 Feb 2021 04:25:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"512b909f94eb26fb"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 19 Feb 2022 04:25:40 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/032101070013000/v0/ Frame D83E 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032101070013000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uk.pcmag.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
332322
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12793
x-xss-protection
0
server
sffe
date
Thu, 18 Feb 2021 19:41:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1e3ef417618f7e28"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Feb 2022 19:41:27 GMT
css
fonts.googleapis.com/ Frame D83E 		6 KB
701 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=en
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
56e4953af5c01ed820d5e5dc430e77234a87e8d019c38fda46f9f3593cd05e0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://uk.pcmag.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 22 Feb 2021 14:32:29 GMT
server
ESF
date
Mon, 22 Feb 2021 16:00:09 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 Feb 2021 16:00:09 GMT
css
fonts.googleapis.com/ Frame D83E 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500&text=
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2190c16423c2557bcb20ccba2edc176fbeb16e6a3de2b2af297f650aae85a43e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://uk.pcmag.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 22 Feb 2021 15:15:53 GMT
server
ESF
date
Mon, 22 Feb 2021 16:00:09 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 Feb 2021 16:00:09 GMT
truncated
/ Frame D83E 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
84d31164652aa9b5f6644aaadfc19b8c8092c3a58a52faddf51ba2206a2a75c3

Request headers

Referer
https://uk.pcmag.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame C5F1 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=7529&campId=300x250&pubId=51174092&chanId=187124732&placementId=96127892&pubCreative=54467904452&pubOrder=166163612&cb=506000332&adsafe_par&impId=
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.144.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0c67db883ea8997885a9891549e6390f7a7172cc11ec451628050207a6b5903c

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Feb 2021 16:00:09 GMT
content-encoding
gzip
x-server-name
app22.ie.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4873 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvsm-11L7__zuyVctIY3fSzRH1xI_MrpsVgUosjzgLygy7HxPt9VcqteXHzAybtmO-GSf6l6wl8BEqylsIXpWeTTVxbyG3G2cSSK6Dl0MTlSk13CSuIhk8RgF1U39GlkiT3b_zOhFZyPFFoLTZYyf7SAl3tH0Q47yPj0DOS9pfQVoD65AB578bTTtqyhAJcnzCo1cd_0MS5r_zX6wrmCyPpm-f9L_4Hx-Xv3Xj7V7CL8fMsTolWPqECmr4y-Siap-8NI7g4uHiZX5ZDgzXCv1uKrqAM6NZDg69x4NcFkLkSIADbTHnnyDNvd2_vTJ6Gc_B7Nr8&sig=Cg0ArKJSzAST0vRZ3vm-EAE&adurl=
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 22 Feb 2021 16:00:09 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/ Frame 4873 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4db6732268b3d9330df1068351b18e2fd1c1c6da87b5953259b022a19ddfe7a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 15:58:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
107
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7377
x-xss-protection
0
server
cafe
etag
10747045913157086108
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 08 Mar 2021 15:58:22 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame 4873 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 15:57:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
185
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
cafe
etag
8852521427838746165
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 08 Mar 2021 15:57:04 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4873 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1849dfa3c9eecd9464dea7f1279908a5503a9286169ffe8bf05f129ea9ffc8d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1613767888072973"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33369
x-xss-protection
0
expires
Mon, 22 Feb 2021 16:00:09 GMT
l
www.google.com/ads/measurement/ Frame 4873 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQwK6MAsP2h9Ae7-UoiY-Sg2ykJQNdwF_c5EDD-XmVvXyHLqH_GK5v_jB4eov50NL6YIUeCIlJDNa01s6Ugvk2a-xgt7A
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
14042000510175869888
tpc.googlesyndication.com/simgad/ Frame 4873 		105 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14042000510175869888
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82a9fb9242941c851fd4f753cd80b527001df16d7aa894c02471aaa926b35600
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 04:35:47 GMT
x-content-type-options
nosniff
age
300262
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
107421
x-xss-protection
0
last-modified
Thu, 29 Mar 2018 18:26:44 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 19 Feb 2022 04:35:47 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/13042548524435121770/ Frame D83E 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13042548524435121770/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIqgIQqgIYASABLQAAAD8wqgI4qgJFAACAPw&rs=AOga4qlhJGOrkRSsGoay57q6hgfrGgb1Vg
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ec7f73704bdc9197c0fd706b64b41757a2677e17b6c5ba4d106cf74913d3c4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uk.pcmag.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 03:14:56 GMT
x-content-type-options
nosniff
last-modified
Tue, 10 Mar 2020 19:11:18 GMT
server
sffe
age
391513
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22867
x-xss-protection
0
expires
Fri, 18 Feb 2022 03:14:56 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/15296603749399069278/ Frame D83E 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15296603749399069278/downsize_200k_v1?sqp=4sqPyQR5QncIABIUDc3MzD4VAAAAQB0AAAAAJQAAAAAYACIKDQAAgD8VAACAPypPCFoQAR0AALRCIAEoATAGOANAgMLXL0gAUABYAGBacAJ4AIABAIgBAJABAJ0BAACAP6ABAKgBALABgK3iBLgB____________AcUBLbKdPg&rs=AOga4qnEfDyySwhwVGLzZZUR0QuGvaNpVA
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f436785bc97f2355685eb63b307df687c1527dadccab91b321c2244e3633b809
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uk.pcmag.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 15 Feb 2021 21:37:25 GMT
x-content-type-options
nosniff
last-modified
Thu, 11 Jun 2020 18:27:12 GMT
server
sffe
age
584564
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2474
x-xss-protection
0
expires
Tue, 15 Feb 2022 21:37:25 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame D83E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cle0ICdUzYJvjC_yg7_UP29m32Abd1r-_Yci84P7xDN2Xt4wBEAEg5c_rFmD1lc6B4ASgAfW-0csCyAEG4AIAqAMByAMKqgSdAk_QIHhzXnRx9YfEE-7AzePj0D8Tops7iMZjmuSZvRX9yGgYj8imSw0GPKuSlByc5QZC-C8FIoheqiiKvIeDX2ud5a0pnBToRqZm7PB68z8brVfPM-vhR2_qRRhlWU4Nr5ujSE-DqQ0dm2jj-bpwXcjNTRB0LGm3J4KH88b-xd18Vm8EbHQJQg7Xo5DhOgfphm_FLppcdxfes10O2Bx5k1lJRV8QJ6ho7QTm6IQYL_SYJlP_mY01g0alU6YO_DUZ33EVlWA7gzifuVGeUzsYJjFKGm95adlymeHdErM1WINAq9DCee8PSQCWs8mxY10YQ5HcVsNHE9Hbc4v1EE1z6_6dZRIEtE5QpPb5eRFmZ5cHhf9cMmoi5-fni8l-tsAE2PSj77cD4AQBkgUECAQYAZIFBAgFGASgBjeAB_PArrQBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEPjGBdIIBwiAYRABGB2ACgPICwHYEwqyFxoKGAgAEhRwdWItOTkxNDk5MjkxNDkxMDg0Nw&sigh=EHDX-f2mZeM&template_id=492&tpd=AGWhJmtLkQjwb6EoQFsoS90BiTWxwRxBIkY7iU3DJo2CiAn-Nw
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://uk.pcmag.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D83E 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uk.pcmag.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 21 Feb 2021 23:19:19 GMT
x-content-type-options
nosniff
server
cafe
age
60050
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Mon, 22 Feb 2021 23:19:19 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D83E 		295 B
406 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uk.pcmag.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 21 Feb 2021 22:17:05 GMT
x-content-type-options
nosniff
server
cafe
age
63784
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Mon, 22 Feb 2021 22:17:05 GMT
truncated
/ 		554 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
452d1771c6e4f4a4981f681d311aabb02f3b79661e4b3688293506891c4549ad

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
events
prd-collector-anon.ex.co/main/ 		0
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/85f28425-6f28-464b-80f0-545fb7018a84
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.15.110 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://uk.pcmag.com
date
Mon, 22 Feb 2021 16:00:09 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
events
prd-collector-anon.ex.co/main/ 		0
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/85f28425-6f28-464b-80f0-545fb7018a84
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.15.110 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://uk.pcmag.com
date
Mon, 22 Feb 2021 16:00:09 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
events
prd-collector-anon.ex.co/main/ 		0
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/85f28425-6f28-464b-80f0-545fb7018a84
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.15.110 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://uk.pcmag.com
date
Mon, 22 Feb 2021 16:00:09 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame D83E 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=en
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://uk.pcmag.com
Referer
https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=en
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 05:52:34 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:48 GMT
server
sffe
age
295655
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11056
x-xss-protection
0
expires
Sat, 19 Feb 2022 05:52:34 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame D83E 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=en
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://uk.pcmag.com
Referer
https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=en
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 04:25:39 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
300870
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Sat, 19 Feb 2022 04:25:39 GMT
truncated
/ Frame B888 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5270defcc3e90b56488faf76bd73bf69cd7ee772a3d6f145ea97ac6c66196747

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 4873 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
08fe691fefce659d5c56441de333212f935cce73f9a4b8c7d524d62ce4a3a5b5

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
showad.js
ads.pubmatic.com/AdServer/js/ Frame 2590 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1614009609342-925891584731-020540-007-008288%26biddername%3D1%26key%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1614009609342-925891584731-020540-007-008288%26biddername%3D1%26key%3D
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1614009609342-925891584731-020540-007-008288%26biddername%3D1%26key%3D

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=151548
Expires
Wed, 24 Feb 2021 10:05:57 GMT
Date
Mon, 22 Feb 2021 16:00:09 GMT
Connection
keep-alive
Vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame B888 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstDlE7siWEe8hTcgCIN-or-0IvG8gS1lPIKwwoKrjRIJWb4LjIc_jW08PY9OOyncVEzckabT1Li3XeImJrGvXs2cmVVZvDfQhYWrEAOEBNd-f-jSUJksZji_rk8a4TOcFNJrDjalyIUvYlDBGvSWbp1ZOJq1qiXkM_AV9wRE1qrbX-aKpwMjCkRgHDJ0MesFNbkmzeLfsxUFDH8jPukL-v9ofqPga8i_QGxRAc3NedtHWNFEHoLNH2BPCd5InZaHCeBpzFAKhMsluTiR5kK7JwKazQRmVvUVQ--1E8P2cPhrdtI8GOwYFC_yZh0g-tbzai4bMKrfr7JMQ&sig=Cg0ArKJSzLLww3m1Nu6bEAE&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 22 Feb 2021 16:00:10 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 22 Feb 2021 16:00:10 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4873 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstjuiIZDdOZoeONmmhWFiFm0dUcAvSpjX4p6vIcAlOx8rqrIE-IeYmbS-KV4ubg55Ij7Ig0r0oihnj6EqHud5xpVd_MOdZCTX7iOCvOjmAwBCxDJNKC2TSPD9hL_vdC_Y7s51N1LrZQRHlhGRWkrK4Rr289xi07nCMyDNExGwfyLh8O_9iEF0XN2L8VE5xUsUFJyy_9gGtKMOeOu3SWIJ2X_zXcrw7VhmoBxlt-MMdNH-A1_cIZjzjRW8TO0VN5YcwU0NcBAHXTjVC_Ug6BOor_Gf5VJwl1Aj5q06NhynVjhf_cpRueXZF1RosRdQAfwMiH-f5isQ&sig=Cg0ArKJSzIkhIb_3yAByEAE&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 22 Feb 2021 16:00:10 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 22 Feb 2021 16:00:10 GMT
casale
match.adsrvr.org/track/cmf/ Frame 1DF7 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=YDPVCR-5EZdYAaX5Qx7MVwAA&cm_dsp_id=39
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1614009609342-925891584731-020540-007-008288%26biddername%3D42%26key%3D&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.237.129 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1614009609342-925891584731-020540-007-008288%26biddername%3D42%26key%3D&C=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Feb 2021 16:00:10 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 1DF7
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YDPVCR-5EZdYAaX5Qx7MVwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELR6cOmK25S2Sv166zSnFPA&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELR6cOmK25S2Sv166zSnFPA&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1614009609342-925891584731-020540-007-008288%26biddername%3D42%26key%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1614009609342-925891584731-020540-007-008288%26biddername%3D42%26key%3D&C=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Feb 2021 16:00:10 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 22 Feb 2021 16:00:10 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 Feb 2021 16:00:10 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELR6cOmK25S2Sv166zSnFPA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 1DF7
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YDPVCR_5EZdYAaX5Qx7MVwAABGcAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YDPVCR_5EZdYAaX5Qx7MVwAABGcAAAAB&dcc=t
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YDPVCR_5EZdYAaX5Qx7MVwAABGcAAAAB&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1614009609342-925891584731-020540-007-008288%26biddername%3D42%26key%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.232.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1614009609342-925891584731-020540-007-008288%26biddername%3D42%26key%3D&C=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Feb 2021 16:00:10 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 22 Feb 2021 16:00:10 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YDPVCR_5EZdYAaX5Qx7MVwAABGcAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 1DF7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YDPVCR_5EZdYAaX5Qx7MVwAABGcAAAAB
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEFTufj9exooHH8jUPo8Ex1g&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEFTufj9exooHH8jUPo8Ex1g&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1614009609342-925891584731-020540-007-008288%26biddername%3D42%26key%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1614009609342-925891584731-020540-007-008288%26biddername%3D42%26key%3D&C=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Feb 2021 16:00:10 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 22 Feb 2021 16:00:10 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 Feb 2021 16:00:10 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEFTufj9exooHH8jUPo8Ex1g&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 1DF7
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-2c2d0ee2-5895-46df-9205-2d52abf5d92e
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-2c2d0ee2-5895-46df-9205-2d52abf5d92e&C=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-2c2d0ee2-5895-46df-9205-2d52abf5d92e&C=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1614009609342-925891584731-020540-007-008288%26biddername%3D42%26key%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1614009609342-925891584731-020540-007-008288%26biddername%3D42%26key%3D&C=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Feb 2021 16:00:10 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 22 Feb 2021 16:00:10 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 22 Feb 2021 16:00:10 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-2c2d0ee2-5895-46df-9205-2d52abf5d92e&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
304
Expires
Mon, 22 Feb 2021 16:00:10 GMT
bridge
cm.adgrx.com/ Frame 1DF7 		43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1614009609342-925891584731-020540-007-008288%26biddername%3D42%26key%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.170 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1614009609342-925891584731-020540-007-008288%26biddername%3D42%26key%3D&C=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Feb 2021 16:00:10 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
ams-delivery-2
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT
crum
dsum-sec.casalemedia.com/ Frame 1DF7
Redirect Chain
  • https://d.adroll.com/cm/index/ssp
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
1017 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1614009609342-925891584731-020540-007-008288%26biddername%3D42%26key%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1614009609342-925891584731-020540-007-008288%26biddername%3D42%26key%3D&C=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Feb 2021 16:00:10 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 22 Feb 2021 16:00:10 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Mon, 22 Feb 2021 16:00:10 GMT
server
nginx/1.18.0
content-length
76
rum
dsum-sec.casalemedia.com/ Frame 1DF7
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=6e--krvqvcDy77XC7-igxbq6v5Xy7O6Y772Zhgft
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=6e--krvqvcDy77XC7-igxbq6v5Xy7O6Y772Zhgft
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1614009609342-925891584731-020540-007-008288%26biddername%3D42%26key%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1614009609342-925891584731-020540-007-008288%26biddername%3D42%26key%3D&C=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Feb 2021 16:00:10 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 22 Feb 2021 16:00:10 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 Feb 2021 16:00:10 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=6e--krvqvcDy77XC7-igxbq6v5Xy7O6Y772Zhgft
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
cookiesyncendpoint
sync.aniview.com/ Frame 1DF7 		0
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1614009609342-925891584731-020540-007-008288&biddername=42&key=YDPVCR-5EZdYAaX5Qx7MVwAA%261127
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1614009609342-925891584731-020540-007-008288%26biddername%3D42%26key%3D&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.70.106 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1614009609342-925891584731-020540-007-008288%26biddername%3D42%26key%3D&C=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:10 GMT
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=CH&cos=OSX&r=uk.pcmag.com&rs=uk.pcmag.com&sid=11470&t=1614009609&cip=185.156.175.107&sn=&tgt=0&osv=10.14.5&bv=83.0&brn=Chrome&wi=831&he=468&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1614009609342-925891584731-020540-007-008288&cha=0.7&cb=18722107592&cd4=e3a7852b-baed-42a3-bdb4-18a2213dd2f8&cd5=default&d9=0000&AV_WIDTH=831&AV_HEIGHT=468&nid=56ea678d181f46c76f8b45fb&ncid=6019260a91fd901a1a3118e8&e=bid&cb=1614009610015&asid=6019260842581808e0130ea5%2C601926083804054202410299%2C5ee3d57071193a26344a4076&ofpr=%2C%2C&fpo=%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.84.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:10 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame D83E
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date
Mon, 22 Feb 2021 16:00:10 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
usync.js
eus.rubiconproject.com/ Frame 157A 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-50-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
5c5a22c704da51d236b29ae32a979a1a8f06969896795c03807774f6de684507

