urlscan.io logo urlscan.io
SecurityTrails logo

www.bleepingcomputer.com Open in urlscan Pro
104.20.60.209  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Submission: On September 18 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 76 IPs in 7 countries across 52 domains to perform 271 HTTP transactions. The main IP is 104.20.60.209, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.bleepingcomputer.com.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on May 12th 2018. Valid for: 2 years.
This is the only time www.bleepingcomputer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.20.60.209 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
32 104.24.0.61 13335 (CLOUDFLAR...)
10 2a04:4e42:1b:... 54113 (FASTLY)
7 2606:2800:234... 15133 (EDGECAST)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
4 23.210.248.44 16625 (AKAMAI-AS)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 178.79.175.86 63949 (LINODE-AP...)
6 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:20b... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:205... 16509 (AMAZON-02)
1 54.236.131.34 14618 (AMAZON-AES)
1 2600:9000:205... 16509 (AMAZON-02)
2 13.35.253.27 16509 (AMAZON-02)
1 2 104.244.42.72 13414 (TWITTER)
4 2606:2800:134... 15133 (EDGECAST)
1 143.204.214.69 16509 (AMAZON-02)
3 54.86.195.52 14618 (AMAZON-AES)
3 3.222.65.212 14618 (AMAZON-AES)
5 35.188.71.214 15169 (GOOGLE)
1 143.204.214.60 16509 (AMAZON-02)
6 216.58.206.2 15169 (GOOGLE)
1 32 34.95.120.147 15169 (GOOGLE)
1 5 2.19.43.224 20940 (AKAMAI-ASN1)
4 99.86.1.198 16509 (AMAZON-02)
2 151.101.13.194 54113 (FASTLY)
2 13.35.253.87 16509 (AMAZON-02)
2 2a03:2880:f02... 32934 (FACEBOOK)
2 151.101.13.140 54113 (FASTLY)
1 52.2.31.64 14618 (AMAZON-AES)
2 35.226.36.58 15169 (GOOGLE)
1 35.156.206.192 16509 (AMAZON-02)
2 3.225.175.5 14618 (AMAZON-AES)
13 54.77.147.35 16509 (AMAZON-02)
4 104.16.68.69 13335 (CLOUDFLAR...)
4 37.252.173.22 29990 (ASN-APPNEXUS)
4 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2.18.234.21 16625 (AKAMAI-AS)
1 18.196.104.43 16509 (AMAZON-02)
17 3.120.6.212 16509 (AMAZON-02)
2 2a02:fa8:8806... 25751 (VALUECLICK)
7 69.173.144.142 26667 (RUBICONPR...)
2 185.64.189.112 62713 (AS-PUBMATIC)
1 2a00:1450:400... 15169 (GOOGLE)
1 91.228.74.210 27281 (QUANTCAST)
2 2.18.68.31 16625 (AKAMAI-AS)
1 2.18.234.163 16625 (AKAMAI-AS)
3 2a03:2880:f02... 32934 (FACEBOOK)
1 2600:9000:20b... 16509 (AMAZON-02)
1 3.217.22.176 14618 (AMAZON-AES)
3 2a03:2880:f12... 32934 (FACEBOOK)
7 13.32.145.226 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 54.194.54.228 16509 (AMAZON-02)
1 54.72.189.67 16509 (AMAZON-02)
1 85.91.44.119 27381 (CASALE-MEDIA)
2 185.29.133.223 30419 (MEDIAMATH...)
1 18.194.27.222 16509 (AMAZON-02)
1 136.243.51.222 24940 (HETZNER-AS)
4 2.18.233.201 16625 (AKAMAI-AS)
1 2 172.217.16.130 15169 (GOOGLE)
1 1 185.29.132.92 30419 (MEDIAMATH...)
1 104.111.241.32 16625 (AKAMAI-AS)
1 3 46.4.10.49 24940 (HETZNER-AS)
2 2.18.233.180 16625 (AKAMAI-AS)
2 52.20.101.210 14618 (AMAZON-AES)
4 2.18.232.130 16625 (AKAMAI-AS)
1 104.17.119.107 13335 (CLOUDFLAR...)
1 104.111.230.142 16625 (AKAMAI-AS)
1 1 143.204.214.17 16509 (AMAZON-02)
1 2 52.59.68.67 16509 (AMAZON-02)
271 76
1    104.20.60.209 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.bleepingcomputer.com
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
32    104.24.0.61 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.bleepstatic.com
10    2a04:4e42:1b::645 (Ascension Island)

ASN54113 (FASTLY - Fastly, US)
cdn.connatix.com
cdns.connatix.com
ck.connatix.com
i.connatix.com
7    2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
platform.twitter.com
1    2a00:1450:4001:819::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
1    2a00:1450:4001:818::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
cse.google.com
9    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com
adservice.google.de
www.googletagservices.com
4    23.210.248.44 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-210-248-44.deploy.static.akamaitechnologies.com
s9.addthis.com
v1.addthisedge.com
s7.addthis.com
2    2606:4700:20::6819:bf72 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
a.pub.network
1    178.79.175.86 (London, United Kingdom)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: nb-178-79-175-86.london.nodebalancer.linode.com
ecdn.analysis.fi
6    2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
1    2600:9000:20bb:a400:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
quantcast.mgr.consensu.org
2    2a00:1450:4001:819::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    2a00:1450:4001:824::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.com
3    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
googleads.g.doubleclick.net
2    2600:9000:2057:d800:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
static.quantcast.mgr.consensu.org
1    54.236.131.34 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-236-131-34.compute-1.amazonaws.com
core.connatix.com
1    2600:9000:2057:1600:1:af78:4c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
vendorlist.consensu.org
2    13.35.253.27 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-253-27.fra6.r.cloudfront.net
audit.quantcast.mgr.consensu.org
2    104.244.42.72 (United States)

ASN13414 (TWITTER - Twitter Inc., US)
syndication.twitter.com
4    2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
cdn.syndication.twimg.com
pbs.twimg.com
1    143.204.214.69 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-214-69.fra53.r.cloudfront.net
api.quantcast.mgr.consensu.org
3    54.86.195.52 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-86-195-52.compute-1.amazonaws.com
rtb.connatix.com
3    3.222.65.212 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-3-222-65-212.compute-1.amazonaws.com
trk.connatix.com
5    35.188.71.214 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 214.71.188.35.bc.googleusercontent.com
d.pub.network
1    143.204.214.60 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-214-60.fra53.r.cloudfront.net
freestar-io.videoplayerhub.com
6    216.58.206.2 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s20-in-f2.1e100.net
securepubads.g.doubleclick.net
32    34.95.120.147 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 147.120.95.34.bc.googleusercontent.com
connatix-d.openx.net
freestar-d.openx.net
eu-u.openx.net
5    2.19.43.224 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-19-43-224.deploy.static.akamaitechnologies.com
sb.scorecardresearch.com
4    99.86.1.198 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-99-86-1-198.fra6.r.cloudfront.net
c.amazon-adsystem.com
2    151.101.13.194 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
confiant-integrations.global.ssl.fastly.net
2    13.35.253.87 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-253-87.fra6.r.cloudfront.net
ad-delivery.net
2    2a03:2880:f02d:e:face:b00c:0:2 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
graph.facebook.com
2    151.101.13.140 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
www.reddit.com
1    52.2.31.64 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-2-31-64.compute-1.amazonaws.com
cluster-na.cdnjquery.com
2    35.226.36.58 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 58.36.226.35.bc.googleusercontent.com
c.pub.network
1    35.156.206.192 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-156-206-192.eu-central-1.compute.amazonaws.com
tlx.3lift.com
2    3.225.175.5 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-3-225-175-5.compute-1.amazonaws.com
display.bfmio.com
13    54.77.147.35 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-77-147-35.eu-west-1.compute.amazonaws.com
g2.gumgum.com
4    104.16.68.69 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
dmx.districtm.io
cdn.districtm.io
4    37.252.173.22 (Ascension Island)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
4    2606:4700:10::6814:8528 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
i.connectad.io
cdn.connectad.io
2    2.18.234.21 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
as-sec.casalemedia.com
1    18.196.104.43 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-196-104-43.eu-central-1.compute.amazonaws.com
hb.emxdgt.com
17    3.120.6.212 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-3-120-6-212.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
2    2a02:fa8:8806:16::1460 (Sweden)

ASN25751 (VALUECLICK - Conversant, Inc., US)
web.hb.ad.cpe.dotomi.com
7    69.173.144.142 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)
fastlane.rubiconproject.com
2    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)
hbopenbid.pubmatic.com
1    2a00:1450:4001:825::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
tpc.googlesyndication.com
1    91.228.74.210 (United Kingdom)

ASN27281 (QUANTCAST - Quantcast Corporation, US)
secure.quantserve.com
2    2.18.68.31 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-68-31.deploy.static.akamaitechnologies.com
hbx.media.net
1    2.18.234.163 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-163.deploy.static.akamaitechnologies.com
s.ntv.io
3    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
1    2600:9000:20bb:2a00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
rules.quantcount.com
1    3.217.22.176 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-3-217-22-176.compute-1.amazonaws.com
jadserve.postrelease.com
3    2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
7    13.32.145.226 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-145-226.fra56.r.cloudfront.net
video.unrulymedia.com
1    2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com
3    54.194.54.228 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-194-54-228.eu-west-1.compute.amazonaws.com
stats3.unrulymedia.com
1    54.72.189.67 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-72-189-67.eu-west-1.compute.amazonaws.com
targeting.unrulymedia.com
1    85.91.44.119 (Ascension Island)

ASN27381 (CASALE-MEDIA - Index Exchange Inc., CA)
a3187.casalemedia.com
2    185.29.133.223 (United Kingdom)

ASN30419 (MEDIAMATH-INC - MediaMath Inc, US)
tags.mathtag.com
1    18.194.27.222 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-194-27-222.eu-central-1.compute.amazonaws.com
protected-by.clarium.io
1    136.243.51.222 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.222.51.243.136.clients.your-server.de
hal9000.redintelligence.net
4    2.18.233.201 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
2    172.217.16.130 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s46-in-f2.1e100.net
cm.g.doubleclick.net
1    185.29.132.92 (United Kingdom)