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 22 Feb 2021 16:00:10 GMT
Content-Encoding
gzip
Last-Modified
Thu, 28 Jan 2021 20:32:24 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=26399
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9309
Expires
Mon, 22 Feb 2021 23:20:09 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/13042548524435121770/ Frame D83E 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13042548524435121770/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIqgIQqgIYASABLQAAAD8wqgI4qgJFAACAPw&rs=AOga4qlhJGOrkRSsGoay57q6hgfrGgb1Vg
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032101070013000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ec7f73704bdc9197c0fd706b64b41757a2677e17b6c5ba4d106cf74913d3c4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uk.pcmag.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 03:14:56 GMT
x-content-type-options
nosniff
last-modified
Tue, 10 Mar 2020 19:11:18 GMT
server
sffe
age
391514
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22867
x-xss-protection
0
expires
Fri, 18 Feb 2022 03:14:56 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/15296603749399069278/ Frame D83E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15296603749399069278/downsize_200k_v1?sqp=4sqPyQR5QncIABIUDc3MzD4VAAAAQB0AAAAAJQAAAAAYACIKDQAAgD8VAACAPypPCFoQAR0AALRCIAEoATAGOANAgMLXL0gAUABYAGBacAJ4AIABAIgBAJABAJ0BAACAP6ABAKgBALABgK3iBLgB____________AcUBLbKdPg&rs=AOga4qnEfDyySwhwVGLzZZUR0QuGvaNpVA
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032101070013000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f436785bc97f2355685eb63b307df687c1527dadccab91b321c2244e3633b809
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uk.pcmag.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 15 Feb 2021 21:37:25 GMT
x-content-type-options
nosniff
last-modified
Thu, 11 Jun 2020 18:27:12 GMT
server
sffe
age
584565
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2474
x-xss-protection
0
expires
Tue, 15 Feb 2022 21:37:25 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D83E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032101070013000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uk.pcmag.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 21 Feb 2021 23:19:19 GMT
x-content-type-options
nosniff
server
cafe
age
60051
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Mon, 22 Feb 2021 23:19:19 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D83E 		295 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032101070013000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uk.pcmag.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 21 Feb 2021 22:17:05 GMT
x-content-type-options
nosniff
server
cafe
age
63785
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Mon, 22 Feb 2021 22:17:05 GMT
main.gr.19.8.168.js
static.adsafeprotected.com/ Frame 4EA6 		178 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.168.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=7529&campId=728x90&pubId=51174092&chanId=187124372&placementId=96127892&pubCreative=41913316652&pubOrder=166163612&cb=1087763091&adsafe_par&impId=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:e600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
73a087a010b8892350ba8ad31513f69291e6e24c5e6284aab77be74806d8d3a7

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 15:24:34 GMT
content-encoding
gzip
age
2137
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 22 Feb 2021 15:09:19 GMT
server
AmazonS3
etag
W/"4dbbbbb80ee8e7f05ec22189f21d8ecd"
vary
Accept-Encoding
x-amz-version-id
1mtuEeLUey_D9G8EhcUNEdTnX3zfBAON
via
1.1 a198ea04052d45eb515f27260bc6c05d.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
PRG50-C1
content-type
application/javascript
x-amz-cf-id
I8d5qnsCfOpy0PVTIkAKmvMLShVIgDVeBRepFrNniZcp7P8KFPZMzg==
main.gr.19.8.167.js
static.adsafeprotected.com/ Frame C5F1 		178 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.167.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=7529&campId=300x250&pubId=51174092&chanId=187124732&placementId=96127892&pubCreative=54467904452&pubOrder=166163612&cb=506000332&adsafe_par&impId=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:e600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
99b2e12efbe13d844c223f6bd7c52cc4f0bdd2f7f7b25f5b6b83857b6067e5ea

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 18:22:33 GMT
content-encoding
gzip
age
337057
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 18 Feb 2021 18:04:04 GMT
server
AmazonS3
etag
W/"7789f7ae0739d75e9add85b2e0f229e7"
vary
Accept-Encoding
x-amz-version-id
BIONpuq56DRJmlS2PE0H3Pxa9Dx9D239
via
1.1 a198ea04052d45eb515f27260bc6c05d.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
PRG50-C1
content-type
application/javascript
x-amz-cf-id
qbmZy8FFpDMk3kzXFv0NNJAb_-HHsyVjJeMIkBEZmwaa8V0cGigOwg==
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 76FD 		326 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9fdc8d6e8ae6ab8c71d6c0efc802ec9eec8c9cbd50dfda8e0924684f1da0b51b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
114825
x-xss-protection
0
expires
Mon, 22 Feb 2021 16:00:10 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 91FF 		326 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9fdc8d6e8ae6ab8c71d6c0efc802ec9eec8c9cbd50dfda8e0924684f1da0b51b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
114825
x-xss-protection
0
expires
Mon, 22 Feb 2021 16:00:10 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 7694 		326 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9fdc8d6e8ae6ab8c71d6c0efc802ec9eec8c9cbd50dfda8e0924684f1da0b51b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
114825
x-xss-protection
0
expires
Mon, 22 Feb 2021 16:00:10 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 2590 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=57203172&p=158554&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
c6f09b5e0a8818d04d7ce12d9aec5177b4b6119b99deb944f4ccfa0f206a1172

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 22 Feb 2021 16:00:08 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
landscapea87e9519-2161-4e14-8cb6-f6ff76872643_1614000684082.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614000936/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614000936/landscapea87e9519-2161-4e14-8cb6-f6ff76872643_1614000684082.ts
Protocol
HTTP/1.1
Server
104.126.36.187 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://uk.pcmag.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Mon, 22 Feb 2021 16:00:10 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
landscapea87e9519-2161-4e14-8cb6-f6ff76872643_1614000684082.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614000936/ 		208 KB
209 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614000936/landscapea87e9519-2161-4e14-8cb6-f6ff76872643_1614000684082.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.126.36.187 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
90ad6d012156e856030c2ed11488e2c82d716d7a518b2bfb652dd55ea3ddb70c

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range
bytes=353816-567007

Response headers

Date
Mon, 22 Feb 2021 16:00:10 GMT
Content-Range
bytes 353816-567007/2225732
Connection
keep-alive
Content-Length
213192
X-Served-By
cache-wdc5534-WDC
Last-Modified
Mon, 22 Feb 2021 13:35:54 GMT
Server
cloudinary
X-Timer
S1614001075.317842,VS0,VE0
ETag
"ea2d82003dd91279bfc91d75e424ee6b"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31549079
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
sca.17.4.114.js
static.adsafeprotected.com/ Frame 7422 		81 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.4.114.js
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:e600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ad9ae0374e0334d2511e951a2381a164fa87ce86594fc027d25a8624774c3c96

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 16:17:08 GMT
content-encoding
gzip
age
3368582
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 13 Jan 2020 23:54:54 GMT
server
AmazonS3
etag
W/"e456dd0e5be3c2494dd734db6c5b965c"
vary
Accept-Encoding
x-amz-version-id
gSPddsS9N0PGtUp2YQy7vCAfLQOR874Z
via
1.1 a198ea04052d45eb515f27260bc6c05d.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
PRG50-C1
content-type
application/javascript
x-amz-cf-id
NIa2gRTtmT83w_GTKQiVkYV46B2oz-7pleic6ApN6IZq4Ukbeyaa5w==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=7529&campId=728x90&pubId=51174092&chanId=187124372&placementId=96127892&pubCreative=41913316652&pubOrder=166163612&cb=1087763091&adsafe_par&impId=&adsafe_url=https%3A%2F%2Fuk.pcmag.com%2Fmacos%2F131862%2Fsilver-sparrow-malware-discovered-on-30k-infected-macs&adsafe_type=abdfq&adsafe_jsinfo=,id:4dc8a202-afab-2be4-497e-47346f25a449,c:4Yca75,sl:inView,em:true,fr:true,mn:app02ie,pt:1-5-15,wc:0.0.1600.1200,ac:436.200.728.90,am:i,cc:436.200.728.90,piv:100,obst:0,th:0,reas:,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:spLlQ62+11|12|13|141|1421|143|144|15|16|17|18|19|1a|1b*.7529|1b1|1c|1d1|1e|1f|1g,idMap:1b*,pl:,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:210,oid:0a09c99a-7527-11eb-b874-02c790015d1e,v:19.8.168,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.144.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Feb 2021 16:00:10 GMT
x-server-name
app05.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
sca.17.4.114.js
static.adsafeprotected.com/ Frame DA3F 		81 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.4.114.js
Requested by
Host: uk.pcmag.com
URL: https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:e600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ad9ae0374e0334d2511e951a2381a164fa87ce86594fc027d25a8624774c3c96

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 16:17:08 GMT
content-encoding
gzip
age
3368582
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 13 Jan 2020 23:54:54 GMT
server
AmazonS3
etag
W/"e456dd0e5be3c2494dd734db6c5b965c"
vary
Accept-Encoding
x-amz-version-id
gSPddsS9N0PGtUp2YQy7vCAfLQOR874Z
via
1.1 a198ea04052d45eb515f27260bc6c05d.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
PRG50-C1
content-type
application/javascript
x-amz-cf-id
iACk3n4pBkGqbRX5-TtXaK68aWvUhUVP--24HbHR6WV1ISf6-5Qybw==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=7529&campId=300x250&pubId=51174092&chanId=187124732&placementId=96127892&pubCreative=54467904452&pubOrder=166163612&cb=506000332&adsafe_par&impId=&adsafe_url=https%3A%2F%2Fuk.pcmag.com%2Fmacos%2F131862%2Fsilver-sparrow-malware-discovered-on-30k-infected-macs&adsafe_type=abdfq&adsafe_jsinfo=,id:c1e29b97-4561-9eb7-14f0-c14dfb489b36,c:4Yca8k,sl:outOfView,em:true,fr:true,mn:app22ie,pt:1-5-15,wc:0.0.1600.1200,ac:1204.1882.300.250,am:i,cc:1204.1882.300.250,piv:0,obst:0,th:0,reas:l,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:spLlQ66+11|12|13|141|1421|143|144|15|16|17|18|19|1a|1b1|1b2|1c|1d*.7529|1d1|1e|1f|1g,idMap:1d*,pl:,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:284,oid:0a0a1800-7527-11eb-825b-06da572054ee,v:19.8.167,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.144.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Feb 2021 16:00:10 GMT
x-server-name
app07.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=7529&asId=4dc8a202-afab-2be4-497e-47346f25a449&tv={c:4Yca8T,pingTime:0,time:321,type:pf,clog:[{piv:100,vs:i,r:,w:728,h:90,t:209}],es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:321,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:209,wc:0.0.1600.1200,ac:436.200.728.90,am:i,cc:436.200.728.90,piv:100,obst:0,th:0,reas:,bkn:{piv:[177~100],as:[177~728.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:spLlQ62+11|12|13|141|1421|143|144|15|16|17|18|19|1a|1b*.7529|1b1|1c|1d1|1e|1f|1g,idMap:1b*,rmeas:1,rend:1,renddet:IMG.qs}&br=u
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.39.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Feb 2021 16:00:10 GMT
X-Server-Name
dt10ami.ami.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
check_c
zdbb.net/ 		0
229 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://zdbb.net/check_c
Requested by
Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.51.193.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Ziff Davis BuyerBase /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Feb 2021 16:00:10 GMT
server
Ziff Davis BuyerBase
p3p
CP="ALL DSP COR NID"
access-control-allow-origin
https://uk.pcmag.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
text/plain; charset=utf-8
content-length
0
expires
0
showad.js
ads.pubmatic.com/AdServer/js/ Frame 36CB 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=6E401453-64A9-4385-B8A7-DD2DDC32D731; chkChromeAb67Sec=1; DPSync3=1615161600%3A201_227_226_221; SyncRTB3=1614556800%3A67_2_15%7C1615161600%3A161_55_189_54_8_78_220_13_22_222_21_7_71_3_204_5_56_81_99_165_223_166_88_176%7C1614816000%3A63%7C1616544000%3A203%7C1615248000%3A35
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=151547
Expires
Wed, 24 Feb 2021 10:05:57 GMT
Date
Mon, 22 Feb 2021 16:00:10 GMT
Connection
keep-alive
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame C920
Redirect Chain
  • https://u.openx.net/w/1.0/pd?us_privacy=1---
  • https://u.openx.net/w/1.0/pd?cc=1&us_privacy=1---
668 B
750 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd?cc=1&us_privacy=1---
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.202.0 /
Resource Hash
25cdf021018456b62450b2f5d5dd4496d00d62a33d886de75aa5f978b81029cf

Request headers

:method
GET
:authority
u.openx.net
:scheme
https
:path
/w/1.0/pd?cc=1&us_privacy=1---
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=03801dff-b75b-47f8-8c36-9ba17f5cc848|1614009610
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=03801dff-b75b-47f8-8c36-9ba17f5cc848|1614009610; Version=1; Expires=Tue, 22-Feb-2022 16:00:10 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1614009610|gekin0vNiygu; Version=1; Expires=Tue, 09-Mar-2021 16:00:10 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.202.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Mon, 22 Feb 2021 16:00:10 GMT
content-type
text/html
content-length
417
content-encoding
gzip
via
1.1 google
alt-svc
clear

Redirect headers

set-cookie
i=03801dff-b75b-47f8-8c36-9ba17f5cc848|1614009610; Version=1; Expires=Tue, 22-Feb-2022 16:00:10 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.202.0
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://u.openx.net/w/1.0/pd?cc=1&us_privacy=1---
date
Mon, 22 Feb 2021 16:00:10 GMT
content-length
0
via
1.1 google
alt-svc
clear
bridge3.443.0_en.html
imasdk.googleapis.com/js/core/ Frame C227 		576 KB
188 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.443.0_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6cdd9ff0d35d7ccf8e2092985f761c9a06fc2126fd3caceed43adfac938a1a83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.443.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
192659
date
Thu, 18 Feb 2021 19:41:26 GMT
expires
Fri, 18 Feb 2022 19:41:26 GMT
last-modified
Wed, 17 Feb 2021 22:18:32 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
332324
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 91FF 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10523
x-xss-protection
0
expires
Mon, 22 Feb 2021 16:00:10 GMT
bridge3.443.0_en.html
imasdk.googleapis.com/js/core/ Frame 9F0E 		576 KB
189 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.443.0_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6cdd9ff0d35d7ccf8e2092985f761c9a06fc2126fd3caceed43adfac938a1a83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.443.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
192659
date
Thu, 18 Feb 2021 19:41:26 GMT
expires
Fri, 18 Feb 2022 19:41:26 GMT
last-modified
Wed, 17 Feb 2021 22:18:32 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
332324
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 76FD 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10523
x-xss-protection
0
expires
Mon, 22 Feb 2021 16:00:10 GMT
bridge3.443.0_en.html
imasdk.googleapis.com/js/core/ Frame 343A 		576 KB
188 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.443.0_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6cdd9ff0d35d7ccf8e2092985f761c9a06fc2126fd3caceed43adfac938a1a83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.443.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
192659
date
Thu, 18 Feb 2021 19:41:26 GMT
expires
Fri, 18 Feb 2022 19:41:26 GMT
last-modified
Wed, 17 Feb 2021 22:18:32 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
332324
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 7694 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10523
x-xss-protection
0
expires
Mon, 22 Feb 2021 16:00:10 GMT
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame FE3B
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2171332683830403272
42 B
849 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2171332683830403272
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=57203172&p=158554&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Date
Mon, 22 Feb 2021 15:41:02 GMT
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Set-Cookie
KRTBCOOKIE_336=5844-2171332683830403272; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 24-Mar-2021 15:41:02 GMT; path=/ PugT=1614008462; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 24-Mar-2021 15:41:02 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 23-May-2021 15:41:02 GMT; path=/
X-lat
Pug22075:0:249
Content-Length
42
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Pragma
no-cache
X-Cnection
close
Content-Type
image/gif; charset=utf-8

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2171332683830403272
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 1669 		43 B
325 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=57203172&p=158554&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/AdServer/js/showad.js
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Mon, 22 Feb 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks
823
x-powered-by
ASP.NET
date
Mon, 22 Feb 2021 16:00:17 GMT
content-length
43
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame 3A30
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDRTdrN0FaNm9BQUJEWEx1UVFjdw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACE7k7AZ6oAABDXLuQQcw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_curre...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=5952543493786370114
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACE7k7AZ6oAABDXLuQQcw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D5952543493786370114%26bee_sync_partners%3Dpm%26bee_sync...
  • https://match.prod.bidr.io/cookie-sync?userid=5952543493786370114&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AACE7k7AZ6oAABDXLuQQcw&pid=558502&d...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACE7k7AZ6oAABDXLuQQcw
42 B
853 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACE7k7AZ6oAABDXLuQQcw
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=57203172&p=158554&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KRTBCOOKIE_1101=23040-6932118520472926348; PUBMDCID=3; KRTBCOOKIE_409=22966-bivVlFwF9iLKI33i01nOWXGA&KRTB&23212-bivVlFwF9iLKI33i01nOWXGA; KRTBCOOKIE_107=1471-uid:BHCUr5Nr1LedDb5; KRTBCOOKIE_391=22924-8520028515291496594; KRTBCOOKIE_594=17105-OPTOUT&KRTB&17107-OPTOUT; PugT=1614009617
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Date
Mon, 22 Feb 2021 15:41:10 GMT
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Set-Cookie
KRTBCOOKIE_699=22727-AACE7k7AZ6oAABDXLuQQcw; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 24-Mar-2021 15:41:10 GMT; path=/ PugT=1614008470; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 24-Mar-2021 15:41:10 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 23-May-2021 15:41:10 GMT; path=/
X-lat
Pug22076:0:240
Content-Length
42
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Pragma
no-cache
X-Cnection
close
Content-Type
image/gif; charset=utf-8

Redirect headers

Date
Mon, 22 Feb 2021 16:00:18 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACE7k7AZ6oAABDXLuQQcw
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 3706
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6932118520472926348
42 B
851 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6932118520472926348
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=57203172&p=158554&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Date
Mon, 22 Feb 2021 16:00:17 GMT
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Set-Cookie
KRTBCOOKIE_1101=23040-6932118520472926348; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 24-Mar-2021 16:00:17 GMT; path=/ PugT=1614009617; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 24-Mar-2021 16:00:17 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 23-May-2021 16:00:17 GMT; path=/
X-lat
Pug22069:0:310
Content-Length
42
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Pragma
no-cache
X-Cnection
close
Content-Type
image/gif; charset=utf-8

Redirect headers

Server
nginx
Date
Mon, 22 Feb 2021 16:00:17 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=6932118520472926348; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6932118520472926348
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame 8C8A
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=bivVlFwF9iLKI33i01nOWXGA
42 B
1015 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=bivVlFwF9iLKI33i01nOWXGA
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=57203172&p=158554&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Date
Mon, 22 Feb 2021 16:00:17 GMT
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
Set-Cookie
KRTBCOOKIE_409=22966-bivVlFwF9iLKI33i01nOWXGA&KRTB&23212-bivVlFwF9iLKI33i01nOWXGA; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 24-Mar-2021 16:00:17 GMT; path=/ PugT=1614009617; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 24-Mar-2021 16:00:17 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 23-May-2021 16:00:17 GMT; path=/
X-lat
Pug22010:0:334
Content-Length
42
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Pragma
no-cache
X-Cnection
close
Content-Type
image/gif; charset=utf-8

Redirect headers

server
openresty
date
Mon, 22 Feb 2021 16:00:17 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie
u=bivVlFwF9iLKI33i01nOWXGA; Max-Age=63072000; Domain=.erne.co; Path=/; Secure; SameSite=None
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=bivVlFwF9iLKI33i01nOWXGA
strict-transport-security
max-age=0; includeSubDomains;
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame C56C
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
42 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=57203172&p=158554&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KRTBCOOKIE_1101=23040-6932118520472926348; PugT=1614009617; PUBMDCID=3; KRTBCOOKIE_409=22966-bivVlFwF9iLKI33i01nOWXGA&KRTB&23212-bivVlFwF9iLKI33i01nOWXGA; KRTBCOOKIE_107=1471-uid:BHCUr5Nr1LedDb5
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Date
Mon, 22 Feb 2021 16:00:17 GMT
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Set-Cookie
KRTBCOOKIE_594=17105-OPTOUT&KRTB&17107-OPTOUT; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 23-May-2021 16:00:17 GMT; path=/ PugT=1614009617; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 24-Mar-2021 16:00:17 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 23-May-2021 16:00:17 GMT; path=/
X-lat
Pug22033:0:476
Content-Length
42
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Pragma
no-cache
X-Cnection
close
Content-Type
image/gif; charset=utf-8

Redirect headers

Server
Tengine
Date
Mon, 22 Feb 2021 16:00:17 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
no-store, no-cache, must-revalidate
Expires
0
Pragma
no-cache
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
ETag
OPTOUT
bridge
cm.adgrx.com/ Frame 77AF 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=57203172&p=158554&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.170 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host
cm.adgrx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Date
Mon, 22 Feb 2021 16:00:10 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-2
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
i.match
s.tribalfusion.com/z/ Frame 3E31
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
565 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=57203172&p=158554&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/AdServer/js/showad.js
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=aYnoeUyKalVobWmaZaBZdZagSWGrZaVWfCZbGPZdB4mMEB
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

date
Mon, 22 Feb 2021 16:00:11 GMT
content-type
image/gif; charset=utf-8
content-length
43
set-cookie
__cfduid=dd66c5f8b4732dc8e68e18b99066d3dc11614009611; expires=Wed, 24-Mar-21 16:00:11 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=alnsIHtZdPufm7SpBnAoMlZditJoMhZbAZbuomUqT1hbg6BaqZaNZaYaY5aZaanlZcKLD1NFmLZaPfbYTFPExf3SGFXQ0fNV3; path=/; domain=.tribalfusion.com; expires=Sun, 23-May-2021 16:00:11 GMT; SameSite=None; Secure; ANON_ID_old=alnsIHtZdPufm7SpBnAoMlZditJoMhZbAZbuomUqT1hbg6BaqZaNZaYaY5aZaanlZcKLD1NFmLZaPfbYTFPExf3SGFXQ0fNV3; path=/; domain=.tribalfusion.com; expires=Sun, 23-May-2021 16:00:11 GMT;
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
cf-request-id
086c114b4c0000cc563b9f9000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6259eb25481dcc56-ZRH
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Mon, 22 Feb 2021 16:00:11 GMT
content-type
text/html
set-cookie
__cfduid=de9f341f681702e5ad3cad8204ce238281614009610; expires=Wed, 24-Mar-21 16:00:10 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=aYnoeUyKalVobWmaZaBZdZagSWGrZaVWfCZbGPZdB4mMEB; path=/; domain=.tribalfusion.com; expires=Sun, 23-May-2021 16:00:10 GMT; SameSite=None; Secure; ANON_ID_old=aYnoeUyKalVobWmaZaBZdZagSWGrZaVWfCZbGPZdB4mMEB; path=/; domain=.tribalfusion.com; expires=Sun, 23-May-2021 16:00:10 GMT;
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
2191
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
cf-request-id
086c114a790000cc563621a000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6259eb23fcfdcc56-ZRH
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame E264
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=knkG3Zm2zLqN&pid=557219
1 B
543 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=knkG3Zm2zLqN&pid=557219
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=57203172&p=158554&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KRTBCOOKIE_1101=23040-6932118520472926348; PUBMDCID=3; KRTBCOOKIE_409=22966-bivVlFwF9iLKI33i01nOWXGA&KRTB&23212-bivVlFwF9iLKI33i01nOWXGA; KRTBCOOKIE_107=1471-uid:BHCUr5Nr1LedDb5; KRTBCOOKIE_391=22924-8520028515291496594; KRTBCOOKIE_594=17105-OPTOUT&KRTB&17107-OPTOUT; PugT=1614009617
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Date
Mon, 22 Feb 2021 16:00:17 GMT
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Set-Cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 23-May-2021 16:00:17 GMT; path=/
X-lat
Pug22026:0:489
Content-Length
1
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Pragma
no-cache
X-Cnection
close
Content-Type
text/html; charset=utf-8

Redirect headers

p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server
bh-deployment-75d6d6d469-kxqmx
cache-control
private, max-age=0, no-cache, no-store
expires
-1
content-language
en-US
set-cookie
V=knkG3Zm2zLqN;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Thu, 17-Feb-2022 16:00:17 GMT;Max-Age=31104000;SameSite=None INGRESSCOOKIE=7554d27d633d15ef; path=/; HttpOnly; Secure; SameSite=None
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=knkG3Zm2zLqN&pid=557219
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 6B48
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=3fb505d1-1d4f-4712-9482-3145a25063e1-tuct72d5a91&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=3fb505d1-1d4f-4712-9482-3145a25063e1-tuct72d5a91&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=57203172&p=158554&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.taboola.com
:scheme
https
:path
/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=3fb505d1-1d4f-4712-9482-3145a25063e1-tuct72d5a91&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/AdServer/js/showad.js
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
t_gid=3fb505d1-1d4f-4712-9482-3145a25063e1-tuct72d5a91
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

server
nginx
accept-ranges
bytes
date
Mon, 22 Feb 2021 16:00:17 GMT
via
1.1 varnish
x-served-by
cache-fra19183-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1614009618.802541,VS0,VE8
content-length
0

Redirect headers

server
nginx
set-cookie
t_gid=3fb505d1-1d4f-4712-9482-3145a25063e1-tuct72d5a91;Version=1;Path=/;Domain=.taboola.com;Expires=Tue, 22-Feb-2022 16:00:17 GMT;Max-Age=31536000;Secure;SameSite=None
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=3fb505d1-1d4f-4712-9482-3145a25063e1-tuct72d5a91&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Mon, 22 Feb 2021 16:00:17 GMT
via
1.1 varnish
x-served-by
cache-fra19183-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1614009618.716148,VS0,VE58
x-vcl-time-ms
58
content-length
0
check
pixel.tapad.com/idsync/ex/receive/ Frame 07CD
Redirect Chain
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID}
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
95 B
165 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=57203172&p=158554&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
Jetty(9.4.28.v20200408) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
pixel.tapad.com
:scheme
https
:path
/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/AdServer/js/showad.js
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
TapAd_TS=1614009612143; TapAd_DID=0b769ff3-7527-11eb-b8dc-ae4ad7c33d24
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

date
Mon, 22 Feb 2021 16:00:12 GMT
strict-transport-security
max-age=31536000
content-type
image/png
content-length
95
server
Jetty(9.4.28.v20200408)
via
1.1 google
alt-svc
clear

Redirect headers

date
Mon, 22 Feb 2021 16:00:12 GMT
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie
TapAd_TS=1614009612143;Expires=Fri, 23 Apr 2021 16:00:12 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None TapAd_DID=0b769ff3-7527-11eb-b8dc-ae4ad7c33d24;Expires=Fri, 23 Apr 2021 16:00:12 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
content-length
0
server
Jetty(9.4.28.v20200408)
via
1.1 google
alt-svc
clear
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 42B4
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:BHCUr5Nr1LedDb5&gdpr=0&gdpr_consent=
42 B
849 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:BHCUr5Nr1LedDb5&gdpr=0&gdpr_consent=
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=57203172&p=158554&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KRTBCOOKIE_1101=23040-6932118520472926348; PugT=1614009617; PUBMDCID=3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Date
Mon, 22 Feb 2021 16:00:17 GMT
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Set-Cookie
KRTBCOOKIE_107=1471-uid:BHCUr5Nr1LedDb5; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 23-May-2021 16:00:17 GMT; path=/ PugT=1614009617; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 24-Mar-2021 16:00:17 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 23-May-2021 16:00:17 GMT; path=/
X-lat
Pug22072:0:410
Content-Length
42
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Pragma
no-cache
X-Cnection
close
Content-Type
image/gif; charset=utf-8

Redirect headers

Cache-Control
no-cache, must-revalidate
Date
Mon, 22 Feb 2021 16:00:16 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:BHCUr5Nr1LedDb5&gdpr=0&gdpr_consent=
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Pragma
no-cache
Server
PingMatch/v2.0.30-619-g1028223#rel-ec2-master i-05a1c1cf6bbf9fe9a@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Set-Cookie
wfivefivec=BHCUr5Nr1LedDb5; Domain=.w55c.net; Expires=Tue, 22-Mar-2022 16:00:17 GMT; Path=/; SameSite=None; Secure matchpubmatic=5; Domain=.w55c.net; Expires=Wed, 24-Mar-2021 16:00:17 GMT; Path=/; SameSite=None; Secure
Content-Length
0
Connection
keep-alive
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2590
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=bkAUU2SpQ4W4p90t3DLXMQ%3D%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=bkAUU2SpQ4W4p90t3DLXMQ%3D%3D&google_tc=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 22 Feb 2021 16:00:10 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1300708-1f78-5b232eb4914bb"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
max-age=77042
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
2654
Expires
Tue, 23 Feb 2021 13:24:12 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 Feb 2021 16:00:10 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 2590 		95 B
594 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=6E401453-64A9-4385-B8A7-DD2DDC32D731
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:11 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6259eb222d1ec272-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
086c1149550000c27297ae0000000001
info2
uipglob.semasio.net/pubmatic/1/ Frame 2590
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=6E401453-64A9-4385-B8A7-DD2DDC32D731&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=6E401453-64A9-4385-B8A7-DD2DDC32D731&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=6E401453-64A9-4385-B8A7-DD2DDC32D731&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Feb 2021 16:00:15 GMT
frontend-id
6
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 Feb 2021 16:00:15 GMT
frontend-id
4
location
/pubmatic/1/info2?sType=sync&sExtCookieId=6E401453-64A9-4385-B8A7-DD2DDC32D731&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame 2590
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=6E401453-64A9-4385-B8A7-DD2DDC32D731&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=6E401453-64A9-4385-B8A7-DD2DDC32D731&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=6E401453-64A9-4385-B8A7-DD2DDC32D731&addseg=31
7 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=6E401453-64A9-4385-B8A7-DD2DDC32D731&addseg=31
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 22 Feb 2021 16:00:17 GMT
Connection
keep-alive
Content-Length
7
Content-Type
text/plain; charset=utf-8