ASN30419 (MEDIAMATH-INC - MediaMath Inc, US)
sync.mathtag.com
1    104.111.241.32 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-241-32.deploy.static.akamaitechnologies.com
stags.bluekai.com
3    46.4.10.49 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.49.10.4.46.clients.your-server.de
hal90001.redintelligence.net
2    2.18.233.180 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    52.20.101.210 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-20-101-210.compute-1.amazonaws.com
sync.bfmio.com
4    2.18.232.130 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    104.17.119.107 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
biddr.brealtime.com
1    104.111.230.142 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    143.204.214.17 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-214-17.fra53.r.cloudfront.net
ib.3lift.com
2    52.59.68.67 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-59-68-67.eu-central-1.compute.amazonaws.com
eb2.3lift.com
Apex Domain
Subdomains		 Transfer
32 openx.net
connatix-d.openx.net
freestar-d.openx.net
eu-u.openx.net
7 KB
32 bleepstatic.com
www.bleepstatic.com
576 KB
17 sharethrough.com
btlr.sharethrough.com
3 KB
17 connatix.com
cdn.connatix.com
cdns.connatix.com
ck.connatix.com
core.connatix.com
rtb.connatix.com
i.connatix.com
trk.connatix.com
775 KB
13 gumgum.com
g2.gumgum.com
7 KB
11 unrulymedia.com
video.unrulymedia.com
stats3.unrulymedia.com
targeting.unrulymedia.com
76 KB
11 doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net Failed
securepubads.g.doubleclick.net
86 KB
9 pub.network
a.pub.network
d.pub.network
c.pub.network
233 KB
9 twitter.com
platform.twitter.com
syndication.twitter.com
107 KB
8 rubiconproject.com
fastlane.rubiconproject.com
eus.rubiconproject.com
11 KB
8 adnxs.com
ib.adnxs.com
acdn.adnxs.com
5 KB
7 mathtag.com
tags.mathtag.com
pixel.mathtag.com
sync.mathtag.com
5 KB
7 consensu.org
quantcast.mgr.consensu.org
static.quantcast.mgr.consensu.org
vendorlist.consensu.org
audit.quantcast.mgr.consensu.org
api.quantcast.mgr.consensu.org
118 KB
6 gstatic.com
fonts.gstatic.com
59 KB
5 facebook.com
graph.facebook.com
www.facebook.com
1 KB
5 scorecardresearch.com
sb.scorecardresearch.com
4 KB
5 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
196 KB
4 redintelligence.net
hal9000.redintelligence.net
hal90001.redintelligence.net
5 KB
4 pubmatic.com
hbopenbid.pubmatic.com
ads.pubmatic.com
132 B
4 connectad.io
i.connectad.io
cdn.connectad.io
973 B
4 districtm.io
dmx.districtm.io
cdn.districtm.io
321 B
4 bfmio.com
display.bfmio.com
sync.bfmio.com
1 KB
4 3lift.com
tlx.3lift.com
ib.3lift.com
eb2.3lift.com
1 KB
4 amazon-adsystem.com
c.amazon-adsystem.com
25 KB
4 twimg.com
cdn.syndication.twimg.com
pbs.twimg.com
9 KB
4 googletagservices.com
www.googletagservices.com
100 KB
3 facebook.net
connect.facebook.net
120 KB
3 casalemedia.com
as-sec.casalemedia.com
a3187.casalemedia.com
3 KB
3 addthis.com
s9.addthis.com
s7.addthis.com
189 KB
3 google.com
www.google.com
cse.google.com
adservice.google.com
2 KB
2 media.net
hbx.media.net
7 KB
2 dotomi.com
web.hb.ad.cpe.dotomi.com
1 KB
2 reddit.com
www.reddit.com
951 B
2 ad-delivery.net
ad-delivery.net
1 KB
2 fastly.net
confiant-integrations.global.ssl.fastly.net
46 KB
2 google-analytics.com
www.google-analytics.com
18 KB
2 googleapis.com
fonts.googleapis.com
ajax.googleapis.com
31 KB
1 brealtime.com
biddr.brealtime.com
1 bluekai.com
stags.bluekai.com
753 B
1 clarium.io
protected-by.clarium.io
345 B
1 postrelease.com
jadserve.postrelease.com
526 B
1 quantcount.com
rules.quantcount.com
1 KB
1 ntv.io
s.ntv.io
83 KB
1 quantserve.com
secure.quantserve.com
6 KB
1 emxdgt.com
hb.emxdgt.com
316 B
1 cdnjquery.com
cluster-na.cdnjquery.com
356 B
1 videoplayerhub.com
freestar-io.videoplayerhub.com
17 KB
1 addthisedge.com
v1.addthisedge.com
924 B
1 google.de
adservice.google.de
171 B
1 analysis.fi
ecdn.analysis.fi
1 KB
1 googletagmanager.com
www.googletagmanager.com
27 KB
1 bleepingcomputer.com
www.bleepingcomputer.com
15 KB
271 52
Domain Requested by
32 www.bleepstatic.com www.bleepingcomputer.com
cdn.connatix.com
platform.twitter.com
www.bleepstatic.com
pagead2.googlesyndication.com
27 connatix-d.openx.net cdns.connatix.com
17 btlr.sharethrough.com a.pub.network
13 g2.gumgum.com a.pub.network
7 video.unrulymedia.com securepubads.g.doubleclick.net
video.unrulymedia.com
ajax.googleapis.com
confiant-integrations.global.ssl.fastly.net
7 fastlane.rubiconproject.com a.pub.network
7 i.connatix.com www.bleepingcomputer.com
7 platform.twitter.com www.bleepingcomputer.com
platform.twitter.com
6 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.bleepingcomputer.com
6 fonts.gstatic.com www.bleepingcomputer.com
platform.twitter.com
5 sb.scorecardresearch.com 1 redirects www.bleepingcomputer.com
a.pub.network
5 d.pub.network a.pub.network
4 acdn.adnxs.com a.pub.network
4 pixel.mathtag.com www.bleepingcomputer.com
pixel.mathtag.com
4 ib.adnxs.com a.pub.network
4 c.amazon-adsystem.com a.pub.network
c.amazon-adsystem.com
4 www.googletagservices.com pagead2.googlesyndication.com
a.pub.network
securepubads.g.doubleclick.net
4 pagead2.googlesyndication.com www.bleepingcomputer.com
pagead2.googlesyndication.com
3 eu-u.openx.net 1 redirects a.pub.network
3 hal90001.redintelligence.net 1 redirects www.bleepingcomputer.com
3 stats3.unrulymedia.com www.bleepingcomputer.com
3 www.facebook.com connect.facebook.net
3 connect.facebook.net a.pub.network
connect.facebook.net
3 pbs.twimg.com www.bleepingcomputer.com
3 trk.connatix.com www.bleepingcomputer.com
3 rtb.connatix.com cdns.connatix.com
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 eb2.3lift.com 1 redirects a.pub.network
2 sync.bfmio.com a.pub.network
2 cdn.connectad.io a.pub.network
2 ads.pubmatic.com a.pub.network
2 cdn.districtm.io a.pub.network
2 tags.mathtag.com www.bleepingcomputer.com
2 hbx.media.net a.pub.network
hbx.media.net
2 hbopenbid.pubmatic.com a.pub.network
2 web.hb.ad.cpe.dotomi.com a.pub.network
2 freestar-d.openx.net a.pub.network
2 as-sec.casalemedia.com a.pub.network
2 i.connectad.io a.pub.network
2 dmx.districtm.io a.pub.network
2 display.bfmio.com a.pub.network
2 c.pub.network a.pub.network
2 www.reddit.com s9.addthis.com
2 graph.facebook.com s9.addthis.com
2 ad-delivery.net freestar-io.videoplayerhub.com
www.bleepingcomputer.com
2 confiant-integrations.global.ssl.fastly.net a.pub.network
confiant-integrations.global.ssl.fastly.net
2 cm.g.doubleclick.net www.bleepingcomputer.com
2 s7.addthis.com s9.addthis.com
confiant-integrations.global.ssl.fastly.net
2 syndication.twitter.com 1 redirects www.bleepingcomputer.com
2 audit.quantcast.mgr.consensu.org static.quantcast.mgr.consensu.org
2 static.quantcast.mgr.consensu.org quantcast.mgr.consensu.org
2 www.google-analytics.com www.googletagmanager.com
www.bleepingcomputer.com
2 a.pub.network www.bleepingcomputer.com
a.pub.network
1 ib.3lift.com 1 redirects
1 eus.rubiconproject.com a.pub.network
1 biddr.brealtime.com a.pub.network
1 stags.bluekai.com www.bleepingcomputer.com
1 sync.mathtag.com 1 redirects
1 hal9000.redintelligence.net www.bleepingcomputer.com
1 protected-by.clarium.io www.bleepingcomputer.com
1 a3187.casalemedia.com www.bleepingcomputer.com
1 targeting.unrulymedia.com video.unrulymedia.com
1 ajax.googleapis.com video.unrulymedia.com
1 jadserve.postrelease.com confiant-integrations.global.ssl.fastly.net
1 rules.quantcount.com secure.quantserve.com
1 s.ntv.io a.pub.network
1 secure.quantserve.com a.pub.network
1 tpc.googlesyndication.com confiant-integrations.global.ssl.fastly.net
1 hb.emxdgt.com a.pub.network
1 tlx.3lift.com a.pub.network
1 cluster-na.cdnjquery.com freestar-io.videoplayerhub.com
1 freestar-io.videoplayerhub.com a.pub.network
1 api.quantcast.mgr.consensu.org quantcast.mgr.consensu.org
1 cdn.syndication.twimg.com platform.twitter.com
1 vendorlist.consensu.org quantcast.mgr.consensu.org
1 v1.addthisedge.com s9.addthis.com
1 core.connatix.com cdns.connatix.com
1 ck.connatix.com cdns.connatix.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 quantcast.mgr.consensu.org www.bleepstatic.com
1 cdns.connatix.com cdn.connatix.com
1 ecdn.analysis.fi www.bleepingcomputer.com
1 s9.addthis.com www.bleepingcomputer.com
1 cse.google.com www.bleepingcomputer.com
1 www.google.com 1 redirects
1 www.googletagmanager.com www.bleepingcomputer.com
1 cdn.connatix.com www.bleepingcomputer.com
1 fonts.googleapis.com www.bleepingcomputer.com
1 www.bleepingcomputer.com
271 90
Subject Issuer Validity Valid
bleepingcomputer.com
COMODO RSA Domain Validation Secure Server CA		 2018-05-12 -
2020-05-17		 2 years crt.sh
*.googleapis.com
GTS CA 1O1		 2019-08-23 -
2019-11-21		 3 months crt.sh
ssl391376.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-09-01 -
2020-03-09		 6 months crt.sh
*.connatix.com
Go Daddy Secure Certificate Authority - G2		 2018-08-20 -
2019-10-19		 a year crt.sh
*.twimg.com
DigiCert SHA2 High Assurance Server CA		 2018-11-19 -
2019-11-27		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-08-23 -
2019-11-21		 3 months crt.sh
*.google.com
GTS CA 1O1		 2019-08-23 -
2019-11-21		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2019-08-23 -
2019-11-21		 3 months crt.sh
odc-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2019-06-06 -
2020-09-04		 a year crt.sh
ssl376957.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-07-09 -
2020-01-15		 6 months crt.sh
*.analysis.fi
Sectigo RSA Domain Validation Secure Server CA		 2019-06-13 -
2020-06-12		 a year crt.sh
quantcast.mgr.consensu.org
Amazon		 2019-05-06 -
2020-06-06		 a year crt.sh
vendorlist.consensu.org
Amazon		 2019-03-06 -
2020-04-06		 a year crt.sh
syndication.twitter.com
DigiCert SHA2 High Assurance Server CA		 2019-04-09 -
2020-04-01		 a year crt.sh
*.pub.network
Go Daddy Secure Certificate Authority - G2		 2019-02-09 -
2020-05-16		 a year crt.sh
*.videoplayerhub.com
Amazon		 2019-07-18 -
2020-08-18		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2018-01-04 -
2020-07-09		 3 years crt.sh
*.scorecardresearch.com
COMODO RSA Organization Validation Secure Server CA		 2018-11-28 -
2019-12-26		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2018-12-18 -
2019-11-21		 a year crt.sh
*.freetls.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-01-02 -
2020-01-03		 a year crt.sh
ad-delivery.net
Amazon		 2019-03-07 -
2020-04-07		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-08-24 -
2019-10-19		 2 months crt.sh
*.reddit.com
DigiCert SHA2 Secure Server CA		 2018-08-17 -
2020-09-02		 2 years crt.sh
*.assetbucket.net
Amazon		 2019-09-11 -
2020-10-11		 a year crt.sh
*.3lift.com
Amazon		 2019-07-17 -
2020-08-17		 a year crt.sh
*.bfmio.com
Amazon		 2019-06-19 -
2020-07-19		 a year crt.sh
*.gumgum.com
Amazon		 2019-07-31 -
2020-08-31		 a year crt.sh
districtm.io
CloudFlare Inc ECC CA-2		 2019-03-26 -
2020-03-26		 a year crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA		 2019-01-23 -
2021-03-08		 2 years crt.sh
connectad.io
CloudFlare Inc ECC CA-2		 2019-07-18 -
2020-07-17		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2019-07-17 -
2020-03-09		 8 months crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2019-07-17 -
2020-07-17		 a year crt.sh
*.sharethrough.com
Go Daddy Secure Certificate Authority - G2		 2018-09-18 -
2019-11-17		 a year crt.sh
ad.cpe.dotomi.com
GlobalSign Organization Validation CA - SHA256 - G2		 2018-05-25 -
2020-05-25		 2 years crt.sh
*.rubiconproject.com
DigiCert SHA2 Secure Server CA		 2019-01-10 -
2021-01-14		 2 years crt.sh
*.pubmatic.com
Sectigo RSA Organization Validation Secure Server CA		 2019-02-22 -
2021-02-21		 2 years crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2019-08-23 -
2019-11-21		 3 months crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2018-10-16 -
2019-10-21		 a year crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2018-12-30 -
2020-03-30		 a year crt.sh
*.ntv.io
DigiCert SHA2 Secure Server CA		 2018-06-12 -
2019-12-11		 a year crt.sh
*.postrelease.com
Amazon		 2019-03-27 -
2020-04-27		 a year crt.sh
*.unrulymedia.com
DigiCert SHA2 Secure Server CA		 2017-08-30 -
2020-11-27		 3 years crt.sh
*.casalemedia.com
Go Daddy Secure Certificate Authority - G2		 2016-12-13 -
2019-12-13		 3 years crt.sh
*.mathtag.com
DigiCert SHA2 Secure Server CA		 2018-01-26 -
2020-04-16		 2 years crt.sh
protected-by.clarium.io
Gandi Standard SSL CA 2		 2018-04-26 -
2020-04-26		 2 years crt.sh
*.redintelligence.net
Go Daddy Secure Certificate Authority - G2		 2019-03-22 -
2020-03-22		 a year crt.sh
pixel.mathtag.com
DigiCert SHA2 Secure Server CA		 2019-01-25 -
2020-04-25		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2019-04-23 -
2020-02-19		 10 months crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2017-03-22 -
2020-03-22		 3 years crt.sh