Redirect headers

date
Mon, 22 Feb 2021 16:00:17 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=6E401453-64A9-4385-B8A7-DD2DDC32D731&addseg=31
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
135
Pug
image2.pubmatic.com/AdServer/ Frame 2590
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NkU0MDE0NTMtNjRBOS00Mzg1LUI4QTctREQyRERDMzJENzMx&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NkU0MDE0NTMtNjRBOS00Mzg1LUI4QTctREQyRERDMzJENzMx&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
585 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Mon, 22 Feb 2021 16:00:11 GMT
X-lat
Pug22015:0:1228
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Mon, 22 Feb 2021 16:00:10 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 2590
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDnjVG4mWOFQy7DW9q4TTFs&google_cver=1
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDnjVG4mWOFQy7DW9q4TTFs&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Mon, 22 Feb 2021 16:00:11 GMT
X-lat
Pug22001:0:599
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Mon, 22 Feb 2021 16:00:10 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDnjVG4mWOFQy7DW9q4TTFs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 2590 		43 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:17 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 21 Feb 2021 16:00:17 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 2590
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=0d1e756f-abce-4cb6-9bea-f851dba09aca
42 B
962 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=0d1e756f-abce-4cb6-9bea-f851dba09aca
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Mon, 22 Feb 2021 16:00:12 GMT
X-lat
Pug22035:0:470
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Mon, 22 Feb 2021 16:00:10 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=0d1e756f-abce-4cb6-9bea-f851dba09aca
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
simage2.pubmatic.com/AdServer/ Frame 2590
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8520028515291496594
42 B
851 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8520028515291496594
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Mon, 22 Feb 2021 15:41:09 GMT
X-lat
Pug22076:0:2322
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Mon, 22 Feb 2021 16:00:17 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8520028515291496594
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 2590
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:24ad6033-d50b-4200-9ad7-d444e7a3f355&gdpr=0&gdpr_consent=
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:24ad6033-d50b-4200-9ad7-d444e7a3f355&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Mon, 22 Feb 2021 16:00:12 GMT
X-lat
Pug22054:0:492
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Date
Mon, 22 Feb 2021 16:00:08 GMT
Server
MT3 3518 2f03077 master zrh-pixel-x24
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:24ad6033-d50b-4200-9ad7-d444e7a3f355&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 22 Feb 2021 16:00:07 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 2590
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=401048334689360585&gdpr=0&gdpr_consent=
42 B
848 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=401048334689360585&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Mon, 22 Feb 2021 16:00:11 GMT
X-lat
Pug22055:0:780
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Mon, 22 Feb 2021 16:00:10 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 721.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.240:80
AN-X-Request-Uuid
2810819c-4825-401a-aec9-2d4aceb4783d
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=401048334689360585&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 2590
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=6E401453-64A9-4385-B8A7-DD2DDC32D731&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=6E401453-64A9-4385-B8A7-DD2DDC32D731&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-RxmiZpZ1l2Ljp7FX3kaJufKOslqjZWQ-&gdpr=0&gdpr_consent=
0
587 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-RxmiZpZ1l2Ljp7FX3kaJufKOslqjZWQ-&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Date
Mon, 22 Feb 2021 16:00:12 GMT
Content-Encoding
gzip
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-cache
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8

Redirect headers

Date
Mon, 22 Feb 2021 16:00:12 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-RxmiZpZ1l2Ljp7FX3kaJufKOslqjZWQ-&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
6E401453-64A9-4385-B8A7-DD2DDC32D731
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 2590 		43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/6E401453-64A9-4385-B8A7-DD2DDC32D731?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:11 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 2590
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://prod.perf-serving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=366&expires=14&user_id=b5409027-e4d8-4ae2-b83e-8f15e7d09ad1&ssp=pubmatic&user_group=1
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1cd2b2a5-ec3e-4230-9471-ea577ae0b6c1&gdpr=&gdpr_consent=&gdpr_pd=
1 B
825 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1cd2b2a5-ec3e-4230-9471-ea577ae0b6c1&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Mon, 22 Feb 2021 16:00:12 GMT
X-lat
Pug22017:0:589
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1cd2b2a5-ec3e-4230-9471-ea577ae0b6c1&gdpr=&gdpr_consent=&gdpr_pd=
date
Mon, 22 Feb 2021 16:00:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame 2590
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8fi9SqP9vhjqqutBpq6jS6T87E3q_rwY8Pjm9tUm
42 B
923 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8fi9SqP9vhjqqutBpq6jS6T87E3q_rwY8Pjm9tUm
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Mon, 22 Feb 2021 16:00:11 GMT
X-lat
Pug22031:0:616
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Mon, 22 Feb 2021 16:00:11 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8fi9SqP9vhjqqutBpq6jS6T87E3q_rwY8Pjm9tUm
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 2590
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8477461954459000418&gdpr=0&gdpr_consent=&us_privacy=
1 B
807 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8477461954459000418&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Mon, 22 Feb 2021 16:00:12 GMT
X-lat
Pug22016:0:688
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8477461954459000418&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 22 Feb 2021 16:00:10 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 2590
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
85 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YDPVCwAAAKstWVZV
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.3.8.v20160314) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Feb 2021 16:00:11 GMT
via
1.1 varnish
server
Jetty(9.3.8.v20160314)
age
1665
x-served-by
cache-hhn4031-HHN
x-cache
HIT
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
x-timer
S1614009612.573344,VS0,VE0
content-length
85
x-cache-hits
14109

Redirect headers

pragma
no-cache
date
Mon, 22 Feb 2021 16:00:11 GMT
via
1.1 varnish
server
Jetty(9.3.8.v20160314)
x-timer
S1614009611.446145,VS0,VE95
x-served-by
cache-hhn4031-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YDPVCwAAAKstWVZV
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
x-cache-hits
0
Pug
image2.pubmatic.com/AdServer/ Frame 2590
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=d5098916-d31d-4fc7-a5dc-9fd352e31b35-6033d50c-4348&gdpr=0&gdpr_consent=
42 B
881 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=d5098916-d31d-4fc7-a5dc-9fd352e31b35-6033d50c-4348&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Mon, 22 Feb 2021 16:00:12 GMT
X-lat
Pug22036:0:2170
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Mon, 22 Feb 2021 16:00:12 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=d5098916-d31d-4fc7-a5dc-9fd352e31b35-6033d50c-4348&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
current
pubmatic-match.dotomi.com/match/bounce/ Frame 2590 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=6E401453-64A9-4385-B8A7-DD2DDC32D731&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Feb 2021 16:00:12 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 2590
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:34608b61-e42d-4952-8882-a03a3d99ffce&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
585 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:34608b61-e42d-4952-8882-a03a3d99ffce&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Mon, 22 Feb 2021 16:00:12 GMT
X-lat
Pug22036:0:780
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:34608b61-e42d-4952-8882-a03a3d99ffce&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Mon, 22 Feb 2021 16:00:12 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
ImgSync
image8.pubmatic.com/AdServer/ Frame 2590
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=401048334689360585
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
545 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 22 Feb 2021 16:00:13 GMT
Cache-Control
private,max-age=86400
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Date
Mon, 22 Feb 2021 15:41:01 GMT
X-Cnection
close
X-lat
Pug22074:0:232
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Content-Length
400
Content-Type
text/html; charset=iso-8859-1
Pug
simage2.pubmatic.com/AdServer/ Frame 2590
Redirect Chain
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_c5f7405e-7e56-4a34-bdaa-b275729c803d
42 B
870 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_c5f7405e-7e56-4a34-bdaa-b275729c803d
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Mon, 22 Feb 2021 16:00:12 GMT
X-lat
Pug22072:0:510
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_c5f7405e-7e56-4a34-bdaa-b275729c803d
date
Mon, 22 Feb 2021 16:00:12 GMT
p3p
CP="This is not a P3P policy"
server
nginx
timing-allow-origin
*
content-length
0
content-language
en-US
dt
dt.adsafeprotected.com/ 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=7529&asId=4dc8a202-afab-2be4-497e-47346f25a449&tv={c:4YcaaL,pingTime:-2,time:437,type:a,im:{sf:0,pom:1,prf:{beA:496,beZ:498,mfA:635,cmA:636,inA:637,inZ:660,prA:660,prZ:676,si:706,poA:707,poZ:721,cmZ:721,mfZ:721,loA:818,loZ:821,ltA:933,ltZ:933}},sca:{dfp:{df:4,sz:728.90,dom:div}},env:{gca:true,gcd:{appl:0,cnst:1,glbl:0,mtdt:BO3ulHHO3ulHHASABAAADWAAAAAAAA},cca:true,ccd:{version:1,uspString:1---},gca2:true,gcd2:{appl:0,cnst:na}},clog:[{piv:100,vs:i,r:,w:728,h:90,t:209}],es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:438,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:209,wc:0.0.1600.1200,ac:436.200.728.90,am:i,cc:436.200.728.90,piv:100,obst:0,th:0,reas:,bkn:{piv:[294~100],as:[294~728.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:spLlQ62+11|12|13|141|1421|143|144|15|16|17|18|19|1a|1b*.7529|1b1|1c|1d.7529|1d1|1e|1f|1g,idMap:1b*,rmeas:1,rend:1,renddet:IMG.qs,slid:[google_ads_iframe_/4585/PCMag.com_International/PCMAG_INT_ATF_Leader_0,google_ads_iframe_/4585/PCMag.com_International/PCMAG_INT_ATF_Leader_0__container__,zad-billboard-1],sinceFw:226,readyFired:true}&br=u
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.39.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Feb 2021 16:00:10 GMT
X-Server-Name
dt10ami.ami.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=7529&asId=c1e29b97-4561-9eb7-14f0-c14dfb489b36&tv={c:4Ycabd,pingTime:-2,time:461,type:a,im:{sf:0,pom:1,prf:{beA:430,beZ:432,mfA:655,cmA:657,inA:657,inZ:664,prA:664,prZ:698,si:714,poA:714,poZ:730,cmZ:730,mfZ:730,loA:763,loZ:765,ltA:866,ltZ:866}},sca:{dfp:{df:4,sz:300.250,dom:div}},env:{gca:true,gcd:{appl:0,cnst:1,glbl:0,mtdt:BO3ulHHO3ulHHASABAAADWAAAAAAAA},cca:true,ccd:{version:1,uspString:1---},gca2:true,gcd2:{appl:0,cnst:na}},clog:[{piv:0,vs:o,r:l,w:300,h:250,t:282}],es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:461,n:0,pp:0,pm:0},slEvents:[{sl:o,t:282,wc:0.0.1600.1200,ac:1204.1882.300.250,am:i,cc:1204.1882.300.250,piv:0,obst:0,th:0,reas:l,bkn:{piv:[232~0],as:[232~300.250]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:spLlQ62+11|12|13|141|1421|143|144|15|16|17|18|19|1a|1b.7529|1b1|1b2|1c|1d*.7529|1d1|1e|1f|1g,idMap:1d*,rmeas:1,rend:1,renddet:DIV.qs.sn,slid:[google_ads_iframe_/4585/PCMag.com_International/PCMAG_INT_BTF_mpu_0,google_ads_iframe_/4585/PCMag.com_International/PCMAG_INT_BTF_mpu_0__container__,zad-halfpage-2],sinceFw:152,readyFired:true}&br=u
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.39.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Feb 2021 16:00:10 GMT
X-Server-Name
dt10ami.ami.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
integrator.js
adservice.google.com/adsid/ Frame 91FF 		109 B
169 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=uk.pcmag.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 22 Feb 2021 16:00:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 76FD 		109 B
169 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=uk.pcmag.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 22 Feb 2021 16:00:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 7694 		109 B
169 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=uk.pcmag.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 22 Feb 2021 16:00:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 35A2 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 15:15:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
age
2698
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
expires
Mon, 22 Feb 2021 16:15:12 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame D5BE 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 15:15:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
age
2698
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
expires
Mon, 22 Feb 2021 16:15:12 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021021101&jk=3673414383207411&bg=!ysmlyYrNAAXRs2QT0TsAKQB2-DxaKbJRkohBko5Qweqztt-DxoMKjQXUxZMHY_jAM1Yi1y5rZ89OAgAAAtJSAAAAr2gBBwoAxYb0oBqPUQ5XbnK1fV0hhpq7p8yXsOjehF0hg6mcNqJrJ_PA-tgKmKznazn1w9xROZD3gt4z6pIvgqFq9xgskERdAEkx_hFlq5HmaF6LiNESXdgdtU1gcDDKe7X2MZb2d26SCDRUIix98ZZYz2Cb46srYENC1jvTJXwUP-Z0jL3MKimzDC7Rs1ipc7_kPujPr-cVCmwO2t2MhzrXj-N3H-a7CfydcTSfgsbdtoIqKW1L0_mUKK7GmiVRTdCXUgh793xYwbEZmQHWTTe5z2ZByCcZrGFR---k5Db4mjaiEHWmdM_2AZoB7vjqZeY7RP4h6X7ZHpFuGRMqy4jrEoMjzbcWVapm3ZGQGrpaaRD5BvFcxpUxeBQRrqfHf8pNGpkZLJ3gKpDeIlnomkRjIgaaFr-prEVcB_8AQMvmcpBtMnVs7LX4cRjNV2LRIBRbWAxLzw4X6y_BY9l5IILKPrsREtYxf5PCFCylPHiR-WWLmrCgwLsBqVsJqR2_-ZBlRECmLeWBUhSGAv2HYdxMvCeMaSDhjvD6cs6Uu9EE5n12OYQeh73Wwr0jHwa8iwU8kT7htjLw54T7ATcJSOd0m30k-HNazcZsGpam4uYeFaJjcW2SFyj9hMelBP36n5Vxx7fvPNDpaWA2oWt8nPB44_WNPNeOSKRGVusvSUwRum761YKO1gyjzTY-MtqBZot7bbckxS9H08CBPwcEfu6aF8LnPi74_N_PV11sr0P5hfIu-uZD84udjLcY-ISvCYbY6Dasg93ARr8i_2ATEvfhHHGFGaJxQYRpnp1lQFIDCkwSFdD0Gi_INb_4xcMO0ZZnnODjyCE5DsqBk1JH6gsSdInG7DxBrqM3ZmnJ82KtU-KjVzLB5uf17rYfdl7DVughI7g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Feb 2021 16:00:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 1206 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 15:15:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
age
2698
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
expires
Mon, 22 Feb 2021 16:15:12 GMT
khaos.jpg
token.rubiconproject.com/ Frame 157A 		284 B
921 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Content-Type
image/jpg
PugMaster
image6.pubmatic.com/AdServer/ Frame 36CB 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=81230589&p=158901&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
3260173852537e6feb3471548292ad9cb79b924ced5442c7056b0a6dbca00377

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 22 Feb 2021 16:00:10 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
1234
Content-Type
text/html; charset=UTF-8
sd
eu-u.openx.net/w/1.0/ Frame C920
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=0fb46033-d50b-4a00-88ec-3b2f0117701d
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=0fb46033-d50b-4a00-88ec-3b2f0117701d
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.202.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/w/1.0/pd?cc=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Feb 2021 16:00:12 GMT
via
1.1 google
server
OXGW/16.202.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Mon, 22 Feb 2021 16:00:08 GMT
Server
MT3 3518 2f03077 master zrh-pixel-x14
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=0fb46033-d50b-4a00-88ec-3b2f0117701d
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 22 Feb 2021 16:00:07 GMT
sd
us-u.openx.net/w/1.0/ Frame C920
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=AYlEDlOMR1wa2xIFVt9aD1SNFQkaj0VcAIn_iNgm
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=AYlEDlOMR1wa2xIFVt9aD1SNFQkaj0VcAIn_iNgm
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.202.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/w/1.0/pd?cc=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Feb 2021 16:00:10 GMT
via
1.1 google
server
OXGW/16.202.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 Feb 2021 16:00:10 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=AYlEDlOMR1wa2xIFVt9aD1SNFQkaj0VcAIn_iNgm
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame C920
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3282073050862722575
  • https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=3282073050862722575
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=3282073050862722575
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.202.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/w/1.0/pd?cc=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Feb 2021 16:00:17 GMT
via
1.1 google
server
OXGW/16.202.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=3282073050862722575
date
Mon, 22 Feb 2021 16:00:17 GMT
via
1.1 google
server
OXGW/16.202.0
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
openx
match.adsrvr.org/track/cmf/ Frame C920 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=d02c22a6-1edc-780f-d6e0-53491b7bfbb5&gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.237.129 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://u.openx.net/w/1.0/pd?cc=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Feb 2021 16:00:10 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame C920 		170 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZmM0M2YxNmMtZDdhYi0yNmFiLWMzMDAtMDlmMGQxOTkzNWQ1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1&us_privacy=1---
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://u.openx.net/w/1.0/pd?cc=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Feb 2021 16:00:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame C920
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELnWrnXMJniTS-ZgjOTaYYw&google_cver=1
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELnWrnXMJniTS-ZgjOTaYYw&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.202.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/w/1.0/pd?cc=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Feb 2021 16:00:10 GMT
via
1.1 google
server
OXGW/16.202.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 Feb 2021 16:00:10 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELnWrnXMJniTS-ZgjOTaYYw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
landscapea87e9519-2161-4e14-8cb6-f6ff76872643_1614000684082.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614000936/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614000936/landscapea87e9519-2161-4e14-8cb6-f6ff76872643_1614000684082.ts
Protocol
HTTP/1.1
Server
104.126.36.187 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://uk.pcmag.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Mon, 22 Feb 2021 16:00:10 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
landscapea87e9519-2161-4e14-8cb6-f6ff76872643_1614000684082.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614000936/ 		293 KB
294 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614000936/landscapea87e9519-2161-4e14-8cb6-f6ff76872643_1614000684082.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.126.36.187 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
c96a45e541dea432e80cf4168b402322ca35d935d47f69a97c06654a8e43f61f