This page contains 35 frames:

Primary Page: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Frame ID: 8C0965237B19C1810CC165D532432DA1
Requests: 192 HTTP requests in this frame

Frame: https://cdns.connatix.com/p/1724/min/connatix.renderer.infeed.min_dc.js
Frame ID: CF3B09CDC0BA0A18BE894125616929E8
Requests: 36 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20190916/r20190131/show_ads_impl.js
Frame ID: 8E17DB2BC82C798DAD39663BBCFFFBC2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20190916/r20190131/zrt_lookup.html
Frame ID: 20F6A49F70D78F00A67C4E9F0F7E4D0E
Requests: 1 HTTP requests in this frame

Frame: https://static.quantcast.mgr.consensu.org/v25/cmp-3pc-check.html
Frame ID: 8A4628086C2CB98DAB7F265C26D20977
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.d6364fae9340b0be5f13818370141fd0.html?origin=https%3A%2F%2Fwww.bleepingcomputer.com
Frame ID: C51CF35310D97443E03F2494B403B256
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1566571145&rafmt=9&guci=1.2.0.0.2.2.0.0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&adsid=NT&dt=1568802186806&bpp=23&bdt=211&fdt=176&idt=176&shv=r20190916&cbv=r20190131&saldr=aa&abxe=1&correlator=1773332346897&frm=20&pv=2&ga_vid=1642976656.1568802187&ga_sid=1568802187&ga_hid=1897262523&ga_fc=0&iag=0&icsg=2629632&dssz=41&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=208&ady=5395&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=1&uci=1.jdu62hil2as2&fsb=1&xpc=W3kT23GCa0&p=https%3A//www.bleepingcomputer.com&dtd=191
Frame ID: D19E7E8214356DF8D1F1F84EBA381DEF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&adk=1812271804&adf=3025194257&lmt=1566571145&plat=1%3A32776%2C2%3A16809992%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A34635776&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1568802186914&bpp=13&bdt=319&fdt=111&idt=111&shv=r20190916&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=834x500&nras=1&correlator=1773332346897&frm=20&pv=1&ga_vid=1642976656.1568802187&ga_sid=1568802187&ga_hid=1897262523&ga_fc=0&iag=0&icsg=2251799855636480&dssz=44&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=1&uci=1.22oyqhtdgvq1&fsb=1&dtd=115
Frame ID: DAB829D30FF4FB54952CDAF77D8C474E
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: 3DC5C584803CD9600F013456122665C3
Requests: 1 HTTP requests in this frame

Frame: https://hbx.media.net/checksync.php?&vsSync=1&cs=1&hb=1&cv=37&ndec=1&cid=8CUFH1GPH&prvid=56%2C70%2C77%2C80%2C82%2C97%2C99%2C109%2C111%2C112%2C113%2C139%2C154%2C157%2C159%2C175%2C178%2C10000&https=1&gdpr=1&gdprconsent=2
Frame ID: D2DFAD65BE17F53E4F8B30E2AC165A71
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvi4tx_ybpZGG4QL70QBtHO66xLl9fdFREfRa-KQiAH-ug-bjBhVpGEgWZKb1fAgysiBOYjhXWwV05uTmIjcavCpwlLwNk63mG7ej-0Ip2i2RaMLc8U33YFFYjZnh0aIjnD28-SyV6qezeMKc2k67Dz0NOgeBg1e56q1_fE7wSaDHltIkL_2gU1Ft-KM1L42w1c--I9wVbEWfOQ-5HJT5luTmgBL7LBUlkdQ1CelwAUiG6TPAvwrAqTeCtRWeWozhDn2d3_XeM5ntmvGknhRrr_lJKdww&sig=Cg0ArKJSzHkGF9qdOEfDEAE&urlfix=1&adurl=
Frame ID: AE8B6B8DB8F38CF55EF700411B911C5E
Requests: 5 HTTP requests in this frame

Frame: https://video.unrulymedia.com/native/et_v1.0.1506-0-g3694911.js
Frame ID: 8EEB1F9A9FCB43B8BACC1A66E1F18DB5
Requests: 9 HTTP requests in this frame

Frame: https://video.unrulymedia.com/iframes/third-party-iframes.html?h=v1.0.1506-0-g3694911&siteId=1101818
Frame ID: D7F86699C8D05A1AA4A84CABADD7A9DE
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 035181ED295ADF803CBBAAD7855324DC
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst69muZr5fw8ONeRScEaeVXomD52c-9O0xQlk4BJmjIMSqq4uBA9tps5EJUr9Hsso2tgrYt87b34yQSpmVCqjbkuLptuoAPEWDiKl77vV7olLvam9f2WTADhmBEPdk8Xdy8iDJKXs4vPAJTVs5Zh6nFOSuXwKMu99s6rDScnE_V22RCXa-qZ1l9YRm2iZv3UYG-CQ6s2KzrcYG67Fe4E4gYAgSMLaWjpD2BApjB6xK4NI1R3CCxLkOuudWeOk1y1zr0PY6PUSOELgDUG9D8BdZsLDX2TgmLNOzwg-AMxHEW93GdZLrrWfEh5JnH&sig=Cg0ArKJSzHVEDyeGf5jJEAE&urlfix=1&adurl=
Frame ID: FD6C75ED559B46B2D5F9FC29E9DFA3FF
Requests: 14 HTTP requests in this frame

Frame: https://a3187.casalemedia.com/ifnotify?gdprconsent=1&c=1323407&r=C07DD112&t=5D82058D&u=WFlJRmpWVmJMSGNBQUY4ZWVlWUFBQUF0&m=26436fdd74e9783f617ca0dbcce7ca50&wp=2&aid=6F1A934639DFA91D&tid=15063&s=6015A&cp=0.02&n=www.bleepingcomputer.com&pr=xx&epr=14528a0d8f37c648
Frame ID: B9F1F83922B0B05D695672CEC04B7292
Requests: 1 HTTP requests in this frame

Frame: https://hal90001.redintelligence.net/request_content.php?s=14557600084842001041198010990001&a=a029617d
Frame ID: 5E2591D440A4A5A471E963D7C9D24FB6
Requests: 1 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?mt_uuid=10825d82-0333-4f00-8aaf-f187f5b1c6bd&no_iframe=1&mt_lim=5
Frame ID: 570F815ACE32533CF4A4D932D32AF1FE
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 80A64230B0A9558F1DBD7F2D8583E07E
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
Frame ID: 231BB825C9C0A3B7762579E82315CC77
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 4F084D1C216FEEA5348F94695962F085
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: 1BE7FE1FBA704360D035A4D255260C39
Requests: 1 HTTP requests in this frame

Frame: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Freestar+-+Header+Bidding+-+Display&gdpr=0&gc=&gce=1&cb=1568802189394
Frame ID: 69AE0FB0A953F5B06C1C20EF5B0D54FA
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: D2E1A28C224319CA68C748F5D424C25B
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: 37DC771AAF24931B7EA27629184AB090
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: DC42E3BCC9EF29C1DC7794AAF8215C73
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 927F0CFE9E3EE40BA110A4D1B95925E2
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 17EF05AD679FD1E3901912EA6562549A
Requests: 1 HTTP requests in this frame

Frame: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Freestar+-+Header+Bidding+-+Display&gdpr=0&gc=&gce=1&cb=1568802189491
Frame ID: D5754930811E30F0EC57A537C780CFF9
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 4201F5C2A22D82D71314273C4214E935
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 87729A49BE85FFFF51BE71CEA145B209
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 2E267ABFA600FA5A0130CC4DCB1C82E2
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 11533461F25CDAD6B412DE712A69677F
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 3522AA46B89FCD1F40DD832847AEDF00
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
Frame ID: 73714A4A658E052CC82C5086BBED4FE8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /\.quantserve\.com\/quant\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/\/platform\.twitter\.com\/widgets\.js/i
Overall confidence: 100%
Detected patterns
  • html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
  • script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

271
Requests

100 %
HTTPS

31 %
IPv6

52
Domains

90
Subdomains

76
IPs

7
Countries

2978 kB
Transfer

7161 kB
Size

17
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en HTTP 302
  • https://cse.google.com/coop/cse/brand?form=cse-search-box&lang=en
Request Chain 84
  • https://connatix-d.openx.net/v/1.0/av?auid=540193964&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&cb=7889d696ae13e2ec4d131568802187271&vwd=834&vht=469&gdpr=1&gdpr_consent=0 HTTP 302
  • https://connatix-d.openx.net/v/1.0/av?cc=1&auid=540193964&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&cb=7889d696ae13e2ec4d131568802187271&vwd=834&vht=469&gdpr=1&gdpr_consent=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
Request Chain 107
  • https://sb.scorecardresearch.com/p?c1=2&c2=17958079&ns_ap_an=ConnatixWeb&ns_ap_bi=*null&ns_type=hidden&ns_st_sv=6.1.1.171219&ns_st_smv=5.8&ns_st_it=r&ns_st_id=1568802187549&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=30000&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.1.1.171219&ns_st_pn=1&ns_st_tp=0&ns_st_ci=v_639404&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_ts=1568802187550&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=1&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=BleepingComputer%20Highlights%20Feed%20-%20Daily%20Highlights&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc11&ns_st_ge=*null&ns_st_st=*null&ns_st_ce=*null&ns_st_ia=*null&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=Connatix&ns_st_ti=*null&c3=*null&c4=*null&c6=*null&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&c8=&c9=&cs_ucfr=0 HTTP 302
  • https://sb.scorecardresearch.com/p2?c1=2&c2=17958079&ns_ap_an=ConnatixWeb&ns_ap_bi=*null&ns_type=hidden&ns_st_sv=6.1.1.171219&ns_st_smv=5.8&ns_st_it=r&ns_st_id=1568802187549&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=30000&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.1.1.171219&ns_st_pn=1&ns_st_tp=0&ns_st_ci=v_639404&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_ts=1568802187550&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=1&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=BleepingComputer%20Highlights%20Feed%20-%20Daily%20Highlights&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc11&ns_st_ge=*null&ns_st_st=*null&ns_st_ce=*null&ns_st_ia=*null&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=Connatix&ns_st_ti=*null&c3=*null&c4=*null&c6=*null&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&c8=&c9=&cs_ucfr=0
Request Chain 116
  • https://syndication.twitter.com/i/jot HTTP 302
  • https://platform.twitter.com/jot.html
Request Chain 254
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_cm&google_hm=MDBjOThhZDMtNmExMS02YWFhLTAwMDAtMDAwMDAwMDAwMDAw&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=4&mt_ec=64ws&mt_exuid=&gdpr=0&gdpr_consent=&google_gid=CAESECD5LFieXNMgL0BUQIGRRJE&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=EIJdggMzTwCKr_GH9bHGvQ
Request Chain 257
  • https://hal90001.redintelligence.net/request.php?zone=qjrb633sv5h8&nw=20&renderingType=javascript&namespace=696817d977&subid=&uid=d83d20633d495d4d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6429967665884088973%26mt_id%3D6816004%26mt_adid%3D216536%26mt_sid%3D4739619%26mt_exid%3D15%26mt_inapp%3D0%26mt_uuid%3D10825d82-0333-4f00-8aaf-f187f5b1c6bd%26redirect%3D&documentReferer=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&ancestorOrigins=https%3A%2F%2Fwww.bleepingcomputer.com&random=2075575171439&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal90001.redintelligence.net/request.php?zone=qjrb633sv5h8&nw=20&renderingType=javascript&namespace=696817d977&subid=&uid=d83d20633d495d4d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6429967665884088973%26mt_id%3D6816004%26mt_adid%3D216536%26mt_sid%3D4739619%26mt_exid%3D15%26mt_inapp%3D0%26mt_uuid%3D10825d82-0333-4f00-8aaf-f187f5b1c6bd%26redirect%3D&documentReferer=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&ancestorOrigins=https%3A%2F%2Fwww.bleepingcomputer.com&random=2075575171439&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 268
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1 HTTP 302
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
Request Chain 282
  • https://ib.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1

271 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/ 		66 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.60.209 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b79833f34aa21fd056a7e20d93c184a59c8a9fe462de04c6f7ea6fa8f83ad1df
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
www.bleepingcomputer.com
:scheme
https
:path
/news/security/emotet-botnet-is-back-servers-active-across-the-world/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
navigate
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

status
200
date
Wed, 18 Sep 2019 10:23:06 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d7a0518de88065483552aa88e0c8e215f1568802185; expires=Thu, 17-Sep-20 10:23:05 GMT; path=/; domain=.bleepingcomputer.com; HttpOnly session_id=b781e79de90229d62fc8811b295c7c67; path=/; domain=.bleepingcomputer.com; httponly;Secure lav=6666; expires=Fri, 18-Oct-2019 10:23:06 GMT; Max-Age=2592000; path=/;Secure
content-security-policy
upgrade-insecure-requests;
x-frame-options
SAMEORIGIN
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
expires
0
last-modified
Fri, 23 Aug 2019 14:39:05 GMT
vary
Accept-Encoding,User-Agent
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
51829a3e3ff8bd91-AMS
content-encoding
br
css
fonts.googleapis.com/ 		14 KB
897 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
d229886fc63edf6b95865ad6a9e90b589ca7585d2203bc61b69f73f61f746830
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 18 Sep 2019 10:23:06 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Wed, 18 Sep 2019 10:23:06 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection
0
expires
Wed, 18 Sep 2019 10:23:06 GMT
bootstrap.css
www.bleepstatic.com/css/redesign/ 		111 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/css/redesign/bootstrap.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e7c74d95df84ef3a6be5c4fcde54fae313a04a9bd611059e6a97a23ff09f26f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:06 GMT
content-encoding
br
cf-cache-status
HIT
age
107712
cf-polished
origSize=137522
status
200
last-modified
Fri, 23 Sep 2016 14:33:06 GMT
server
cloudflare
etag
W/"2184297232"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
expires
Tue, 26 Mar 2019 04:25:05 GMT
cache-control
max-age=3024000
cf-ray
51829a4288bec853-AMS
cf-bgj
minify
main.css
www.bleepstatic.com/css/redesign/ 		51 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9e727b37a735a7983ea8bdad06a38b246261c239bb80b86cc0ff3663c910adb

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:06 GMT
content-encoding
br
cf-cache-status
HIT
age
1144674
cf-polished
origSize=60842
status
200
last-modified
Thu, 16 Aug 2018 15:28:40 GMT
server
cloudflare
etag
W/"4249134023"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
expires
Thu, 14 Mar 2019 04:21:16 GMT
cache-control
max-age=3024000
cf-ray
51829a4288bfc853-AMS
cf-bgj
minify
home.css
www.bleepstatic.com/css/redesign/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/css/redesign/home.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3498f138f5418bd58413e79e4c0969e618d6f2fee2d9d98c0f4e70a6cbd04ad

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:06 GMT
content-encoding
br
cf-cache-status
HIT
age
2982961
cf-polished
origSize=14998
status
200
last-modified
Sat, 24 Mar 2018 16:18:00 GMT
server
cloudflare
etag
W/"2402535603"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
expires
Wed, 27 Mar 2019 21:45:08 GMT
cache-control
max-age=3024000
cf-ray
51829a4288c0c853-AMS
cf-bgj
minify
news.css
www.bleepstatic.com/css/redesign/ 		27 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/css/redesign/news.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c237e0ee4bb4f57215b8ea2c46b4c70b62bfdc6753cc019971ded30e06c96246

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:06 GMT
content-encoding
br
cf-cache-status
HIT
age
2824607
cf-polished
origSize=32759
status
200
last-modified
Fri, 09 Aug 2019 18:26:37 GMT
server
cloudflare
etag
W/"3737855504"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
expires
Fri, 20 Sep 2019 17:46:18 GMT
cache-control
max-age=3024000
cf-ray
51829a4288c1c853-AMS
cf-bgj
minify
jquery-1.11.1.min.js
www.bleepstatic.com/js/redesign/ 		94 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/jquery-1.11.1.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 23 Apr 2015 12:36:44 GMT
server
cloudflare
age
2914074
status
200
etag
W/"3647451394"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
51829a4288c2c853-AMS
expires
Thu, 28 Mar 2019 16:53:04 GMT
news.js
www.bleepstatic.com/js/redesign/ 		183 B
252 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/news.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
827252be04765631f8ff21fee8ffe1028e27dfa52f62c08ef3182609a0a0e991

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:06 GMT
content-encoding
br
cf-cache-status
HIT
age
536816
cf-polished
origSize=247
status
200
last-modified
Wed, 16 Dec 2015 15:41:46 GMT
server
cloudflare
etag
W/"4218930423"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
expires
Thu, 21 Mar 2019 05:10:14 GMT
cache-control
max-age=3024000
cf-ray
51829a4288c4c853-AMS
cf-bgj
minify
connatix.renderer.infeed.min.js
cdn.connatix.com/min/ 		957 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.connatix.com/min/connatix.renderer.infeed.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::645 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Varnish /
Resource Hash
444d73420e7332d529b73c2d01f065e99031764eb10ec6b1c6b52065747f865b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:06 GMT
via
1.1 varnish
server
Varnish
age
0
x-served-by
cache-hhn4056-HHN
x-cache
HIT
content-type
application/javascript
status
200
x-referer-host
bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
accept-ranges
bytes
x-timer
S1568802187.618719,VS0,VE0
content-length
957
retry-after
0
x-cache-hits
0
widgets.js
platform.twitter.com/ 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40DF) /
Resource Hash
45491009ecacd44a68ce929f718ec44a30d50b204a1c0302871ea801a2410171

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Sep 2019 10:23:06 GMT
Content-Encoding
gzip
Last-Modified
Tue, 17 Sep 2019 17:14:55 GMT
Server
ECS (fcn/40DF)
Etag
"2de633c541519a6e0e3cc9b2a90013da+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Content-Type
application/javascript; charset=utf-8
Content-Length
28608
qc-consent.js
www.bleepstatic.com/js/qc-consent/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/qc-consent/qc-consent.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b6a84a416edfb98ed7608dad8cd26ffd7123e54bce2bb13a4a3394e0b948382

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:06 GMT
content-encoding
br
cf-cache-status
HIT
age
29433
cf-polished
origSize=3848
status
200
last-modified
Thu, 07 Feb 2019 13:49:44 GMT
server
cloudflare
etag
W/"3981350888"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
expires
Wed, 27 Mar 2019 02:09:12 GMT
cache-control
max-age=3024000
cf-ray
51829a42f99fc853-AMS
cf-bgj
minify
js
www.googletagmanager.com/gtag/ 		69 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-91740-1
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1903602c3145b18067c0ca07595f5096a29ce615fcd72dab63784695b4c9eae8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:06 GMT
content-encoding
br
last-modified
Wed, 18 Sep 2019 09:00:00 GMT
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
27177
x-xss-protection
0
expires
Wed, 18 Sep 2019 10:23:06 GMT
logo.png
www.bleepstatic.com/images/site/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/logo.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
19db4a2cde712e2ceaac317e732b4ec40b62818a938a8bf8391ad68470845019

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:06 GMT
cf-cache-status
HIT
age
722658
cf-polished
origFmt=png, origSize=1882
status
200
content-disposition
inline; filename="logo.webp"
content-length
1152
last-modified
Sat, 04 Mar 2017 04:12:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
expires
Sun, 11 Aug 2019 01:38:27 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
51829a42f9a1c853-AMS
cf-bgj
imgq:85
brand
cse.google.com/coop/cse/
Redirect Chain
  • https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en
  • https://cse.google.com/coop/cse/brand?form=cse-search-box&lang=en
3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/coop/cse/brand?form=cse-search-box&lang=en
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
pfe /
Resource Hash
4eeb4df3522892ea2ec61de6a58e870e8262019f8e3c759c099450cefb589313
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:03:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
pfe
age
1192
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, max-age=1800
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
1181
x-xss-protection
0
expires
Wed, 18 Sep 2019 10:33:14 GMT

Redirect headers

date
Wed, 18 Sep 2019 10:23:06 GMT
x-content-type-options
nosniff
server
sffe
status
302
content-type
text/html; charset=UTF-8
location
https://cse.google.com/coop/cse/brand?form=cse-search-box&lang=en
cache-control
private
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
266
x-xss-protection
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		95 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ea6dec8a911924c0098fa147b9c983693d079299d19a9e89ee23a913e6f352e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
35325
x-xss-protection
0
server
cafe
etag
5424778929673075744
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 18 Sep 2019 10:23:06 GMT
twitter.png
www.bleepstatic.com/images/site/login/ 		475 B
615 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/login/twitter.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9278e008fc4edcd157a9a7b3f5dfbd75c167f405d11296e19c313dc5d052cc2

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:06 GMT
cf-cache-status
HIT
last-modified
Sat, 04 Mar 2017 20:46:52 GMT
server
cloudflare
age
2286084
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
51829a42f9a2c853-AMS
content-length
475
expires
Fri, 24 May 2019 23:15:26 GMT
bootstrap.js
www.bleepstatic.com/js/redesign/ 		44 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/bootstrap.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5e0f326458e8b8ed839d42a0cf6892df80bf26d7dc7e4f8276a65c41582ab85

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:06 GMT
content-encoding
br
cf-cache-status
HIT
age
2956039
cf-polished
origSize=65813
status
200
last-modified
Thu, 23 Apr 2015 12:36:43 GMT
server
cloudflare
etag
W/"3930092018"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
expires
Thu, 28 Mar 2019 05:13:57 GMT
cache-control
max-age=3024000
cf-ray
51829a42f9a3c853-AMS
cf-bgj
minify
blazy.min.js
www.bleepstatic.com/js/blazy/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/blazy/blazy.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f427d0f88a0698c955ff63bf13af4ca80c9b32f218b5e210847450da901a74f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 16 Aug 2018 21:06:19 GMT
server
cloudflare
age
2944200
status
200
etag
W/"753357888"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
51829a42b910c853-AMS
expires
Thu, 28 Mar 2019 08:32:18 GMT
bleep.js
www.bleepstatic.com/js/redesign/ 		3 KB
800 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/bleep.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
22e977346d45bab9f531ce1132d7ecfbe8e46868eaea790a0d4dcd1d0649d74b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:06 GMT
content-encoding
br
cf-cache-status
HIT
age
451693
cf-polished
origSize=3600
status
200
last-modified
Mon, 01 Oct 2018 12:47:57 GMT
server
cloudflare
etag
W/"2696894447"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
expires
Fri, 22 Mar 2019 04:49:09 GMT
cache-control
max-age=3024000
cf-ray
51829a42f9a4c853-AMS
cf-bgj
minify
jquery.fancybox.js
www.bleepstatic.com/js/redesign/fancybox/ 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/fancybox/jquery.fancybox.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
31cd7d9398307ca2e6cfaa111bbe7b69d69cbaaed2ff74034412ebc5008671fd

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:06 GMT
content-encoding
br
cf-cache-status
HIT
age
190376
cf-polished
origSize=48706
status
200
last-modified
Wed, 14 Oct 2015 20:25:51 GMT
server
cloudflare
etag
W/"327140449"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
expires
Mon, 25 Mar 2019 04:42:04 GMT
cache-control
max-age=3024000
cf-ray
51829a42f9a6c853-AMS
cf-bgj
minify
fixto.min.js
www.bleepstatic.com/js/fixto/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/fixto/fixto.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d6d26827b887aa09b2a5eb7c001e35b93773e53c36ddbfc127ad824e0a6ba39

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 13 Jun 2015 21:34:42 GMT
server
cloudflare
age
535003
status
200
etag
W/"1740214911"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
51829a42c940c853-AMS
expires
Thu, 21 Mar 2019 05:36:11 GMT
addthis_widget.js
s9.addthis.com/js/300/ 		349 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s9.addthis.com/js/300/addthis_widget.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-210-248-44.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
d6d912ff99935b5bea175a599032c6d052cfa22e6ecf9137eead601a393051b9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Tue, 17 Sep 2019 14:27:10 GMT
server
nginx/1.15.8
etag
"5d80ed3e-5755d"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
status
200
cache-control
public, max-age=600
date
Wed, 18 Sep 2019 10:23:06 GMT
x-host
s9.addthis.com
content-length
115051
pubfig.min.js
a.pub.network/bleepingcomputer-com/ 		435 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:bf72 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f29b545ddb8edb38a74d6d22236b39b9c8bbf39207f429e74a1a32615dfcdbc