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range
bytes=567008-867055

Response headers

Date
Mon, 22 Feb 2021 16:00:10 GMT
Content-Range
bytes 567008-867055/2225732
Connection
keep-alive
Content-Length
300048
X-Served-By
cache-wdc5534-WDC
Last-Modified
Mon, 22 Feb 2021 13:35:54 GMT
Server
cloudinary
X-Timer
S1614001075.317842,VS0,VE0
ETag
"ea2d82003dd91279bfc91d75e424ee6b"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31549079
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
match
c1.adform.net/serving/cookie/ Frame 8E5C
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=6E401453-64A9-4385-B8A7-DD2DDC32D731
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=6E401453-64A9-4385-B8A7-DD2DDC32D731
35 B
325 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=6E401453-64A9-4385-B8A7-DD2DDC32D731
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=81230589&p=158901&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---&sec=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?CC=1&party=14&cid=6E401453-64A9-4385-B8A7-DD2DDC32D731
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/AdServer/js/showad.js
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
C=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

server
nginx
date
Mon, 22 Feb 2021 16:00:17 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=7236615176635354596; expires=Fri, 23 Apr 2021 16:00:17 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Mon, 22 Feb 2021 16:00:17 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=6E401453-64A9-4385-B8A7-DD2DDC32D731
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
C=1; expires=Mon, 22 Mar 2021 16:00:17 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame A405
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:147B183288AB413E88232D407DC04390
1 B
543 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:147B183288AB413E88232D407DC04390
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=81230589&p=158901&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Date
Mon, 22 Feb 2021 16:00:17 GMT
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Set-Cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 23-May-2021 16:00:17 GMT; path=/
X-lat
Pug22062:0:784
Content-Length
1
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Pragma
no-cache
X-Cnection
close
Content-Type
text/html; charset=utf-8

Redirect headers

server
nginx
date
Mon, 22 Feb 2021 16:00:17 GMT
content-type
text/html
content-length
154
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:147B183288AB413E88232D407DC04390
set-cookie
suid=147B183288AB413E88232D407DC04390; Path=/; domain=simpli.fi; Expires=Wed, 23-Feb-22 16:00:17 GMT; SameSite=none; Secure; suid_legacy=147B183288AB413E88232D407DC04390; Path=/; domain=simpli.fi; Expires=Wed, 23-Feb-22 16:00:17 GMT; Secure;
expires
Sun, 21 Feb 2021 16:00:17 GMT
cache-control
no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
/
spl.zeotap.com/ Frame 36CB
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=6E401453-64A9-4385-B8A7-DD2DDC32D731
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=bb4d16bd87545c44737f19723c44e0c8
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://pixel.onaudience.com/?partner=147&mapped=accce2d2-2fa9-4799-95f4-47e720b56711&icm
  • https://spl.zeotap.com/?zdid=1332&zcluid=532ed4457ee3a24d
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://spl.zeotap.com/?zdid=1332&zcluid=532ed4457ee3a24d
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray
6259eb5b1ea0c272-FRA
date
Mon, 22 Feb 2021 16:00:20 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
text/html
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
cf-request-id
086c116ced0000c27279045000000001

Redirect headers

location
https://spl.zeotap.com?zdid=1332&zcluid=532ed4457ee3a24d
content-length
0
SPug
image4.pubmatic.com/AdServer/ Frame 36CB
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=fad56033-d50b-4a00-af98-f2db1bb62233
0
587 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=fad56033-d50b-4a00-af98-f2db1bb62233
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Date
Mon, 22 Feb 2021 16:00:11 GMT
Content-Encoding
gzip
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-cache
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8

Redirect headers

Date
Mon, 22 Feb 2021 16:00:08 GMT
Server
MT3 3518 2f03077 master zrh-pixel-x5
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=fad56033-d50b-4a00-af98-f2db1bb62233
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 22 Feb 2021 16:00:07 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 36CB
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=0f22b870-7527-11eb-856d-ff5f678799de&gdpr=0&gdpr_consent=
1 B
873 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=0f22b870-7527-11eb-856d-ff5f678799de&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Mon, 22 Feb 2021 16:00:18 GMT
X-lat
Pug22026:0:545
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=0f22b870-7527-11eb-856d-ff5f678799de&gdpr=0&gdpr_consent=
Date
Mon, 22 Feb 2021 16:00:17 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
0f22b871-7527-11eb-856d-ff5f678799de
dt
dt.adsafeprotected.com/ 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=7529&asId=4dc8a202-afab-2be4-497e-47346f25a449&tv={c:4YcahW,pingTime:-10,time:882,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.4.114v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNC4xMTR2MTIwMHx8MTYwMHx8MXx8MXx8MjR8fDEyMDB8fDB8fDB8fDF8fGxhbmRzY2FwZS1wcmltYXJ5fHwyNHx8NC8zfHw0LzN8fDB8fDE2MDA-,no:MTcuNC4xMTR2TW96aWxsYXx8TmV0c2NhcGV8fG58fDE2fHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8LTYwfHxNb3ppbGxhLzUuMCAoTWFjaW50b3NoOyBJbnRlbCBNYWMgT1MgWCAxMF8xNF81KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODMuMC40MTAzLjYxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,asp:1614009610973||ff5b6069e84a7163ae9ea7e4dafad66d||71ff54ebddb1e090fbf173d96e2342c8||5417ee7af18955c5dbb8c75349b86e34||b77b9e5e4cfb02f5850b3b5f24347230||f00a4328911acdff2272ebf8d843765d||fb03bfd428d046ff808d4873bb78344f||d3b25b4791a2344020c2914ec7e92dd3||1576000828}
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.39.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Feb 2021 16:00:11 GMT
X-Server-Name
dt10ami.ami.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
cookiesyncendpoint
sync.aniview.com/ Frame 157A
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=17136
  • https://sync.aniview.com/cookiesyncendpoint?pid=56ea678d181f46c76f8b45fb&biddername=5&key=KLGRNE4W-K-MAOJ
0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?pid=56ea678d181f46c76f8b45fb&biddername=5&key=KLGRNE4W-K-MAOJ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.70.106 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:11 GMT
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://sync.aniview.com/cookiesyncendpoint?pid=56ea678d181f46c76f8b45fb&biddername=5&key=KLGRNE4W-K-MAOJ
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
ab995a74221271a8dc253760ec78ee1d
Expires
0
activeview
pagead2.googlesyndication.com/pcs/ Frame B888 		42 B
725 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvLOzvQsz0qzY5scuiYtpS3TxHQ5Dtzt_CHPSFQUPlFNBOV8fYbW2ePEMZs4BN1xTGGOy_vHR7hWHtyFpGFM-JAcWUL5VK-z4hBs9Eis7w&sig=Cg0ArKJSzJFBdYhS8UdUEAE&id=osdim&mcvt=1110&p=400,872,490,1600&mtos=1110,1110,1110,1110,1110&tos=1110,0,0,0,0&v=20210219&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=305664200&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1614009609606&dlt=0&rpt=333&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Feb 2021 16:00:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame C227 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F94166617%2Fca-video-pub-9790762811057699-tag%2FMCD_2.O_ADM_Desktop_uk.pcmag.com_5&sz=400x300%7C640x400%7C640x480&description_url=https%3A%2F%2Fuk.pcmag.com%2Fmacos%2F131862%2Fsilver-sparrow-malware-discovered-on-30k-infected-macs&cust_params=publisher_name%3Dpcmag.com&env=vp&correlator=3974466843877094&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&max_ad_duration=35000&vid_t&vid_d&vid_kw&sdkv=h.3.443.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&is_amp=0&u_so=l&ctv=0&adsid=NT&gdpr=0&gdpr_consent=tcunavailable&sdki=44d&adk=4192250517&sdk_apis=2%2C8&sid=7E9A2CAA-143D-46C8-8844-D91F983A3B85&eid=44731465&url=https%3A%2F%2Fuk.pcmag.com%2Fmacos%2F131862%2Fsilver-sparrow-malware-discovered-on-30k-infected-macs&dt=1614009611063&cookie_enabled=1&scor=2612669759707076&ged=ve4_td1_tt0_pd1_la1000_er1768.310.1930.610_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.443.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
7a95e5dc491feccd5b4207687db11502e5bbb00e121da05d743e1097ed5c06cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/js/core/bridge3.443.0_en.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
643
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 9F0E 		1 KB
714 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F94166617%2Fca-video-pub-9790762811057699-tag%2FMCD_2.O_ADM_Desktop_uk.pcmag.com_3&sz=400x300%7C640x400%7C640x480&description_url=https%3A%2F%2Fuk.pcmag.com%2Fmacos%2F131862%2Fsilver-sparrow-malware-discovered-on-30k-infected-macs&cust_params=publisher_name%3Dpcmag.com&env=vp&correlator=3013734352660998&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&max_ad_duration=35000&vid_t&vid_d&vid_kw&sdkv=h.3.443.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&is_amp=0&u_so=l&ctv=0&adsid=NT&gdpr=0&gdpr_consent=tcunavailable&sdki=44d&adk=48938323&sdk_apis=2%2C8&sid=892A8716-7808-4444-95D2-1E3538884EC0&eid=420706138&url=https%3A%2F%2Fuk.pcmag.com%2Fmacos%2F131862%2Fsilver-sparrow-malware-discovered-on-30k-infected-macs&dt=1614009611070&cookie_enabled=1&scor=523081235466955&ged=ve4_td1_tt0_pd1_la1000_er1768.310.1930.610_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.443.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
5df97f39de934e5a046a5c70d377bc128bfeb8ce6d1102ac2a46e70edf9864d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/js/core/bridge3.443.0_en.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
640
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 343A 		156 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_Playbuzz%2Fpreroll%2Fsyndication_4&description_url=https%3A%2F%2Fuk.pcmag.com%2Fmacos%2F131862%2Fsilver-sparrow-malware-discovered-on-30k-infected-macs&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2533255022244877&sdkv=h.3.443.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&is_amp=0&u_so=l&ctv=0&adsid=NT&gdpr=0&gdpr_consent=tcunavailable&sdki=44d&adk=304627266&sdk_apis=2%2C8&sid=6A608F9D-6E97-489E-958C-C2E0B35B84A8&eid=44729227%2C44731467&url=https%3A%2F%2Fuk.pcmag.com%2Fmacos%2F131862%2Fsilver-sparrow-malware-discovered-on-30k-infected-macs&dt=1614009611072&cookie_enabled=1&scor=2871032734443539&ged=ve4_td1_tt0_pd1_la1000_er1768.310.1930.610_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.443.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/js/core/bridge3.443.0_en.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:11 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
landscapea87e9519-2161-4e14-8cb6-f6ff76872643_1614000684082.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614000936/ 		207 KB
208 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614000936/landscapea87e9519-2161-4e14-8cb6-f6ff76872643_1614000684082.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.126.36.187 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
f6fcafb5921bce027b40054fed309c900565376c2a1caf4cbbdd06d033f43fea

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range
bytes=867056-1079119

Response headers

Date
Mon, 22 Feb 2021 16:00:11 GMT
Content-Range
bytes 867056-1079119/2225732
Connection
keep-alive
Content-Length
212064
X-Served-By
cache-wdc5534-WDC
Last-Modified
Mon, 22 Feb 2021 13:35:54 GMT
Server
cloudinary
X-Timer
S1614001075.317842,VS0,VE0
ETag
"ea2d82003dd91279bfc91d75e424ee6b"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31549078
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscapea87e9519-2161-4e14-8cb6-f6ff76872643_1614000684082.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614000936/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614000936/landscapea87e9519-2161-4e14-8cb6-f6ff76872643_1614000684082.ts
Protocol
HTTP/1.1
Server
104.126.36.187 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://uk.pcmag.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Mon, 22 Feb 2021 16:00:11 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
ack
cookiex.ngd.yahoo.com/ Frame 157A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KLGRNE4W-K-MAOJ&sigv=1&esig=2~8a8f0ea3418aec46bbef5490f77af2f060572282
  • https://cookiex.ngd.yahoo.com/ack?xid=E0&eid=KLGRNE4W-K-MAOJ
0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cookiex.ngd.yahoo.com/ack?xid=E0&eid=KLGRNE4W-K-MAOJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:11 GMT
referrer-policy
no-referrer-when-downgrade
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
p3p
policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff

Redirect headers

date
Mon, 22 Feb 2021 16:00:11 GMT
referrer-policy
no-referrer-when-downgrade
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
p3p
policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
location
https://cookiex.ngd.yahoo.com/ack?xid=E0&eid=KLGRNE4W-K-MAOJ
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame 157A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWRiNzA5ODFhNGJiNjM5Y2NjMzQyYjNjNWVmYzBmMDdkNjQzMzFlYw
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWRiNzA5ODFhNGJiNjM5Y2NjMzQyYjNjNWVmYzBmMDdkNjQzMzFlYw
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Feb 2021 16:00:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWRiNzA5ODFhNGJiNjM5Y2NjMzQyYjNjNWVmYzBmMDdkNjQzMzFlYw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 157A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/k3RnW7_zqa18Zy5ziAb64A?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=931097411575739350
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=931097411575739350
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Content-Type
image/gif

Redirect headers

date
Mon, 22 Feb 2021 16:00:11 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=931097411575739350
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 157A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBt98Lvye-IrBAmZXERI4pk&google_cver=1
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBt98Lvye-IrBAmZXERI4pk&google_cver=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 22 Feb 2021 16:00:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBt98Lvye-IrBAmZXERI4pk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 157A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YDPVCwAAAI8Eb1LS
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YDPVCwAAAI8Eb1LS&_test=YDPVCwAAAI8Eb1LS
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YDPVCwAAAI8Eb1LS&_test=YDPVCwAAAI8Eb1LS
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 22 Feb 2021 16:00:11 GMT
via
1.1 varnish
server
Varnish
x-timer
S1614009612.573753,VS0,VE0
x-served-by
cache-hhn4031-HHN
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YDPVCwAAAI8Eb1LS&_test=YDPVCwAAAI8Eb1LS
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tap.php
pixel.rubiconproject.com/ Frame 157A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=874d6033-d50b-4100-8551-068f3f0ab7e0
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=874d6033-d50b-4100-8551-068f3f0ab7e0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Content-Type
image/gif

Redirect headers

Date
Mon, 22 Feb 2021 16:00:08 GMT
Server
MT3 3518 2f03077 master zrh-pixel-x31
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=874d6033-d50b-4100-8551-068f3f0ab7e0
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 22 Feb 2021 16:00:07 GMT
709414.gif
id.rlcdn.com/ Frame 157A 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.207.148 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
148.207.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:12 GMT
via
1.1 google
alt-svc
clear
content-length
0
pixel
cm.g.doubleclick.net/ Frame 157A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xHUk5FNFctSy1NQU9K
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xHUk5FNFctSy1NQU9K
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Feb 2021 16:00:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xHUk5FNFctSy1NQU9K
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
landscapea87e9519-2161-4e14-8cb6-f6ff76872643_1614000684082.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614000936/ 		226 KB
226 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614000936/landscapea87e9519-2161-4e14-8cb6-f6ff76872643_1614000684082.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.126.36.187 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
50385d9fab8435e9986071bb0549e48a5d2b579c3e1934f94239a6641dd248a2