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:07 GMT
content-encoding
br
cf-cache-status
REVALIDATED
x-guploader-uploadid
AEnB2UowfgSKBIYMP9fnVbYTGBv0GPa36M4UGRUAmdd01NTYAJnFsJ-HQCsTYdBSjVtNxtIauG4OM6hCFw_uuZYfbjLvvFxV5w
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
application/javascript
last-modified
Mon, 09 Sep 2019 20:24:12 GMT
server
cloudflare
etag
W/"e8fe0901e3d368e0cefe32e595688a8e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=78eitw==, md5=6P4JAePTaODO/jLllWiKjg==
x-goog-generation
1568060652201837
cache-control
public, max-age=1800
x-goog-stored-content-length
444729
cf-ray
51829a434d6acbd0-VIE
expires
Wed, 18 Sep 2019 10:53:07 GMT
fab.js
ecdn.analysis.fi/static/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.analysis.fi/static/js/fab.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.79.175.86 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-178-79-175-86.london.nodebalancer.linode.com
Software
nginx/1.12.2 /
Resource Hash
6c8d16fd525d689560442806ff2b2e6909949950453cb8215aa30ab3da66845f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Sep 2019 10:22:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Jul 2015 00:00:00 GMT
Server
nginx/1.12.2
ETag
"55a5a280-3ab"
Content-Type
application/javascript
Cache-Control
max-age=3600
Connection
close
Content-Length
939
Expires
Wed, 18 Sep 2019 11:22:38 GMT
login_bg.png
www.bleepstatic.com/images/site/ 		187 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/login_bg.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
46f054a5c98b253c46ff84547ce118625668349700a0730724df4bb25bcf5f78

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:06 GMT
cf-cache-status
HIT
last-modified
Sat, 04 Mar 2017 20:46:52 GMT
server
cloudflare
age
2279414
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
51829a4309b4c853-AMS
content-length
187
expires
Sat, 25 May 2019 01:06:01 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 24 Aug 2019 14:56:54 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
2143572
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
11016
x-xss-protection
0
expires
Sun, 23 Aug 2020 14:56:54 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Sep 2019 18:28:07 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
1353299
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
11020
x-xss-protection
0
expires
Tue, 01 Sep 2020 18:28:07 GMT
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/gif
nav_bg.png
www.bleepstatic.com/images/site/ 		83 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/nav_bg.png
Requested by
Host: cdn.connatix.com
URL: https://cdn.connatix.com/min/connatix.renderer.infeed.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6d408ceb31cfae3d3d87971b82e522a331aa2eb042a793223b7ec19e419c564

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:06 GMT
cf-cache-status
HIT
last-modified
Sat, 04 Mar 2017 07:57:02 GMT
server
cloudflare
age
2283134
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
51829a4319e6c853-AMS
content-length
83
expires
Fri, 24 May 2019 23:57:34 GMT
connatix.renderer.infeed.min_dc.js
cdns.connatix.com/p/1724/min/ Frame CF3B 		716 KB
186 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdns.connatix.com/p/1724/min/connatix.renderer.infeed.min_dc.js
Requested by
Host: cdn.connatix.com
URL: https://cdn.connatix.com/min/connatix.renderer.infeed.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::645 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
2d702a47207c7b825e20444afb2b9cec3aa53f1c7d3b9d023e33026b7c70a5e1

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:06 GMT
content-encoding
gzip
age
437471
x-cache
MISS, HIT
status
200
content-length
189891
x-served-by
cache-dca17728-DCA, cache-hhn4056-HHN
access-control-allow-origin
*
last-modified
Fri, 13 Sep 2019 08:50:46 GMT
x-timer
S1568802187.739285,VS0,VE0
etag
"63cee54c9a8ae6eed3bb9488080cc472"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=31557600
accept-ranges
bytes
x-cache-hits
0, 14806
20x20-printer.png
www.bleepstatic.com/images/site/ 		422 B
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/20x20-printer.png
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b34676178982122b66b0a55d3ee411fa343b1d19a6c119c0c9b0ea2c892738a1

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:06 GMT
cf-cache-status
HIT
age
1159198
cf-polished
origFmt=png, origSize=824
status
200
content-disposition
inline; filename="20x20-printer.webp"
content-length
422
last-modified
Sat, 03 Oct 2015 03:18:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
expires
Sat, 05 Oct 2019 00:23:08 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
51829a433a31c853-AMS
cf-bgj
imgq:85
calendar.png
www.bleepstatic.com/images/site/ 		129 B
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/calendar.png
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
61cb7a1fefe87904c7b02aa16c88d4b42805526d63f9d20f2f797380713e4577

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepstatic.com/css/redesign/news.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:06 GMT
cf-cache-status
HIT
last-modified
Sat, 04 Mar 2017 20:46:52 GMT
server
cloudflare
age
1683827
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
51829a433a33c853-AMS
content-length
129
expires
Fri, 31 May 2019 22:31:50 GMT
clock.png
www.bleepstatic.com/images/site/ 		252 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/clock.png
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
82c7fdbc4d001907e1e5d56cd335af3f0d48e0ffa7f0ad2aa3486ebb1123cb21

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepstatic.com/css/redesign/news.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:06 GMT
cf-cache-status
HIT
age
1161760
cf-polished
origFmt=png, origSize=1316
status
200
content-disposition
inline; filename="clock.webp"
content-length
252
last-modified
Fri, 29 May 2015 07:08:14 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
expires
Fri, 04 Oct 2019 23:40:26 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
51829a433a34c853-AMS
cf-bgj
imgq:85
comment-light.png
www.bleepstatic.com/images/site/ 		96 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/comment-light.png
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfc8e65089dc5421d56ecc71a0328eafd4feb2a602503ae5c15bfa3189c02f7e

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepstatic.com/css/redesign/news.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:06 GMT
cf-cache-status
HIT
age
1766323
cf-polished
origFmt=png, origSize=1034
status
200
content-disposition
inline; filename="comment-light.webp"
content-length
96
last-modified
Fri, 29 May 2015 07:08:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
expires
Fri, 27 Sep 2019 23:44:23 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
51829a433a35c853-AMS
cf-bgj
imgq:85
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 25 Aug 2019 08:41:22 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:52 GMT
server
sffe
age
2079704
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
11180
x-xss-protection
0
expires
Mon, 24 Aug 2020 08:41:22 GMT
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 25 Aug 2019 08:44:16 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:48 GMT
server
sffe
age
2079530
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
11056
x-xss-protection
0
expires
Mon, 24 Aug 2020 08:44:16 GMT
32x32-printer.png
www.bleepstatic.com/images/site/ 		256 B
566 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/32x32-printer.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
33eb81af8a0101c1ad2a210f322fb362ce1598e6e37f0a7ecc62d6ff39add590

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:06 GMT
cf-cache-status
HIT
age
1164277
cf-polished
origFmt=png, origSize=618
status
200
content-disposition
inline; filename="32x32-printer.webp"
content-length
256
last-modified
Fri, 02 Oct 2015 21:57:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
expires
Fri, 04 Oct 2019 22:58:28 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
51829a434a59c853-AMS
cf-bgj
imgq:85
f6ed52794113bed991ef57a9029d9e70.jpg
www.bleepstatic.com/author/photos/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/author/photos/f6ed52794113bed991ef57a9029d9e70.jpg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5cdcb6c15e64a5c414ce8c8726bb1c9b57e7dfeae98b6099dfd280ba633418c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:06 GMT
cf-cache-status
HIT
age
534849
cf-polished
degrade=85, origSize=52423, status=webp_bigger
status
200
content-length
7067
last-modified
Wed, 08 Aug 2018 21:58:25 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Fri, 14 Jun 2019 05:36:57 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
51829a434a5ac853-AMS
cf-bgj
imgq:85
KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz.woff2
fonts.gstatic.com/s/roboto/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz.woff2
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
f36d71c69bcec4ce625d2923d36a4b1f64bbc2e5691c99cf8a4f3b0f79d1edb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 26 Aug 2019 15:12:01 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:46 GMT
server
sffe
age
1969865
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
8024
x-xss-protection
0
expires
Tue, 25 Aug 2020 15:12:01 GMT
cmp.js
quantcast.mgr.consensu.org/ 		177 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/cmp.js
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/qc-consent/qc-consent.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:a400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c26fd569cbff7c7b33fe25517c92338cf7fee0beacb4fb93a55885eb506f01d5

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:22:24 GMT
content-encoding
gzip
last-modified
Wed, 28 Aug 2019 16:50:55 GMT
server
AmazonS3
age
1496
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
status
200
x-amz-meta-qc-ineu
True
x-amz-cf-pop
FRA56
x-amz-cf-id
Zs5qopaAiTRx6mZnIN55hCqR77EQIgxNgV_myq8gFqFVPqMMddGIwQ==
via
1.1 4b35c814a2788c09b015e4cc052e552f.cloudfront.net (CloudFront)
h4-bg.png
www.bleepstatic.com/images/site/ 		72 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/h4-bg.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/qc-consent/qc-consent.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bb3aaeb6bd2ba6d6c88f1497a5b86b2dba5ed0a39dcdbe82ee94dd06990e146

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:06 GMT
cf-cache-status
HIT
last-modified
Sat, 04 Mar 2017 20:46:52 GMT
server
cloudflare
age
2282934
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
51829a437addc853-AMS
content-length
72
expires
Sat, 25 May 2019 00:08:06 GMT
news_email_icon.png
www.bleepstatic.com/images/site/ 		126 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/news_email_icon.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/qc-consent/qc-consent.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c42933014424dabb2256a0732a9f792559d26ba09a84308c278f52834522f9a

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepstatic.com/css/redesign/home.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:06 GMT
cf-cache-status
HIT
age
1160934
cf-polished
origFmt=png, origSize=1105
status
200
content-disposition
inline; filename="news_email_icon.webp"
content-length
126
last-modified
Fri, 29 May 2015 07:10:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
expires
Fri, 04 Oct 2019 23:54:11 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
51829a437adfc853-AMS
cf-bgj
imgq:85
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-91740-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
5973
date
Wed, 18 Sep 2019 08:43:33 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
17803
expires
Wed, 18 Sep 2019 10:43:33 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.bleepingcomputer.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 18 Sep 2019 10:23:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bleepingcomputer.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 18 Sep 2019 10:23:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
104
x-xss-protection
0
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20190916/r20190131/ 		218 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20190916/r20190131/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
c2ff48bcbf9eadb11a5db2905263a74dfce1f4d3067910bfa74c4284a2ee7055
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
82154
x-xss-protection
0
server
cafe
etag
11959035575636662538
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 18 Sep 2019 10:23:06 GMT
news_footer_icon.png
www.bleepstatic.com/images/site/ 		186 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/news_footer_icon.png
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
371e60eaea3df0bf53403a81ca0d49fad4e0c08dca679cf6a85300da15bf3208

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:06 GMT
cf-cache-status
HIT
last-modified
Sat, 04 Mar 2017 20:46:52 GMT
server
cloudflare
age
2378417
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
51829a439b10c853-AMS
content-length
186
expires
Thu, 23 May 2019 21:41:26 GMT
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20190916/r20190131/ Frame 8E17 		218 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20190916/r20190131/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
c2ff48bcbf9eadb11a5db2905263a74dfce1f4d3067910bfa74c4284a2ee7055
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
82154
x-xss-protection
0
server
cafe
etag
11959035575636662538
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 18 Sep 2019 10:23:06 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20190916/r20190131/ Frame 20F6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20190916/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20190916/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Mon, 16 Sep 2019 14:13:05 GMT
expires
Mon, 30 Sep 2019 14:13:05 GMT
content-type
text/html; charset=UTF-8
etag
14866779439905550351
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
7273
x-xss-protection
0
cache-control
public, max-age=1209600
age
159001
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
g
ck.connatix.com/ 		46 B
103 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ck.connatix.com/g?callback=cnxJSONP_b6a212533b6d688bbe0f1568802186844
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1724/min/connatix.renderer.infeed.min_dc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::645 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Varnish /
Resource Hash
511ef1b3982c438b86a27cbc14ffdacee595fcf6a3863312d0c3e063528161d8

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:06 GMT
via
1.1 varnish
server
Varnish
age
0
x-served-by
cache-hhn4056-HHN
x-cache
HIT
status
200
cache-control
no-cache, no-store, must-revalidate, max-age=0
accept-ranges
bytes
x-timer
S1568802187.861220,VS0,VE0
content-length
46
retry-after
0
x-cache-hits
0
collect
www.google-analytics.com/r/ 		35 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1897262523&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&ul=en-us&de=UTF-8&dt=Emotet%20Botnet%20Is%20Back%2C%20Servers%20Active%20Across%20the%20World&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=20296820&gjid=2088533784&cid=1642976656.1568802187&tid=UA-91740-1&_gid=1324694396.1568802187&_r=1&gtm=2ou9b0&z=17481600
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Sep 2019 10:23:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
cmp-3pc-check.html
static.quantcast.mgr.consensu.org/v25/ Frame 8A46 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://static.quantcast.mgr.consensu.org/v25/cmp-3pc-check.html
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:d800:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