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range
bytes=1079120-1310171

Response headers

Date
Mon, 22 Feb 2021 16:00:11 GMT
Content-Range
bytes 1079120-1310171/2225732
Connection
keep-alive
Content-Length
231052
X-Served-By
cache-wdc5534-WDC
Last-Modified
Mon, 22 Feb 2021 13:35:54 GMT
Server
cloudinary
X-Timer
S1614001075.317842,VS0,VE0
ETag
"ea2d82003dd91279bfc91d75e424ee6b"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31549078
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscapea87e9519-2161-4e14-8cb6-f6ff76872643_1614000684082.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614000936/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614000936/landscapea87e9519-2161-4e14-8cb6-f6ff76872643_1614000684082.ts
Protocol
HTTP/1.1
Server
104.126.36.187 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://uk.pcmag.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Mon, 22 Feb 2021 16:00:11 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
ads
pubads.g.doubleclick.net/gampad/ Frame 9F0E 		156 B
730 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F94166617%2Fca-video-pub-9790762811057699-tag%2FMCD_2.O_ADM_Desktop_uk.pcmag.com_3&sz=400x300%7C640x400%7C640x480&cust_params=publisher_name%3Dpcmag.com&url=https%3A%2F%2Fuk.pcmag.com%2Fmacos%2F131862%2Fsilver-sparrow-malware-discovered-on-30k-infected-macs&unviewed_position_start=1&env=vp&gdfp_req=1&ad_rule=0&output=xml_vast4&video_url_to_fetch=https%3A%2F%2Fuk.pcmag.com%2Fmacos%2F131862%2Fsilver-sparrow-malware-discovered-on-30k-infected-macs&vad_type=linear&vpos=preroll&pod=1&vrid=1181461&max_ad_duration=30000&min_ad_duration=0&adk=48938323&cookie_enabled=1&correlator=3013734352660998&dt=1614009611292&gdpr=0&gdpr_consent=tcunavailable&ged=ve4_td1_tt0_pd1_la1000_er1768.310.2236.1141_vi0.0.1200.1600_vp0_ts0_eb16491&is_amp=0&npa=false&osd=2&scor=523081235466955&sdk_apis=2%2C8&vis=1&u_so=l&eid=420706138&hl=en&frm=0&sdki=44d&sdkv=h.3.443.0&sdr=1&vid_kw&vid_t&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&kfa=0&tfcd=0&ctv=0&adsid=NT&sid=892A8716-7808-4444-95D2-1E3538884EC0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.443.0_en.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/js/core/bridge3.443.0_en.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:11 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
evidon-sitenotice-bundle.js
cdn.ziffstatic.com/sitenotice/ 		198 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ziffstatic.com/sitenotice/evidon-sitenotice-bundle.js
Requested by
Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/jst/zdconsent.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.17.178.46 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
/
Resource Hash
a0d37004fa6bf5c69e4acd559f3f6df47e277e8e946afbeb08cba376ce47e45d

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
cPqTAGkvEDcWO89lBSunQvlV9PEXQw2B
content-encoding
gzip
last-modified
Thu, 18 Feb 2021 06:01:07 GMT
x-amz-request-id
1E8E920D012DD506
date
Mon, 22 Feb 2021 16:00:11 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
x-amz-replication-status
PENDING
accept-ranges
bytes
content-length
21135
x-amz-id-2
UkA7cS+E6nHoaWFtJ/EbOrtb8V/uzl6aEUmvnN/QN05+APk/V8AaYNxy9lSEuzVe60qXNQKAeeI=
expires
Mon, 22 Feb 2021 17:00:11 GMT
settings.js
cdn.ziffstatic.com/sitenotice/660/pcmag/ 		25 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ziffstatic.com/sitenotice/660/pcmag/settings.js
Requested by
Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/jst/zdconsent.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.17.178.46 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
/
Resource Hash
d53f3dc6e4629f3e65188362e6704efd15b7bd1483081583104b1bb1d4a54ec3

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
i01nv9gkaDVshconLgPdvbRom_bqQex1
content-encoding
gzip
last-modified
Tue, 16 Feb 2021 06:00:42 GMT
x-amz-request-id
9EC27B67160AB87C
date
Mon, 22 Feb 2021 16:00:11 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
5014
x-amz-id-2
tk6nB96nUxARFdc/+oaxPeYvE53gVAYVhE9BnpkUg0I+XT98w22Zml5/O+lP1zOMGY/U7i9GthU=
expires
Mon, 22 Feb 2021 17:00:11 GMT
en.js
cdn.ziffstatic.com/sitenotice/660/translations/ 		214 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ziffstatic.com/sitenotice/660/translations/en.js
Requested by
Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/sitenotice/evidon-sitenotice-bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.17.178.46 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
/
Resource Hash
fcaa1273e5fbfab14e5acc858caed9a1463119004313641333970e308f7bdabe

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
1iJGZTMrtnSnju8NrBLT_3urkLg56Pz6
content-encoding
gzip
last-modified
Mon, 22 Feb 2021 06:00:06 GMT
x-amz-request-id
D880A872254BFB81
date
Mon, 22 Feb 2021 16:00:11 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
8003
x-amz-id-2
7ZhH0cMrTygIpaxDNmsqP7fQ/+x96FPqxqb8Jo0aOaYMbkE6ZetvDa9Wp1nKGkgjcpZT+ZcGWYk=
expires
Mon, 22 Feb 2021 17:00:11 GMT
icong1.png
c.evidon.com/pub/ 		600 B
907 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.evidon.com/pub/icong1.png
Requested by
Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/sitenotice/evidon-sitenotice-bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.79.153.186 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-153-186.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
40d2dae0209b964e6ceb2607faafc02bb3d6efa0d73f47a4ab2a17279f642b91

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:11 GMT
content-encoding
gzip
last-modified
Tue, 21 May 2019 16:14:21 GMT
server
AkamaiNetStorage
etag
"d08da9f445b63100a56646de99043059:1558455261"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET,OPTIONS,POST
content-type
image/png
access-control-allow-origin
access-control-max-age
108000
cache-control
max-age=864000
accept-ranges
bytes
access-control-allow-headers
*
content-length
623
iabevidonmapping.js
iabmap.evidon.com/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iabmap.evidon.com/iabevidonmapping.js
Requested by
Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/sitenotice/evidon-sitenotice-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:5e00:10:27b4:f500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
21a22ffbb31ae72c9efc1970ad750dc83454831721ca163bc6cda04dae21a7d7

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 15:51:24 GMT
content-encoding
gzip
last-modified
Thu, 16 Jul 2020 19:37:07 GMT
server
AmazonS3
age
528
etag
W/"d99c1881b1f34e9e885e96cdcb02fc6c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 3b241d28b74f1afdcb7ac9fb7109cff1.cloudfront.net (CloudFront)
x-amz-cf-pop
ZAG50-C1
x-amz-cf-id
qkYIBJdO8Zbka7l5aVJd04R1IE_U-kj339yVV_rnNZUuE6axhLug3w==
evidon-cmp.js
cdn.ziffstatic.com/sitenotice/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ziffstatic.com/sitenotice/evidon-cmp.js
Requested by
Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/sitenotice/evidon-sitenotice-bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.17.178.46 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
/
Resource Hash
2e8f9273809d3bb211ff2ef271c6248c5b91aba407f5a8cce183f92bfbc2d0cf

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
UH3ZWdojxlGbQkDc9egdJhzaObh2a6.K
content-encoding
gzip
last-modified
Tue, 29 Sep 2020 18:20:22 GMT
x-amz-request-id
A98C327715302358
date
Mon, 22 Feb 2021 16:00:11 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
6642
x-amz-id-2
R6xh9/mvnGWwxVUtL2G1Vec3qf5+xZKDW84ORwHSJHTZaUfwpjxOq25DdCslH88jyonM0La/q8k=
expires
Mon, 22 Feb 2021 17:00:11 GMT
1
l.evidon.com/site/v3/660/118/1/1/1/ 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.evidon.com/site/v3/660/118/1/1/1/1?consent=1&regulationid=0&regulationconsenttypeid=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.231.36.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:11 GMT
content-encoding
gzip
x-powered-by
Express
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary
Accept-Encoding
dt
dt.adsafeprotected.com/ 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=7529&asId=4dc8a202-afab-2be4-497e-47346f25a449&tv={c:4Ycap2,pingTime:1,time:1322,type:p,clog:[{piv:100,vs:i,r:,w:728,h:90,t:209}],es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:1322,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:209,wc:0.0.1600.1200,ac:436.200.728.90,am:i,cc:436.200.728.90,piv:100,obst:0,th:0,reas:,bkn:{piv:[1179~100],as:[1179~728.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:103,fm:spLlQ62+11|12|13|141|1421|143|144|15|16|17|18|19|1a|1b*.7529|1b1|1c|1d.7529|1d1|1e|1f|1g,idMap:1b*,rmeas:1,rend:1,renddet:IMG.qs}&br=u
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.39.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Feb 2021 16:00:11 GMT
X-Server-Name
dt10ami.ami.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=7529&asId=4dc8a202-afab-2be4-497e-47346f25a449&tv={c:4Ycap3,pingTime:1,time:1323,type:pf,clog:[{piv:100,vs:i,r:,w:728,h:90,t:209}],es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:1323,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:209,wc:0.0.1600.1200,ac:436.200.728.90,am:i,cc:436.200.728.90,piv:100,obst:0,th:0,reas:,bkn:{piv:[1179~100],as:[1179~728.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:103,fm:spLlQ62+11|12|13|141|1421|143|144|15|16|17|18|19|1a|1b*.7529|1b1|1c|1d.7529|1d1|1e|1f|1g,idMap:1b*,rmeas:1,rend:1,renddet:IMG.qs}&br=u
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.39.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Feb 2021 16:00:11 GMT
X-Server-Name
dt10ami.ami.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=7529&asId=4dc8a202-afab-2be4-497e-47346f25a449&tv={c:4Ycap3,pingTime:1,time:1323,type:c,clog:[{piv:100,vs:i,r:,w:728,h:90,t:209}],es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:1324,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:209,wc:0.0.1600.1200,ac:436.200.728.90,am:i,cc:436.200.728.90,piv:100,obst:0,th:0,reas:,bkn:{piv:[1180~100],as:[1180~728.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:103,fm:spLlQ62+11|12|13|141|1421|143|144|15|16|17|18|19|1a|1b*.7529|1b1|1c|1d.7529|1d1|1e|1f|1g,idMap:1b*,rmeas:1,rend:1,renddet:IMG.qs,metricId:publ1,cmr:t}&br=u
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.39.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Feb 2021 16:00:11 GMT
X-Server-Name
dt10ami.ami.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=7529&asId=4dc8a202-afab-2be4-497e-47346f25a449&tv={c:4Ycap4,pingTime:1,time:1324,type:c,clog:[{piv:100,vs:i,r:,w:728,h:90,t:209}],es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:1324,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:209,wc:0.0.1600.1200,ac:436.200.728.90,am:i,cc:436.200.728.90,piv:100,obst:0,th:0,reas:,bkn:{piv:[1180~100],as:[1180~728.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:103,fm:spLlQ62+11|12|13|141|1421|143|144|15|16|17|18|19|1a|1b*.7529|1b1|1c|1d.7529|1d1|1e|1f|1g,idMap:1b*,rmeas:1,rend:1,renddet:IMG.qs,metricId:grpm1,cmr:t}&br=u
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.39.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Feb 2021 16:00:11 GMT
X-Server-Name
dt10ami.ami.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=7529&asId=c1e29b97-4561-9eb7-14f0-c14dfb489b36&tv={c:4Ycap7,pingTime:-10,time:1323,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.4.114v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNC4xMTR2MTIwMHx8MTYwMHx8MXx8MXx8MjR8fDEyMDB8fDB8fDB8fDF8fGxhbmRzY2FwZS1wcmltYXJ5fHwyNHx8NC8zfHw0LzN8fDB8fDE2MDA-,no:MTcuNC4xMTR2TW96aWxsYXx8TmV0c2NhcGV8fG58fDE2fHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8LTYwfHxNb3ppbGxhLzUuMCAoTWFjaW50b3NoOyBJbnRlbCBNYWMgT1MgWCAxMF8xNF81KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODMuMC40MTAzLjYxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,asp:1614009610973||ff5b6069e84a7163ae9ea7e4dafad66d||71ff54ebddb1e090fbf173d96e2342c8||5417ee7af18955c5dbb8c75349b86e34||b77b9e5e4cfb02f5850b3b5f24347230||f00a4328911acdff2272ebf8d843765d||fb03bfd428d046ff808d4873bb78344f||d3b25b4791a2344020c2914ec7e92dd3||1576000828,sca:{spg:4dc8a202-afab-2be4-497e-47346f25a449}}
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.39.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Feb 2021 16:00:11 GMT
X-Server-Name
dt10ami.ami.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
18610
l.evidon.com/site/v3/660/118/1/2/1/1/ 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.evidon.com/site/v3/660/118/1/2/1/1/18610?consent=1&regulationid=0&regulationconsenttypeid=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.231.36.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:11 GMT
content-encoding
gzip
x-powered-by
Express
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary
Accept-Encoding
18610
l.evidon.com/site/v3/660/118/1/1/1/1/ 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.evidon.com/site/v3/660/118/1/1/1/1/18610?consent=1&regulationid=0&regulationconsenttypeid=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.231.36.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:11 GMT
content-encoding
gzip
x-powered-by
Express
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary
Accept-Encoding
vendorlist.json
vendorlist.consensu.org/v-215/ 		0
0
ads
pubads.g.doubleclick.net/gampad/ Frame C227 		156 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F94166617%2Fca-video-pub-9790762811057699-tag%2FMCD_2.O_ADM_Desktop_uk.pcmag.com_5&sz=400x300%7C640x400%7C640x480&cust_params=publisher_name%3Dpcmag.com&url=https%3A%2F%2Fuk.pcmag.com%2Fmacos%2F131862%2Fsilver-sparrow-malware-discovered-on-30k-infected-macs&unviewed_position_start=1&env=vp&gdfp_req=1&ad_rule=0&output=xml_vast4&video_url_to_fetch=https%3A%2F%2Fuk.pcmag.com%2Fmacos%2F131862%2Fsilver-sparrow-malware-discovered-on-30k-infected-macs&vad_type=linear&vpos=preroll&pod=1&vrid=1181461&max_ad_duration=30000&min_ad_duration=0&adk=4192250517&cookie_enabled=1&correlator=3974466843877094&dt=1614009611643&gdpr=0&gdpr_consent=tcunavailable&ged=ve4_td2_tt1_pd2_la2000_er1768.310.2236.1141_vi0.0.1200.1600_vp0_ts1_eb16491&is_amp=0&npa=false&osd=2&scor=2612669759707076&sdk_apis=2%2C8&vis=1&u_so=l&eid=44731465&hl=en&frm=0&sdki=44d&sdkv=h.3.443.0&sdr=1&vid_kw&vid_t&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&kfa=0&tfcd=0&ctv=0&adsid=NT&sid=7E9A2CAA-143D-46C8-8844-D91F983A3B85
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.443.0_en.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/js/core/bridge3.443.0_en.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:11 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ImgSync
image8.pubmatic.com/AdServer/ 		0
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=156068&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 22 Feb 2021 16:00:11 GMT
Cache-Control
private,max-age=86400
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame 36CB 		0
587 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158901&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Date
Mon, 22 Feb 2021 16:00:11 GMT
Content-Encoding
gzip
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-cache
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8
landscapea87e9519-2161-4e14-8cb6-f6ff76872643_1614000684082.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614000936/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614000936/landscapea87e9519-2161-4e14-8cb6-f6ff76872643_1614000684082.ts
Protocol
HTTP/1.1
Server
104.126.36.187 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://uk.pcmag.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Mon, 22 Feb 2021 16:00:13 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
landscapea87e9519-2161-4e14-8cb6-f6ff76872643_1614000684082.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614000936/ 		257 KB
257 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614000936/landscapea87e9519-2161-4e14-8cb6-f6ff76872643_1614000684082.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.126.36.187 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
9cee9aaa8a57ca8aa96d72869bf3a58e31ab54aeccf25a51d2c20754893e8cf7