:method
GET
:authority
static.quantcast.mgr.consensu.org
:scheme
https
:path
/v25/cmp-3pc-check.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/

Response headers

status
200
content-type
text/html
content-length
583
last-modified
Wed, 28 Aug 2019 16:50:51 GMT
x-amz-server-side-encryption
AES256
accept-ranges
bytes
server
AmazonS3
date
Wed, 18 Sep 2019 10:18:14 GMT
etag
"2382c3f01978a379e8fa8bc1a3bec605"
x-cache
Hit from cloudfront
via
1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
vOH2OrdRJbeJ8Vf2JbkFN5mj4Eoy4FvihdN-cfWBbboQFI55MPHGRg==
age
715
pls
core.connatix.com/ Frame CF3B 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://core.connatix.com/pls?callback=jQuery32105528102601338849_1568802186841&token=83c6e833-8c07-474c-b10f-079d46320a80&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&c_v=1724_0_0_1_0&page_guid=1e1d2c9ee2a950bfe0801568802186899&spp=1&_=1568802186842
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1724/min/connatix.renderer.infeed.min_dc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.131.34 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-236-131-34.compute-1.amazonaws.com
Software
nginx/1.15.9 (Ubuntu) /
Resource Hash
eb7a00d129fca004e51bfb80284a4b5c63676184c43233ba787db74e553f6085

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Wed, 18 Sep 2019 10:23:07 GMT
content-encoding
gzip
server
nginx/1.15.9 (Ubuntu)
access-control-allow-origin
*
widget_iframe.d6364fae9340b0be5f13818370141fd0.html
platform.twitter.com/widgets/ Frame C51C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.d6364fae9340b0be5f13818370141fd0.html?origin=https%3A%2F%2Fwww.bleepingcomputer.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40AE) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Wed, 18 Sep 2019 10:23:06 GMT
Etag
"7d3f6ed140174a20e7c8be261a70a863+gzip"
Last-Modified
Tue, 17 Sep 2019 17:14:06 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/40AE)
Vary
Accept-Encoding
X-Cache
HIT
Content-Length
5816
Emotet01.jpg
www.bleepstatic.com/content/hl-images/2019/08/23/ 		313 KB
314 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/content/hl-images/2019/08/23/Emotet01.jpg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
235317084559b00e0e99260796052636e0e9b413a9cc9fc48d5860bacfbb70bf

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:07 GMT
cf-cache-status
MISS
last-modified
Fri, 23 Aug 2019 12:22:50 GMT
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
51829a445d2ac853-AMS
content-length
320617
expires
Fri, 18 Oct 2019 10:23:06 GMT
292x176_windows-defender.jpg
www.bleepstatic.com/content/hl-images/2018/11/26/thumb/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/content/hl-images/2018/11/26/thumb/292x176_windows-defender.jpg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ffe3a7e36e4040d985f550a42ecaf3eb3a3c38ddfee44cb056e9cc66132ff79

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:06 GMT
cf-cache-status
HIT
age
164845
cf-polished
qual=85, origFmt=jpeg, origSize=3694
status
200
content-disposition
inline; filename="292x176_windows-defender.webp"
content-length
1824
last-modified
Tue, 27 Nov 2018 01:45:37 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
expires
Wed, 16 Oct 2019 12:35:40 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
51829a445d2ec853-AMS
cf-bgj
imgq:85
292x176_AttackedPorts.png
www.bleepstatic.com/content/posts/2019/09/16/thumb/ 		78 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/content/posts/2019/09/16/thumb/292x176_AttackedPorts.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f568903f0c94a9cf128ea5b5e3e4d535600f0c52fd0c509e4a77bf720d60c2c6

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:06 GMT
cf-cache-status
HIT
age
70988
cf-polished
origFmt=png, origSize=134407
status
200
content-disposition
inline; filename="292x176_AttackedPorts.webp"
content-length
80204
last-modified
Mon, 16 Sep 2019 23:53:01 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
expires
Thu, 17 Oct 2019 14:39:57 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
51829a445d2fc853-AMS
cf-bgj
imgq:85
_ate.track.config_resp
v1.addthisedge.com/live/boost/ra-561517d2c7f964d6/ 		2 KB
924 B 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.addthisedge.com/live/boost/ra-561517d2c7f964d6/_ate.track.config_resp
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-210-248-44.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.8.v20180619) /
Resource Hash
5fe405e64b42b49a5813c2c7b8e48ccf290310c5eb351d2b15966856d1a2f06e

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:07 GMT
content-encoding
gzip
surrogate-key
ra-561517d2c7f964d6
server
Jetty(9.4.8.v20180619)
cache-tag
ra-561517d2c7f964d6
etag
-1808207170--gzip
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
status
200
cache-control
public, max-age=29, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-length
678
jquery.fancybox.css
www.bleepstatic.com/js/redesign/fancybox/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/fancybox/jquery.fancybox.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e86593083facba2710a2312f26bd7b436d7ef299f99cbc2ccc1b32693ec3144

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:06 GMT
content-encoding
br
cf-cache-status
HIT
age
2909780
cf-polished
origSize=4895
status
200
last-modified
Wed, 14 Oct 2015 20:25:51 GMT
server
cloudflare
etag
W/"9108074"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
expires
Thu, 28 Mar 2019 18:04:30 GMT
cache-control
max-age=3024000
cf-ray
51829a448dafc853-AMS
cf-bgj
minify
font-awesome.css
www.bleepstatic.com/css/redesign/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/css/redesign/font-awesome.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8733e2183f16906b2fa2e58fdab82cf336f249ab71ac1b184470da2dd3c6e29f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:06 GMT
content-encoding
br
cf-cache-status
HIT
age
623390
cf-polished
origSize=26776
status
200
last-modified
Tue, 03 May 2016 04:39:29 GMT
server
cloudflare
etag
W/"1700274315"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
expires
Wed, 03 Jul 2019 05:12:31 GMT
cache-control
max-age=3024000
cf-ray
51829a448db0c853-AMS
cf-bgj
minify
cmpui-popup.js
static.quantcast.mgr.consensu.org/v25/ 		210 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.quantcast.mgr.consensu.org/v25/cmpui-popup.js
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:d800:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
78c372f8aece809225131a8fe9f7b117cf1675c07bcaade16598740bac0ed36c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:19:49 GMT
content-encoding
gzip
last-modified
Wed, 28 Aug 2019 16:50:51 GMT
server
AmazonS3
age
308
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
status
200
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
3vmj1Jie59zTK13yKQzcaRoQM6VlwkH8ir5thILKPKoV0iLxAC8RsA==
via
1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
ads
googleads.g.doubleclick.net/pagead/ Frame D19E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1566571145&rafmt=9&guci=1.2.0.0.2.2.0.0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&adsid=NT&dt=1568802186806&bpp=23&bdt=211&fdt=176&idt=176&shv=r20190916&cbv=r20190131&saldr=aa&abxe=1&correlator=1773332346897&frm=20&pv=2&ga_vid=1642976656.1568802187&ga_sid=1568802187&ga_hid=1897262523&ga_fc=0&iag=0&icsg=2629632&dssz=41&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=208&ady=5395&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=1&uci=1.jdu62hil2as2&fsb=1&xpc=W3kT23GCa0&p=https%3A//www.bleepingcomputer.com&dtd=191
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190916/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1566571145&rafmt=9&guci=1.2.0.0.2.2.0.0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&adsid=NT&dt=1568802186806&bpp=23&bdt=211&fdt=176&idt=176&shv=r20190916&cbv=r20190131&saldr=aa&abxe=1&correlator=1773332346897&frm=20&pv=2&ga_vid=1642976656.1568802187&ga_sid=1568802187&ga_hid=1897262523&ga_fc=0&iag=0&icsg=2629632&dssz=41&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=208&ady=5395&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=1&uci=1.jdu62hil2as2&fsb=1&xpc=W3kT23GCa0&p=https%3A//www.bleepingcomputer.com&dtd=191
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 18 Sep 2019 10:23:07 GMT
server
cafe
content-length
27459
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 18-Sep-2019 10:38:07 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
expires
Wed, 18 Sep 2019 10:23:07 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		77 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190916/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
31689f8d6eb1b3893de316c482b745b5fc7f0ee5408f7e86ec0e20c320e6b1c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1568632677987726"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
29135
x-xss-protection
0
expires
Wed, 18 Sep 2019 10:23:07 GMT
moment~timeline~tweet.ec04a6cb5ba879d0e0db41f211639fdf.js
platform.twitter.com/js/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/moment~timeline~tweet.ec04a6cb5ba879d0e0db41f211639fdf.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41AF) /
Resource Hash
57811344d04a892ddcd3623c551ce97f268cdf0b300e2396cac5168dbc49d425

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Sep 2019 10:23:07 GMT
Content-Encoding
gzip
Last-Modified
Tue, 17 Sep 2019 17:14:00 GMT
Server
ECS (fcn/41AF)
Etag
"193d41dde5636e7f143422dcf5051b6d+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Content-Type
application/javascript; charset=utf-8
Content-Length
7914
tweet.b2d749028be81f16d9cb4994d9692feb.js
platform.twitter.com/js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/tweet.b2d749028be81f16d9cb4994d9692feb.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40D8) /
Resource Hash
2137b85fb02da63ebddb0df947618705e590cac29d7dd5e268337e92ebf6751e

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Sep 2019 10:23:07 GMT
Content-Encoding
gzip
Last-Modified
Tue, 17 Sep 2019 17:14:00 GMT
Server
ECS (fcn/40D8)
Etag
"add928b0d9be8cf878d1c1f13a904301+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Content-Type
application/javascript; charset=utf-8
Content-Length
6281
fontawesome-webfont.woff
www.bleepstatic.com/fonts/ 		64 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/fonts/fontawesome-webfont.woff?v=4.2.0
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepstatic.com/css/redesign/font-awesome.css
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:07 GMT
cf-cache-status
HIT
last-modified
Thu, 23 Apr 2015 09:36:00 GMT
server
cloudflare
age
783
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
status
200
accept-ranges
bytes
cf-ray
51829a452cb39bfd-AMS
access-control-allow-origin
*
content-length
65452
ads
googleads.g.doubleclick.net/pagead/ Frame DAB8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&adk=1812271804&adf=3025194257&lmt=1566571145&plat=1%3A32776%2C2%3A16809992%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A34635776&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1568802186914&bpp=13&bdt=319&fdt=111&idt=111&shv=r20190916&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=834x500&nras=1&correlator=1773332346897&frm=20&pv=1&ga_vid=1642976656.1568802187&ga_sid=1568802187&ga_hid=1897262523&ga_fc=0&iag=0&icsg=2251799855636480&dssz=44&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=1&uci=1.22oyqhtdgvq1&fsb=1&dtd=115
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190916/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-0920899300397823&output=html&adk=1812271804&adf=3025194257&lmt=1566571145&plat=1%3A32776%2C2%3A16809992%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A34635776&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1568802186914&bpp=13&bdt=319&fdt=111&idt=111&shv=r20190916&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=834x500&nras=1&correlator=1773332346897&frm=20&pv=1&ga_vid=1642976656.1568802187&ga_sid=1568802187&ga_hid=1897262523&ga_fc=0&iag=0&icsg=2251799855636480&dssz=44&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=1&uci=1.22oyqhtdgvq1&fsb=1&dtd=115
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 18 Sep 2019 10:23:07 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 18-Sep-2019 10:38:07 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
expires
Wed, 18 Sep 2019 10:23:07 GMT
cache-control
private
vendorlist.json
vendorlist.consensu.org/ 		87 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vendorlist.consensu.org/vendorlist.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:1600:1:af78:4c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
537487518278d08ff3933b0a4046f313d77120f0057d292ccb800c3411429f74

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
EgOLFkWeU9MumljknAhNz48AtS5mpXCd
content-encoding
gzip
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
53817
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
*
last-modified
Thu, 12 Sep 2019 16:00:18 GMT
server
AmazonS3
date
Tue, 17 Sep 2019 19:26:11 GMT
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
via
1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront)
cache-control
max-age=259200
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
pXGAIm7SLn--14qgBBsnfdcP6MiZjMdM1Z8zq9UVt6h2fheMOBK9gg==
/
audit.quantcast.mgr.consensu.org/ 		80 B
486 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audit.quantcast.mgr.consensu.org/?log=;1568802187041;BleepingComputer.com;https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F;;;;;p,off,false,,1,en;CMP_Display:initializationdisplay,;Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36
Requested by
Host: static.quantcast.mgr.consensu.org
URL: https://static.quantcast.mgr.consensu.org/v25/cmpui-popup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.27 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-27.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 07:29:19 GMT
via
1.1 c26b8e74df43cd99786e716221463d0c.cloudfront.net (CloudFront)
vary
Origin
age
10429
x-cache
Hit from cloudfront
status
200
content-length
80
last-modified
Mon, 11 Jun 2018 22:07:34 GMT
server
AmazonS3
etag
"0614149d8033903db5de46d6c184bbfd"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-amz-cf-id
sdRTj-m0J0mviuZqEB9uMtxxU4_UAaFRDicELTeWY9UU982GAONo5g==
syndication
syndication.twitter.com/i/jot/ 		43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot/syndication?l=%7B%22_category_%22%3A%22syndicated_impression%22%2C%22triggered_on%22%3A1568802187059%2C%22dnt%22%3Afalse%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22impression%22%7D%7D
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
119
pragma
no-cache
last-modified
Wed, 18 Sep 2019 10:23:07 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
2930ebf0f34d85392a586b494b361187
x-transaction
0099e29100e597e4
expires
Tue, 31 Mar 1981 05:00:00 GMT
tweets.json
cdn.syndication.twimg.com/ 		17 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.syndication.twimg.com/tweets.json?callback=__twttr.callbacks.cb0&ids=1164619002259185664-t%2C1164629884439879680%2C1164899159431946240-t&lang=en&suppress_response_codes=true&theme=light&tz=GMT%2B0200
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
tsa_f /
Resource Hash
8aebd7cff13dca5a8ee6d79d574b0e76aa199b219c7fad5835291427adb8d0d4
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-disposition
attachment; filename=jsonp.jsonp
content-length
2478
x-xss-protection
0
x-response-time
129
last-modified
Wed, 18 Sep 2019 10:23:07 GMT
server
tsa_f
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
application/javascript;charset=utf-8
cache-control
must-revalidate, max-age=60
x-connection-hash
1f6a3d873046decd7f6e44cb74489a1f
timing-allow-origin
*
x-transaction
00fc74a60091aede
expires
Wed, 18 Sep 2019 10:24:07 GMT
CookieAccess
api.quantcast.mgr.consensu.org/ 		30 B
596 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.quantcast.mgr.consensu.org/CookieAccess
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.214.69 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-214-69.fra53.r.cloudfront.net
Software
/
Resource Hash
5a4061ff8312e2ad494bd984b7df966438232be64a3b284ab69f66c6705009a6

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:07 GMT
content-encoding
gzip
x-amz-cf-pop
FRA53-C1
x-amzn-requestid
ca017e80-03f9-4df0-a530-d4b4c661cee5
x-cache
Error from cloudfront
status
404
x-amz-apigw-id
ANXNyHhHIAMFl8w=
content-length
50
access-control-allow-origin
https://www.bleepingcomputer.com
x-amzn-trace-id
Root=1-5d82058b-d96597eca1415372d6a114be;Sampled=0
vary
Origin
access-control-allow-methods
GET, POST
content-type
application/json
via
1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
x-amz-cf-id
IU6cNl87tV_G1k-aOiAOx_QyGh4miGeybjtceCGG-PjDSxY_Rl4M-g==
layers.8eebb73346d2e9041c7a.js
s7.addthis.com/static/ 		263 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/layers.8eebb73346d2e9041c7a.js
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-210-248-44.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
055de8868a2f067358a5abf7a789ce7b5c2d7d6793ae839e3e0c494bfc8379db
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Wed, 11 Sep 2019 20:38:55 GMT
server
nginx/1.15.8
etag
W/"5d795b5f-41b9f"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=86313600
date
Wed, 18 Sep 2019 10:23:07 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
77529
truncated
/ 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		715 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
g
rtb.connatix.com/ 		329 B
375 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb.connatix.com/g?c_pw=834&c_ph=469&c_tk=C018218D-4AD0-4E01-8158-045425E65946&c_bu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&c_ivt=0&connatix_sess=qeturSJgqoCA3opWL_ptNePXTxuAV2NbPMwhkq1QDngoHotLwOHjhhmrE865hluMNcEIGhQSC-oEdPg7mKwbaqAlIEYOCGWLt9A1wFNc63hE33bsSdzBEkIn9-V4GlzLxRKwXGAHe3Dxvz36gHc11I44ixxWNhYuAuZBdXJRJN0tJOttO4K3sX7SZPVzGrf6&notServed=false&xplr=true&c_s=false&c_pl=X2Hv76Y4THnpz169K2qRscV2XOogXIfZuE-dnXM6hgMS29LM8uumC7SQp6FmzIBsrxHgeC2QzP-9nTOnQ7JpZRtZ7XSKWCukgo5pzKWrtpWr3VcOkzn_cnGpifTnQ3nWgjmHDNQbB8BthCiAc5RgEiPlew__g-0ZLAVLOH0hmKeeHMR2rftVctbfG2JY6xVjYxg9Cc9-QKyncmXSrfNMMBthHGs9XzSbCDSf_Pb6pHDqrlVeMB6zQxLgLl04KO8edAtyCwwdpJw3n7LWdZwf6g&gdpr=1&med_id=639404&req_no=0&v=1&c_pt=1&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world&c_v=1724_0_0_1_0&spp=1&callback=cnxJSONP_f75302199ce0b935d4b91568802187270
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1724/min/connatix.renderer.infeed.min_dc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.86.195.52 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-86-195-52.compute-1.amazonaws.com
Software
nginx/1.15.9 (Ubuntu) /
Resource Hash
2d71a6cdc27ead2e1573baf2393b4fba17802dd4d009c0d7ba5d25903ced83ae

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 18 Sep 2019 10:23:08 GMT
Content-Encoding
gzip
Server
nginx/1.15.9 (Ubuntu)
Connection
keep-alive
Content-Length
187
266.jpg
i.connatix.com/s3/connatix-uploads/af391ba1-47b0-4ff1-87cb-08a6df11845f/ 		91 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.connatix.com/s3/connatix-uploads/af391ba1-47b0-4ff1-87cb-08a6df11845f/266.jpg?mode=stretch&connatiximg=true&scale=both&height=469&width=834
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::645 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
97a14d08d1a0b888930ca73b02789dce46222fe4d4966d262a1e4f30326ae1cd

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:07 GMT
via
1.1 varnish, 1.1 varnish
age
45068
x-served-by
cache-sjc3141-SJC, cache-hhn4056-HHN
status
200
x-cache
HIT, HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31557600
accept-ranges
bytes
x-timer
S1568802187.282140,VS0,VE1
content-length
93309
x-cache-hits
2, 1
1.jpg
i.connatix.com/s3/connatix-uploads/600bf5fe-1ab7-4fcc-b0a7-164893a4d009/ 		123 KB
123 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.connatix.com/s3/connatix-uploads/600bf5fe-1ab7-4fcc-b0a7-164893a4d009/1.jpg?mode=crop&width=1001&height=563
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::645 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
502e2d68eebfd5f94df29568c8725fa6109f2e8215300c1f34e15f87ed24aeb0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:07 GMT
via
1.1 varnish, 1.1 varnish
age
33536
x-served-by
cache-sjc3145-SJC, cache-hhn4056-HHN
status
200
x-cache
HIT, HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31557600
accept-ranges
bytes
x-timer
S1568802187.282148,VS0,VE1
content-length
125960
x-cache-hits
1, 1
1.jpg
i.connatix.com/s3/connatix-uploads/172717ac-5021-4885-a279-b91eef26b719/ 		64 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.connatix.com/s3/connatix-uploads/172717ac-5021-4885-a279-b91eef26b719/1.jpg?mode=crop&width=1001&height=563
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::645 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
d6161bbd6a0b0e633c76312aee3eefd52600990feece1abfb426c04b19ca2df3

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:07 GMT
via
1.1 varnish, 1.1 varnish
age
45068
x-served-by
cache-sjc3147-SJC, cache-hhn4056-HHN
status
200
x-cache
HIT, HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31557600
accept-ranges
bytes
x-timer
S1568802187.282020,VS0,VE0
content-length
65880
x-cache-hits
2, 3
1.jpg
i.connatix.com/s3/connatix-uploads/229403d5-e7e1-494e-abbb-f9b01452817d/ 		78 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.connatix.com/s3/connatix-uploads/229403d5-e7e1-494e-abbb-f9b01452817d/1.jpg?mode=crop&width=1001&height=563
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::645 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
fe90507931ad98f0c9bde0cb1d852e829e234e6b731486becbd1d7e19067d3dc

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:07 GMT
via
1.1 varnish, 1.1 varnish
age
45068
x-served-by
cache-sjc3140-SJC, cache-hhn4056-HHN
status
200
x-cache
HIT, HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31557600
accept-ranges
bytes
x-timer
S1568802187.282011,VS0,VE1
content-length
80047
x-cache-hits
3, 1
1.jpg
i.connatix.com/s3/connatix-uploads/05875c87-70e5-4c17-9fb6-f3b7ddd375de/ 		97 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.connatix.com/s3/connatix-uploads/05875c87-70e5-4c17-9fb6-f3b7ddd375de/1.jpg?mode=crop&width=1001&height=563
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::645 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
e1d9d600c635a50b91f8a197252ea3ce07f334bda185fc627cdee4081068a852

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:07 GMT
via
1.1 varnish, 1.1 varnish
age
45068
x-served-by
cache-sjc3131-SJC, cache-hhn4056-HHN
status
200
x-cache
HIT, HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31557600
accept-ranges
bytes
x-timer
S1568802187.282170,VS0,VE1
content-length
99122
x-cache-hits
2, 1
1.jpg
i.connatix.com/s3/connatix-uploads/eb21898e-e484-4b9d-990c-50dac6a56806/ 		105 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.connatix.com/s3/connatix-uploads/eb21898e-e484-4b9d-990c-50dac6a56806/1.jpg?mode=crop&width=1001&height=563
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::645 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
a40b9206f0d11b6147523e3805c5eb22e2cae24851a5350a21889cb40d74ddba

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:07 GMT
via
1.1 varnish, 1.1 varnish
age
45068
x-served-by
cache-sjc3128-SJC, cache-hhn4056-HHN
status
200
x-cache
HIT, HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31557600
accept-ranges
bytes
x-timer
S1568802187.282032,VS0,VE0
content-length
107877
x-cache-hits
1, 234
bleeping-computerlogo-lg.png
www.bleepstatic.com/logos/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/logos/bleeping-computerlogo-lg.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a56e644a617b2d1e4e7d808dfc334a7ea8622979f22999dc9eccd21c61958b3

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:07 GMT
cf-cache-status
HIT
age
1612869
cf-polished
origFmt=png, origSize=15281
status
200
content-disposition
inline; filename="bleeping-computerlogo-lg.webp"
content-length
7156
last-modified
Wed, 07 Jan 2015 22:52:15 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
expires
Sun, 29 Sep 2019 18:21:58 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
51829a468bcfc853-AMS
cf-bgj
imgq:85
0_th_1.jpg
i.connatix.com/s3/connatix-videos/af391ba1-47b0-4ff1-87cb-08a6df11845f/ Frame CF3B 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.connatix.com/s3/connatix-videos/af391ba1-47b0-4ff1-87cb-08a6df11845f/0_th_1.jpg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::645 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
c3034d0370c5faa09e7a8d7b0c48925afa0371cf17e4827dde23059f56019dae