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range
bytes=1310172-1573183

Response headers

Date
Mon, 22 Feb 2021 16:00:13 GMT
Content-Range
bytes 1310172-1573183/2225732
Connection
keep-alive
Content-Length
263012
X-Served-By
cache-wdc5534-WDC
Last-Modified
Mon, 22 Feb 2021 13:35:54 GMT
Server
cloudinary
X-Timer
S1614001075.317842,VS0,VE0
ETag
"ea2d82003dd91279bfc91d75e424ee6b"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31549076
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
track
track1.aniview.com/ 		0
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=CH&cos=OSX&r=uk.pcmag.com&rs=uk.pcmag.com&sid=11470&t=1614009609&cip=185.156.175.107&sn=&tgt=0&osv=10.14.5&bv=83.0&brn=Chrome&wi=831&he=468&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1614009609342-925891584731-020540-007-008288&cha=0.7&cb=18722107592&cd4=e3a7852b-baed-42a3-bdb4-18a2213dd2f8&cd5=default&d9=0000&AV_WIDTH=831&AV_HEIGHT=468
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.84.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 22 Feb 2021 16:00:14 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
dt
dt.adsafeprotected.com/ 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=7529&asId=4dc8a202-afab-2be4-497e-47346f25a449&tv={c:4Ycbry,pingTime:5,time:5322,type:p,clog:[{piv:100,vs:i,r:,w:728,h:90,t:209}],es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:5322,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:209,wc:0.0.1600.1200,ac:436.200.728.90,am:i,cc:436.200.728.90,piv:100,obst:0,th:0,reas:,bkn:{piv:[5178~100],as:[5178~728.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:161,fm:spLlQ62+11|12|13|141|1421|143|144|15|16|17|18|19|1a|1b*.7529|1b1|1c|1d.7529|1d1|1e|1f|1g,idMap:1b*,rmeas:1,rend:1,renddet:IMG.qs}&br=u
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.39.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Feb 2021 16:00:15 GMT
X-Server-Name
dt10ami.ami.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=7529&asId=4dc8a202-afab-2be4-497e-47346f25a449&tv={c:4Ycbrz,pingTime:5,time:5323,type:pf,clog:[{piv:100,vs:i,r:,w:728,h:90,t:209}],es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:5323,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:209,wc:0.0.1600.1200,ac:436.200.728.90,am:i,cc:436.200.728.90,piv:100,obst:0,th:0,reas:,bkn:{piv:[5179~100],as:[5179~728.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:161,fm:spLlQ62+11|12|13|141|1421|143|144|15|16|17|18|19|1a|1b*.7529|1b1|1c|1d.7529|1d1|1e|1f|1g,idMap:1b*,rmeas:1,rend:1,renddet:IMG.qs}&br=u
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.39.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Feb 2021 16:00:15 GMT
X-Server-Name
dt34ami.ami.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
s2s
s2s.aniview.com/api/adserver/ 		1 B
230 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.aniview.com/api/adserver/s2s?auc_id=95117a8d898f2258260cfc4de9af055f_172315653&wpm=&ssrtb=&pbjs=&AV_C_USER_ID=1614009609342-925891584731-020540-007-008288&cou=CH&AV_PAGE_LOAD_UID=e3a7852b-baed-42a3-bdb4-18a2213dd2f8&AV_CDIM4=e3a7852b-baed-42a3-bdb4-18a2213dd2f8&INTEGRATION_TYPE=default&AV_CDIM5=default&AV_VIDEOURL=https%3A%2F%2Fmcd.ex.co%2Fvideo%2Fupload%2Fsp_hd%2Fv1490095101%2Flandscapea87e9519-2161-4e14-8cb6-f6ff76872643_1614000684082.m3u8&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fuk.pcmag.com%2Fmacos%2F131862%2Fsilver-sparrow-malware-discovered-on-30k-infected-macs&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&AV_CHANNELID=6019260a91fd901a1a3118e8&format=json&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DNT=0&AV_DETDOMAIN=uk.pcmag.com&AV_DADPOS=3&v=6.1.1.243&responsive=1&avtoken=608965&AV_WIDTH=831&AV_HEIGHT=468&AV_CCPA=1---&cb=4009616878&tgt=0&
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.2.212 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:17 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://uk.pcmag.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Thu, 11 Feb 2021 02:13:37 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=CH&cos=OSX&r=uk.pcmag.com&rs=uk.pcmag.com&sid=11470&t=1614009609&cip=185.156.175.107&sn=&tgt=0&osv=10.14.5&bv=83.0&brn=Chrome&wi=831&he=468&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1614009609342-925891584731-020540-007-008288&cha=0.7&cb=18722107592&cd4=e3a7852b-baed-42a3-bdb4-18a2213dd2f8&cd5=default&d9=0000&AV_WIDTH=831&AV_HEIGHT=468&nid=56ea678d181f46c76f8b45fb&ncid=6019260a91fd901a1a3118e8&e=request&cb=1614009616879&asid=5ee3d57071193a26344a4076%2C5ff1826de52e2f2dd148e0f4&ofpr=%2C3&fpo=%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.84.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:16 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
mvo
tag.1rx.io/rmp/217532/0/ 		0
269 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/217532/0/mvo?z=1r&hbv=4.20,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.210 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://uk.pcmag.com
Pragma
no-cache
Date
Mon, 22 Feb 2021 16:00:16 GMT
Cache-Control
private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Server
Tengine
Connection
keep-alive
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=CH&cos=OSX&r=uk.pcmag.com&rs=uk.pcmag.com&sid=11470&t=1614009609&cip=185.156.175.107&sn=&tgt=0&osv=10.14.5&bv=83.0&brn=Chrome&wi=831&he=468&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1614009609342-925891584731-020540-007-008288&cha=0.7&cb=18722107592&cd4=e3a7852b-baed-42a3-bdb4-18a2213dd2f8&cd5=default&d9=0000&AV_WIDTH=831&AV_HEIGHT=468&nid=56ea678d181f46c76f8b45fb&ncid=6019260a91fd901a1a3118e8&e=bid&cb=1614009617165&asid=5ee3d57071193a26344a4076&ofpr=&fpo=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.84.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:17 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 7364 		326 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9fdc8d6e8ae6ab8c71d6c0efc802ec9eec8c9cbd50dfda8e0924684f1da0b51b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
114825
x-xss-protection
0
expires
Mon, 22 Feb 2021 16:00:17 GMT
events
prd-collector-anon.ex.co/main/ 		0
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/85f28425-6f28-464b-80f0-545fb7018a84
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.15.110 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://uk.pcmag.com
date
Mon, 22 Feb 2021 16:00:17 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
bridge3.443.0_en.html
imasdk.googleapis.com/js/core/ Frame 768A 		576 KB
188 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.443.0_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6cdd9ff0d35d7ccf8e2092985f761c9a06fc2126fd3caceed43adfac938a1a83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.443.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
192659
date
Thu, 18 Feb 2021 19:41:26 GMT
expires
Fri, 18 Feb 2022 19:41:26 GMT
last-modified
Wed, 17 Feb 2021 22:18:32 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
332331
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 7364 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10523
x-xss-protection
0
expires
Mon, 22 Feb 2021 16:00:17 GMT
integrator.js
adservice.google.com/adsid/ Frame 7364 		109 B
169 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=uk.pcmag.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 22 Feb 2021 16:00:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 9837 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 15:15:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
age
2705
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
expires
Mon, 22 Feb 2021 16:15:12 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 768A 		156 B
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_Playbuzz%2Fpreroll%2Fsyndication_4&description_url=https%3A%2F%2Fuk.pcmag.com%2Fmacos%2F131862%2Fsilver-sparrow-malware-discovered-on-30k-infected-macs&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4333023129668038&sdkv=h.3.443.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&is_amp=0&u_so=l&ctv=0&adsid=NT&gdpr=0&gdpr_consent=tcunavailable&sdki=44d&adk=48938323&sdk_apis=2%2C8&sid=5E558A82-53F3-4FA2-934E-DD3348A9533C&eid=668123729%2C75259402&url=https%3A%2F%2Fuk.pcmag.com%2Fmacos%2F131862%2Fsilver-sparrow-malware-discovered-on-30k-infected-macs&dlt=1614009617167&idt=236&dt=1614009617417&cookie_enabled=1&scor=155313747132527&ged=ve4_td0_tt0_pd0_la0_er1768.310.1930.610_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.443.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/js/core/bridge3.443.0_en.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:17 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
landscapea87e9519-2161-4e14-8cb6-f6ff76872643_1614000684082.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614000936/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614000936/landscapea87e9519-2161-4e14-8cb6-f6ff76872643_1614000684082.ts
Protocol
HTTP/1.1
Server
104.126.36.187 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://uk.pcmag.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Mon, 22 Feb 2021 16:00:17 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
landscapea87e9519-2161-4e14-8cb6-f6ff76872643_1614000684082.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614000936/ 		192 KB
192 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614000936/landscapea87e9519-2161-4e14-8cb6-f6ff76872643_1614000684082.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.126.36.187 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
4c04142ec7dc5e4f67e1a3768bc3708165a601fde2cd5700768005777f146f90

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range
bytes=1573184-1769643

Response headers

Date
Mon, 22 Feb 2021 16:00:17 GMT
Content-Range
bytes 1573184-1769643/2225732
Connection
keep-alive
Content-Length
196460
X-Served-By
cache-wdc5534-WDC
Last-Modified
Mon, 22 Feb 2021 13:35:54 GMT
Server
cloudinary
X-Timer
S1614001075.317842,VS0,VE0
ETag
"ea2d82003dd91279bfc91d75e424ee6b"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31549072
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
track
atrack.avplayer.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://atrack.avplayer.com/track?pid=56ea678d181f46c76f8b45fb&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&e=AV_M18&cb=1614009618580&cid=6019260a91fd901a1a3118e8&cou=CH&AV_PAGE_LOAD_UID=e3a7852b-baed-42a3-bdb4-18a2213dd2f8&AV_CDIM4=e3a7852b-baed-42a3-bdb4-18a2213dd2f8&INTEGRATION_TYPE=default&AV_CDIM5=default
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.166.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 16:00:18 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
landscapea87e9519-2161-4e14-8cb6-f6ff76872643_1614000684082.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614000936/ 		255 KB
256 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614000936/landscapea87e9519-2161-4e14-8cb6-f6ff76872643_1614000684082.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.126.36.187 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
7ecaf114224341c9e45b918471c5894a30fa6224884f7fb03ec2d1b543568eed

Request headers

Referer
https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range
bytes=1769644-2030775

Response headers

Date
Mon, 22 Feb 2021 16:00:21 GMT
Content-Range
bytes 1769644-2030775/2225732
Connection
keep-alive
Content-Length
261132
X-Served-By
cache-wdc5534-WDC
Last-Modified
Mon, 22 Feb 2021 13:35:54 GMT
Server
cloudinary
X-Timer
S1614001075.317842,VS0,VE0
ETag
"ea2d82003dd91279bfc91d75e424ee6b"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31549068
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscapea87e9519-2161-4e14-8cb6-f6ff76872643_1614000684082.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614000936/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614000936/landscapea87e9519-2161-4e14-8cb6-f6ff76872643_1614000684082.ts
Protocol
HTTP/1.1
Server
104.126.36.187 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://uk.pcmag.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Mon, 22 Feb 2021 16:00:21 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
track
track1.aniview.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
krk.kargo.com
URL
https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%2213e9c34a-4188-42fc-ad9b-447359bec3da%22%2C%22requestCount%22%3A0%2C%22timeout%22%3A800%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1614009608823%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%2222c7b0a66f9ef3d%22%3A%22_u33Y3O9QyU%22%7D%2C%22bidSizes%22%3A%7B%2222c7b0a66f9ef3d%22%3A%5B%5B300%2C600%5D%2C%5B300%2C250%5D%5D%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_u33Y3O9QyU%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C600%5D%2C%5B300%2C250%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22zad-halfpage-1%22%2C%22transactionId%22%3A%229964dde8-cc4b-4700-83e4-7e459134072f%22%2C%22sizes%22%3A%5B%5B300%2C600%5D%2C%5B300%2C250%5D%5D%2C%22bidId%22%3A%2222c7b0a66f9ef3d%22%2C%22bidderRequestId%22%3A%222131f9fbf008e9f%22%2C%22auctionId%22%3A%2216846d3e-e278-40a9-8edb-818941fe06a7%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%2C%22usp%22%3A%221---%22%7D%2C%22krux%22%3A%7B%22userID%22%3Anull%2C%22segments%22%3A%5B%5D%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fuk.pcmag.com%2Fmacos%2F131862%2Fsilver-sparrow-malware-discovered-on-30k-infected-macs%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Domain
vendorlist.consensu.org
URL
https://vendorlist.consensu.org/v-215/vendorlist.json
Domain
track1.aniview.com
URL
https://track1.aniview.com/track?d=Chrome&cou=CH&cos=OSX&r=uk.pcmag.com&rs=uk.pcmag.com&sid=11470&t=1614009609&cip=185.156.175.107&sn=&tgt=0&osv=10.14.5&bv=83.0&brn=Chrome&wi=831&he=468&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1614009609342-925891584731-020540-007-008288&cha=0.7&cb=18722107592&cd4=e3a7852b-baed-42a3-bdb4-18a2213dd2f8&cd5=default&d9=0000&AV_WIDTH=831&AV_HEIGHT=468

Verdicts & Comments Add Verdict or Comment

141 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| _icmsFbq string| geoCC boolean| gdprApplies number| GDPR object| googletag object| adsbygoogle object| ICMS function| loadCSS function| ga object| _comscore object| ChessKit object| zad object| zadConfig object| zadSlotConfig string| disqus_shortname string| disqus_identifier string| disqus_url string| disqus_title function| disqus_config object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| __ZAd object| pbjs function| udm_ object| ns_p object| COMSCORE function| __ZDConsent object| evidon function| __tcfapi function| __uspapi function| __cmp object| aax object| zdconsent object| dataLayer object| ggeac object| google_js_reporting_queue object| nls number| BlueKaiID object| OneSignal function| LoadScript function| __menuhandle function| reset_menu function| __PCMNavBar function| OpenImageWindow function| fbq function| _fbq function| _ZDAdKit object| w string| property object| d object| params undefined| hybridbar undefined| billboardContainer undefined| mainheader object| ZDAdKit object| __socialShare string| language object| fallbacklUrl function| pinterestCallback function| facebookCallback function| linkedinCallback object| zd function| pbjsChunk object| _pbjsGlobals function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| tags object| BKTAG function| bk_addUserCtx function| bk_addPageCtx function| bk_addEmailHash function| bk_addPhoneHash function| bk_doJSTag function| bk_doJSTag2 function| bk_doCarsJSTag function| bk_doPartnerAltTag function| bk_doCallbackTag function| bk_doCallbackTagWithTimeOut object| com object| STREAM_CONFIGS string| STREAM_ID string| __EXCO_INTEGRATION_TYPE function| _avcp object| pbStream string| pbPageIdentifier object| __EXCO object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired function| Hls function| av_sciv_hndlr1614009608961 function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| storageAni string| __ZD_CPID_ object| __ZD_USEG_ object| __ZD_SEG_ object| zdcoreSignalBuffer object| GoogleGcLKhOms function| Krux object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager number| google_global_correlator object| google_image_requests object| closure_lm_11696 object| closure_lm_664587 object| closure_lm_760577 object| closure_lm_183911

10 Cookies

Domain/Path Name / Value
.pcmag.com/ Name: zdbb_fb_id
Value: 1
uk.pcmag.com/ Name: h_zdbb
Value:
.pcmag.com/ Name: __gads
Value: ID=29b2d2ab60d1a435-22494bb98dba00db:T=1614009608:S=ALNI_MZarcQL0oyAFOxrCo4KvszmYscN9Q
uk.pcmag.com/ Name: fu
Value: 1
.pcmag.com/ Name: _fbp
Value: fb.1.1614009608854.530409384
.pcmag.com/ Name: _gid
Value: GA1.2.1901585472.1614009608
.pcmag.com/ Name: _ga
Value: GA1.2.1708592404.1614009608
.pcmag.com/ Name: _gat
Value: 1
.pcmag.com/ Name: geoCC
Value: CH
uk.pcmag.com/macos/131862 Name: exco-uid
Value: cpt0faecdvmv9q6k

7 Console Messages

Source Level URL
Text
console-api log URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1)
Message:
OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api log URL: https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs(Line 48)
Message:
NPA=0
console-api log URL: https://uk.pcmag.com/s/pcmag/social-share.js?392(Line 6)
Message:
(#2) Service temporarily unavailable
console-api log URL: https://bbstatic.pcmag.com/js/zd-core-olt.min.js?v=5(Line 1)
Message:
ZD Core :: Outbound Link Tracking Initialized
console-api info URL: https://cdn.ampproject.org/rtv/032101070013000/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2101070013000 https://uk.pcmag.com/macos/131862/silver-sparrow-malware-discovered-on-30k-infected-macs
console-api debug URL: https://static.adsafeprotected.com/sca.17.4.114.js(Line 32)
Message:
a: 0.0009765625 ms
console-api log URL: https://cdn.ziffstatic.com/sitenotice/evidon-sitenotice-bundle.js(Line 1)
Message:
Evidon -- evidon-notice-link not found on page, cant display the consent link.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' *.pcmag.com *.ampproject.org *.zdbb.net *.disqus.com widgets.ign.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

970a91b2ede9c966f542ee0c4fcdd9c1.safeframe.googlesyndication.com
a.tribalfusion.com
ad.turn.com
ads.playground.xyz
ads.pubmatic.com
ads.yahoo.com
adserver-eu.adtech.advertising.com
adservice.google.ch
adservice.google.com
api.pinterest.com
assets.pcmag.com
atrack.avplayer.com
aud.pubmatic.com
bbstatic.pcmag.com
bh.contextweb.com
c.evidon.com
c1.adform.net
cdn.ampproject.org
cdn.krxd.net
cdn.onesignal.com
cdn.playbuzz.com
cdn.static.zdbb.net
cdn.ziffstatic.com
cm.adgrx.com
cm.g.doubleclick.net
connect.facebook.net
cookiex.ngd.yahoo.com
d.adroll.com
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
graph.facebook.com
green.erne.co
gurgle.pcmag.com
gurgle.zdbb.net
hbopenbid.pubmatic.com
iabmap.evidon.com
ib.adnxs.com
id.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
jogger.zdbb.net
krk.kargo.com
l.evidon.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
match.taboola.com
maxcdn.bootstrapcdn.com
mcd.ex.co
mwzeom.zeotap.com
nep.advangelists.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.adsafeprotected.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
playbuzzltd-d.openx.net
player.aniview.com
player.avplayer.com
player.ex.co
pm.w55c.net
pr-bh.ybp.yahoo.com
prd-collector-anon.ex.co
premiumsrv.aniview.com
prg.smartadserver.com
prod.perf-serving.com
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
rtb-csync.smartadserver.com
rtb.gumgum.com
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
s2s.aniview.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure-us.imrworldwide.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
sm.pcmag.com
spl.zeotap.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static.adsafeprotected.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.aniview.com
sync.crwdcntrl.net
sync.ipredictive.com
sync.mathtag.com
tag.1rx.io
tags.bkrtx.com
token.rubiconproject.com
tpc.googlesyndication.com
track1.aniview.com
trc.taboola.com
u.openx.net
uipglob.semasio.net
uk.pcmag.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
use.typekit.net
vendorlist.consensu.org
visitor.fiftyt.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.linkedin.com
www9.smartadserver.com
x.bidswitch.net
zdbb.net
krk.kargo.com
track1.aniview.com
vendorlist.consensu.org
104.108.41.56
104.108.50.124
104.108.64.33
104.126.36.187
104.18.13.5
104.244.39.20
142.250.185.162
142.250.186.98
151.101.114.133
151.101.114.49
151.101.13.44
151.101.194.137
151.101.36.84
159.65.196.12
169.50.137.190
178.250.2.151
18.156.0.31
184.30.20.241
184.30.21.15
185.29.133.58
185.33.221.50
185.33.221.91
185.64.189.110
185.64.189.112
185.64.189.249
185.64.190.78
185.64.190.79
185.64.190.81
185.86.137.114
185.86.137.131
185.86.139.58
198.148.27.140
2.17.178.46
2001:4de0:ac19::1:b:2b
2001:678:cb4:bbbb::11
213.155.156.166
213.19.147.150
213.19.147.210
216.58.212.130
23.218.208.200
23.218.208.246
23.36.234.181
23.36.236.158
23.37.42.132
23.79.153.186
2600:9000:20d7:5e00:10:27b4:f500:93a1
2600:9000:2127:e600:8:48e:53c0:93a1
2606:2800:233:97b6:26be:138a:cba8:bb01
2606:4700:10::6816:1857
2606:4700::6812:e234
2620:116:800d:21:5a23:9c4e:e774:96c1
2620:1ec:21::14
2a00:1288:110:c305::8000
2a00:1288:80:800::7001
2a00:1450:4001:800::2003
2a00:1450:4001:801::200a
2a00:1450:4001:809::2001
2a00:1450:4001:809::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:811::2001
2a00:1450:4001:813::2004
2a00:1450:4001:827::2001
2a00:1450:4001:827::200e
2a00:1450:4001:828::2003
2a00:1450:4001:829::2002
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::2006
2a00:1450:400c:c07::9d
2a02:26f0:10c:4bc::2c79
2a02:26f0:64::210:b571
2a02:26f0:6c00::210:ba0a
2a02:fa8:8806:12::1400
2a03:2880:f01c:800e:face:b00c:0:2
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.125.99.7
3.127.166.11
3.211.2.212
3.215.15.110
3.221.22.39
3.227.166.28
3.231.36.251
3.81.223.233
34.120.207.148
34.196.200.156
34.202.70.106
34.98.107.212
35.156.153.71
35.201.96.126
35.227.248.159
35.244.159.8
37.157.6.241
46.51.193.68
51.210.112.63
52.200.246.203
52.215.241.211
52.30.234.204
52.31.242.159
52.58.45.227
52.94.232.32
54.165.228.255
54.236.84.15
54.72.237.129
54.77.118.208
63.251.232.170
63.32.144.77
63.35.200.21
66.155.71.150
69.173.144.138
69.173.144.139
69.173.144.143
77.243.60.138
8.43.72.98
85.114.159.118
87.98.252.5
0093b4064c279af2c4b60b65b455264836e4beed5f94630cd95874f26d09c17b
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
04b2684e2a85ed8bf65eb0e6a3b4d942ebe82fcec4169bf3b322b9ad06f6565f
08fe691fefce659d5c56441de333212f935cce73f9a4b8c7d524d62ce4a3a5b5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c67db883ea8997885a9891549e6390f7a7172cc11ec451628050207a6b5903c
0d782e0d957a825f22dbac3cd223537a4b428d1bdd6118eb8f18007ba6fa4c76
0eb0ae904500721030f2e51629446c468abbd30251539695d56eb2f7454ca28e
0ee00e32155b0b1b4e790b5919961d414fbd302d38e473c5d27484d2b2e9bfaf
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1331ce07d67579b7a85c3f1deb9479460b198356c6d1aee8de72daa1d5e377b2
17f03942e210bdf9fdfdcd76549c9c962b2c103f4eb9ac27f3b227ffa6631848
1849dfa3c9eecd9464dea7f1279908a5503a9286169ffe8bf05f129ea9ffc8d1
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
192cadf7cd2ac89341d828514022ecd009550d029d615464e9e740409f434ad0
194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c
1f3e83d448a2882dc68e6191ebf4ede43af6338592f43af3b615b0f1b6e0a6cc
2190c16423c2557bcb20ccba2edc176fbeb16e6a3de2b2af297f650aae85a43e
21a22ffbb31ae72c9efc1970ad750dc83454831721ca163bc6cda04dae21a7d7
224508e5c95577c33b08c250f64d8ab69e2a4719e97cb7aaf760e35c3b85e736
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
23727e1fd90dc2bc2566aeef37ee69dd72c888dd8ba8d726f45e843c85eb0d67
25cdf021018456b62450b2f5d5dd4496d00d62a33d886de75aa5f978b81029cf
27f134473172d14cd47354c8f5d5471b58b392adc74da3ce4616b17655033c97
2d8b542c1c5ed917c99ce002e4e8e222d5302ce6bf42ed3f4443a9ada7017a68
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e137741ea4118803504bfa65a5a915a48776fa7bb6a43cbbbe19a3112c089d8
2e8f9273809d3bb211ff2ef271c6248c5b91aba407f5a8cce183f92bfbc2d0cf
3260173852537e6feb3471548292ad9cb79b924ced5442c7056b0a6dbca00377
351ddf8de16c0e9529a22c9d615d64a614a422e742bd61198a17c580df1db8c9
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3d3db159f520c69a3486a65416c5c63d80ca0c211477a6228055be3335e08e35
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ed694267721e19f3c598de96efd4305cb99f38e46fa8f09c60e67d234989506
40d2dae0209b964e6ceb2607faafc02bb3d6efa0d73f47a4ab2a17279f642b91
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
452d1771c6e4f4a4981f681d311aabb02f3b79661e4b3688293506891c4549ad
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4c04142ec7dc5e4f67e1a3768bc3708165a601fde2cd5700768005777f146f90
4db6732268b3d9330df1068351b18e2fd1c1c6da87b5953259b022a19ddfe7a5
4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e523a5ae5b4636c75901b79fafbd3912e41dc7987414e688b09d4b436ff22b3
4ec68e819882c78534a832859b38091d9804aea1cf9f5c4c64d4fc77433133c1
4eff198a38b748af2e3b6e0630a3e4674d69642cc378c96b23962d0c80018f1d
4f30bdeed794aeb92d85e55d901c0bdb634df32432010792e3b569ea73cae443
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
50385d9fab8435e9986071bb0549e48a5d2b579c3e1934f94239a6641dd248a2
5270defcc3e90b56488faf76bd73bf69cd7ee772a3d6f145ea97ac6c66196747
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3
53f3935b185e0bef573c305468c9386e77590db8182dff6837508803bb7abd83
56e4953af5c01ed820d5e5dc430e77234a87e8d019c38fda46f9f3593cd05e0f
5bd5a6698812259b3bddd35af61ed552dbb2748dc988e9053b4463a2bfc8b64d
5c5a22c704da51d236b29ae32a979a1a8f06969896795c03807774f6de684507
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5df97f39de934e5a046a5c70d377bc128bfeb8ce6d1102ac2a46e70edf9864d0
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
60df4ed2e8aceb068d0b5c2c63acbcefb76fe346ce1b3b0cbd6e6989962cd662
610abac5f91364f99c4e961fa13445d771b1ff8275d3ce71734f4b079610286f
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
67c34443f3670b6eaab5d7a3f7692b637c1f2367bb957be6cb397247853d9a9e
6941576fd1e5c3ab682f6337679130abcfdca173c4ae3368d12849d5fe817ce3
6a2ad268cfdffbb9570afbe1bc223d1e47db6b5ea734f5d7af02f2f183f90048
6b2c97d29f9cad3f180c2d0f467df328a1c4b8f0e7a697932a6ca500c49089e9
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cdd9ff0d35d7ccf8e2092985f761c9a06fc2126fd3caceed43adfac938a1a83
6ce8006f3571742a6891ba13084c53ec56bddb61d338b733847b1736da9456ac
6ea4929daf2c6a8f2b4fc57aac26f0e4f568e6658621d7562424de264af78364
6ec7f73704bdc9197c0fd706b64b41757a2677e17b6c5ba4d106cf74913d3c4d
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
73a087a010b8892350ba8ad31513f69291e6e24c5e6284aab77be74806d8d3a7
75f671774ddcb4c02d3b3240d1ac3227d1585d3dfe48f138be7791f8b929e9ed
793ee28befd8d5e8e63fb3f6abe7448e5c8c585eb745847d01db0230d83ee64d
7a36c6bd5894ade963b5ad277d5ce55a7aa56a7795d45fb7f154fc7d04e8a224
7a95e5dc491feccd5b4207687db11502e5bbb00e121da05d743e1097ed5c06cf
7c4ba33482794b59c27a4997518ab222f126d97d9601a6375d7793fc9c7d3a8e
7ecaf114224341c9e45b918471c5894a30fa6224884f7fb03ec2d1b543568eed
7f9e9939f4daa87d45b3ab1cc67fde1d1044e0dff5816f4819699894b657ed5e
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
82a9fb9242941c851fd4f753cd80b527001df16d7aa894c02471aaa926b35600
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84d31164652aa9b5f6644aaadfc19b8c8092c3a58a52faddf51ba2206a2a75c3
8661da35a849235b663a03e43f72bd3808f917e012686b4585e254bfd5c303a0
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8
895677130a22a616ba48a80d3531d374dc260769b1decf68da3706b71dd45753
8c54847eaed3dd4fd66967a2bedc95b625ef34f6e23196335f7a505b6c241468
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f89e0647be96ce565ccbc8db04c2dfde8d1746d0982c7fd377fb332d00c52e0
902dde5c61e28b2ea557a81ff2d3a2be505654f7a8d74b35c52410f47dc75f66
90ad6d012156e856030c2ed11488e2c82d716d7a518b2bfb652dd55ea3ddb70c
9709bc89c6d2e099bf95a95c489a867f8995fcda45c5e102191844c14e3f2036
981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3
99b2e12efbe13d844c223f6bd7c52cc4f0bdd2f7f7b25f5b6b83857b6067e5ea
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9cee9aaa8a57ca8aa96d72869bf3a58e31ab54aeccf25a51d2c20754893e8cf7
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
9fdc8d6e8ae6ab8c71d6c0efc802ec9eec8c9cbd50dfda8e0924684f1da0b51b
a0d37004fa6bf5c69e4acd559f3f6df47e277e8e946afbeb08cba376ce47e45d
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a34de1a7fa8ea23a916005e590bf982aa4fb0f645a6fa908c4144bd7074148ee
a3e2f6c4103c3cbcda310ad6141a28b95a0afd99ff65529544cb824de88d646f
a430a3f10ce490ee3be6f3159a368b22de00eb7089b4f7980e7de5bf943ad1d4
a533e6ac10f159c258a7737b2a63378e910622fcc61e6c90be14d6d95328fb64
aae36e0135bd89b347e31e575989c25a954a96c797c678610aeaa080694ba8de
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad9ae0374e0334d2511e951a2381a164fa87ce86594fc027d25a8624774c3c96
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6ddf48274bd04af2292ab4363ce45c514cad97b2092f40ba670c29c1a287d91
b7e85885b3b3d8ff8c3d1c65691518efd766eaf873ec72e2a8eefeb0660daa3e
ba2ad3ab1a3bc76b2d09ae1becfd7e6bd9d868eecc6af4d2fed12915d1d77315
bbf45b159c481fc534138527cac99d314213d0d8a338cd9dd97a7f8208bc512b
c149e7c3c14d02289c0fcee794b24d7bb2b2bf700798f9415122dc218e43fbd3
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb
c5bfe82e55d67ad0c94bc81efe21b32298adbb25186365201c6f7098122f3e65
c6f09b5e0a8818d04d7ce12d9aec5177b4b6119b99deb944f4ccfa0f206a1172
c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5
c8737b1ea22cd82e02253937128d8cb841c94414b9c771e6abadda4c6e361e05
c96a45e541dea432e80cf4168b402322ca35d935d47f69a97c06654a8e43f61f
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfd0e579226e8c77cbeae64562a4e7892442a3b1b2a232a3c130e7c46d0cf090
d0f59622e2b26255471d645d7d7f8d43af7ba7afcd7933e873bf6dd091b667e8
d53f3dc6e4629f3e65188362e6704efd15b7bd1483081583104b1bb1d4a54ec3
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
dc4d221c0a55d4986ad8bc0ecab574e7eb40db719a6030127615968ec27f4cb9
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
de6c4dcf1ac4ded78139ea8f01792bcc6b2fbd949cfdab2c5a761bca8a5c498d
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e
eb022ac36b1bf57a195a1748c283f23c68ca410ed78a78154b177ac976dcda6c
ed099a5a927a0e20bd69317f049b42cbac8332ea3bef2116ce910be15fff83bd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f436785bc97f2355685eb63b307df687c1527dadccab91b321c2244e3633b809
f677418329f1492ff13d5041c5872f1570eda43eaca5d1854a61de27385dab66
f6de9ced41ed54dbfc4f51abfeb65d843bd8dd33a45cbb773ecf5f92d065dd52
f6fcafb5921bce027b40054fed309c900565376c2a1caf4cbbdd06d033f43fea
f846fdb8d66b149cd8dcb996f062d88f1a7818985fe00a33f596dda6cdc38a79
fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e
fcaa1273e5fbfab14e5acc858caed9a1463119004313641333970e308f7bdabe
fd8fd413a00a64f547f27df5754883091e5624a8b69ad412675680e541e736cd