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:07 GMT
via
1.1 varnish, 1.1 varnish
age
1852404
x-served-by
cache-sjc3139-SJC, cache-hhn4056-HHN
status
200
x-cache
HIT, HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31557600
accept-ranges
bytes
x-timer
S1568802187.296065,VS0,VE0
content-length
23507
x-cache-hits
1, 1
pixel
cm.g.doubleclick.net/ Frame CF3B
Redirect Chain
  • https://connatix-d.openx.net/v/1.0/av?auid=540193964&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&cb=7889d696ae13e2ec4d131...
  • https://connatix-d.openx.net/v/1.0/av?cc=1&auid=540193964&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&cb=7889d696ae13e2ec...
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
0
0
r
trk.connatix.com/ Frame CF3B 		0
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk.connatix.com/r?connatix_sess=qeturSJgqoCA3opWL_ptNePXTxuAV2NbPMwhkq1QDngoHotLwOHjhhmrE865hluMNcEIGhQSC-oEdPg7mKwbaqAlIEYOCGWLt9A1wFNc63hE33bsSdzBEkIn9-V4GlzLxRKwXGAHe3Dxvz36gHc11I44ixxWNhYuAuZBdXJRJN0tJOttO4K3sX7SZPVzGrf6&videoID=639404&c_pl=X2Hv76Y4THnpz169K2qRscV2XOogXIfZuE-dnXM6hgMS29LM8uumC7SQp6FmzIBsrxHgeC2QzP-9nTOnQ7JpZRtZ7XSKWCukgo5pzKWrtpWr3VcOkzn_cnGpifTnQ3nWgjmHDNQbB8BthCiAc5RgEiPlew__g-0ZLAVLOH0hmKeeHMR2rftVctbfG2JY6xVjYxg9Cc9-QKyncmXSrfNMMBthHGs9XzSbCDSf_Pb6pHDqrlVeMB6zQxLgLl04KO8edAtyCwwdpJw3n7LWdZwf6g&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world&c_v=1724_0_0_1_0&spp=1
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.65.212 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-222-65-212.compute-1.amazonaws.com
Software
nginx/1.15.9 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 18 Sep 2019 10:23:07 GMT
Server
nginx/1.15.9 (Ubuntu)
Connection
keep-alive
Content-Length
0
tweet.9bf5093a19cec463852b31b784bf047a.light.ltr.css
platform.twitter.com/css/ 		51 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/css/tweet.9bf5093a19cec463852b31b784bf047a.light.ltr.css
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40E3) /
Resource Hash
82362621d84dafedb468e0a04d88dcc0730114e52b6907a2e89141e7ae379aed

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Sep 2019 10:23:07 GMT
Content-Encoding
gzip
Last-Modified
Mon, 09 Sep 2019 22:11:05 GMT
Server
ECS (fcn/40E3)
Etag
"98ef2a3a88ab7443920fb6114193c099+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Content-Type
text/css; charset=utf-8
Content-Length
11553
tweet.9bf5093a19cec463852b31b784bf047a.light.ltr.css
platform.twitter.com/css/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform.twitter.com/css/tweet.9bf5093a19cec463852b31b784bf047a.light.ltr.css
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40E3) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Sep 2019 10:23:07 GMT
Content-Encoding
gzip
Last-Modified
Mon, 09 Sep 2019 22:11:05 GMT
Server
ECS (fcn/40E3)
Etag
"98ef2a3a88ab7443920fb6114193c099+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Content-Type
text/css; charset=utf-8
Content-Length
11553
LN3vmn2K_normal.jpg
pbs.twimg.com/profile_images/992727929074475008/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/992727929074475008/LN3vmn2K_normal.jpg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/418A) /
Resource Hash
e4ab4a6bcf67f50610fb39af3ab7afb69b1daf39b641e1b046d01372287b70fd
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:07 GMT
x-content-type-options
nosniff
x-cache
HIT
status
200
content-length
1807
x-response-time
151
surrogate-key
profile_images profile_images/bucket/9 profile_images/992727929074475008
last-modified
Sat, 05 May 2018 11:27:16 GMT
server
ECS (fcn/418A)
strict-transport-security
max-age=631138519
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
1f88b25957ef25ff1807ca60334d9858
accept-ranges
bytes
U2Vdr6oI_normal.jpg
pbs.twimg.com/profile_images/1083854233483399171/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1083854233483399171/U2Vdr6oI_normal.jpg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41AC) /
Resource Hash
cea82d67689c1c17b9ba59f2b218bf4d7c60d660f1dfed642759c08442e0ef06
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:07 GMT
x-content-type-options
nosniff
x-cache
HIT
status
200
content-length
2111
x-response-time
182
surrogate-key
profile_images profile_images/bucket/6 profile_images/1083854233483399171
last-modified
Fri, 11 Jan 2019 22:30:40 GMT
server
ECS (fcn/41AC)
strict-transport-security
max-age=631138519
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
5417698c71c4e4caea8b47ce23c38cab
accept-ranges
bytes
j8XKLVA0_normal.jpg
pbs.twimg.com/profile_images/1158493587484696576/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1158493587484696576/j8XKLVA0_normal.jpg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/4191) /
Resource Hash
1bf7f942638a5a657d1fa10cd2e2e50f6d78cba23e60e61393191330fae38d27
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:07 GMT
x-content-type-options
nosniff
x-cache
HIT
status
200
content-length
2263
x-response-time
187
surrogate-key
profile_images profile_images/bucket/0 profile_images/1158493587484696576
last-modified
Mon, 05 Aug 2019 21:40:49 GMT
server
ECS (fcn/4191)
strict-transport-security
max-age=631138519
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
abbbb6c4fe72774df8b05021f5f4875c
accept-ranges
bytes
truncated
/ 		825 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4468e35646c229b518e5f398c5a3d6b15ba1351a71ef22692129bb32f5030ac0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		572 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0341a4478ce861ef85c819b913fa0a2501836a6a2ffda8643e95e39f4a2a7de0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		707 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
338e5578a7b3021caec1db415b93b214c378029d3cd8d19adc833d8b85ea7d29

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		600 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c50a17e8272b9359e4b62e0f305e201f359cb5bd2245671c115d031f2b7f68d0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		323 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c3531ed2c934e5daee80955db42a0245d666131e6322c6ec6985992922520ab4

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		835 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7e8d9c376f9c2619e8812440b680d6b28c3ed51cb6e7e71ea877fe5441aa9215

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
KFOlCnqEu92Fr1MmWUlfChc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfChc4AMP6lbBP.woff2
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
d4a0134009f70c36d82c43c77b2a6f0ee48a57beb8d4f9e9ff7c3dd3887212bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Sep 2019 12:03:16 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
1376391
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
7924
x-xss-protection
0
expires
Tue, 01 Sep 2020 12:03:16 GMT
cookie
d.pub.network/ 		36 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/cookie
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.71.214 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
214.71.188.35.bc.googleusercontent.com
Software
/
Resource Hash
45a94e89040b9d051c9cadd268df009d71ec7478bffe770492f21d6f7a2bce5f

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Wed, 18 Sep 2019 10:23:07 GMT
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
36
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain;charset=utf-8
gallery.js
freestar-io.videoplayerhub.com/ 		71 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://freestar-io.videoplayerhub.com/gallery.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.214.60 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-214-60.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
82608c622156adaadee6df53da087724b6477470251a5873610327e57c811af0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
PimPY0Y1xInj_fYKkN9NpibZ3t3fpdBf
Content-Encoding
gzip
Last-Modified
Tue, 17 Sep 2019 19:38:36 GMT
Server
AmazonS3
Age
25
Date
Wed, 18 Sep 2019 10:22:59 GMT
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA53-C1
X-Amz-Cf-Id
WgkJ7jBUTvwsKjWCwvjcry9UzoN6IWqBcaWdG4vl48V7TxB9nspAQA==
gpt.js
www.googletagservices.com/tag/js/ 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b845f2d1f90649b1f179899e2655575fe42f844a32206ae95e864c1723541acf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"282 / 282 of 1000 / last-modified: 1568744087"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
13148
x-xss-protection
0
expires
Wed, 18 Sep 2019 10:23:07 GMT
prebid-analytics-2.25.6.js
a.pub.network/core/ 		378 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/prebid-analytics-2.25.6.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:bf72 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f30ad4f8025ecae16f7b285399d479a84e0d6e0954d2451581433b974047baf0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:07 GMT
content-encoding
br
cf-cache-status
MISS
x-guploader-uploadid
AEnB2Uoki7wiIOdS4_rGBLwV7CifaL038CHZGztR_5HMQ9AhE4hNWp5jpP421iV4O-IGSlwM1gv7rWyMvRczp_sSky64zz0c4w
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
content-type
text/html
last-modified
Wed, 28 Aug 2019 19:18:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=NlTzPg==, md5=L7+pLA3HeBg1O8wR9Z/+Bg==
x-goog-generation
1567019884056381
cache-control
public, max-age=31536000
x-goog-stored-content-length
387444
cf-ray
51829a47ca92cbd0-VIE
expires
Thu, 17 Sep 2020 10:23:07 GMT
location
d.pub.network/ 		65 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/location
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.71.214 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
214.71.188.35.bc.googleusercontent.com
Software
/
Resource Hash
1a69f53445712daa0b82d80e32696b95d81b6a301d7cbfedafd9945571941456

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Wed, 18 Sep 2019 10:23:08 GMT
Access-Control-Allow-Credentials
true
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding
chunked
Content-Type
application/json
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
87562d3773ffab3d0716a70faa73c38b322fde3b8f265c3d646a3cea976ef67e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
pubads_impl_2019090901.js
securepubads.g.doubleclick.net/gpt/ 		157 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019090901.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f2.1e100.net
Software
sffe /
Resource Hash
d2064583dc074f40b117a6e11043ea853c50bc49954b5ac936a48d9482d36fa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 09 Sep 2019 13:07:13 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
59061
x-xss-protection
0
expires
Wed, 18 Sep 2019 10:23:07 GMT
av
connatix-d.openx.net/v/1.0/ Frame CF3B 		48 B
234 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://connatix-d.openx.net/v/1.0/av?auid=540193965&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&cb=981ff155d1254d9b3b651568802187520&vwd=834&vht=470&gdpr=1&gdpr_consent=0
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1724/min/connatix.renderer.infeed.min_dc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.163.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Sep 2019 10:23:07 GMT
via
1.1 google
server
OXGW/16.163.0
status
200
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
48
expires
Mon, 26 Jul 1997 05:00:00 GMT
p2
sb.scorecardresearch.com/ Frame CF3B
Redirect Chain
  • https://sb.scorecardresearch.com/p?c1=2&c2=17958079&ns_ap_an=ConnatixWeb&ns_ap_bi=*null&ns_type=hidden&ns_st_sv=6.1.1.171219&ns_st_smv=5.8&ns_st_it=r&ns_st_id=1568802187549&ns_st_ec=1&ns_st_sp=1&ns...
  • https://sb.scorecardresearch.com/p2?c1=2&c2=17958079&ns_ap_an=ConnatixWeb&ns_ap_bi=*null&ns_type=hidden&ns_st_sv=6.1.1.171219&ns_st_smv=5.8&ns_st_it=r&ns_st_id=1568802187549&ns_st_ec=1&ns_st_sp=1&n...
43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p2?c1=2&c2=17958079&ns_ap_an=ConnatixWeb&ns_ap_bi=*null&ns_type=hidden&ns_st_sv=6.1.1.171219&ns_st_smv=5.8&ns_st_it=r&ns_st_id=1568802187549&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=30000&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.1.1.171219&ns_st_pn=1&ns_st_tp=0&ns_st_ci=v_639404&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_ts=1568802187550&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=1&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=BleepingComputer%20Highlights%20Feed%20-%20Daily%20Highlights&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc11&ns_st_ge=*null&ns_st_st=*null&ns_st_ce=*null&ns_st_ia=*null&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=Connatix&ns_st_ti=*null&c3=*null&c4=*null&c6=*null&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&c8=&c9=&cs_ucfr=0
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.43.224 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-19-43-224.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 18 Sep 2019 10:23:07 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/p2?c1=2&c2=17958079&ns_ap_an=ConnatixWeb&ns_ap_bi=*null&ns_type=hidden&ns_st_sv=6.1.1.171219&ns_st_smv=5.8&ns_st_it=r&ns_st_id=1568802187549&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=30000&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.1.1.171219&ns_st_pn=1&ns_st_tp=0&ns_st_ci=v_639404&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_ts=1568802187550&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=1&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=BleepingComputer%20Highlights%20Feed%20-%20Daily%20Highlights&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc11&ns_st_ge=*null&ns_st_st=*null&ns_st_ce=*null&ns_st_ia=*null&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=Connatix&ns_st_ti=*null&c3=*null&c4=*null&c6=*null&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&c8=&c9=&cs_ucfr=0
Pragma
no-cache
Date
Wed, 18 Sep 2019 10:23:07 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
g
rtb.connatix.com/ 		329 B
377 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb.connatix.com/g?c_pw=834&c_ph=470&c_tk=C018218D-4AD0-4E01-8158-045425E65946&c_bu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&c_ivt=0&connatix_sess=qeturSJgqoCA3opWL_ptNePXTxuAV2NbPMwhkq1QDngoHotLwOHjhhmrE865hluMNcEIGhQSC-oEdPg7mKwbaqAlIEYOCGWLt9A1wFNc63hE33bsSdzBEkIn9-V4GlzLxRKwXGAHe3Dxvz36gHc11I44ixxWNhYuAuZBdXJRJN0tJOttO4K3sX7SZPVzGrf6&notServed=false&xplr=true&c_s=false&c_pl=X2Hv76Y4THnpz169K2qRscV2XOogXIfZuE-dnXM6hgMS29LM8uumC7SQp6FmzIBsrxHgeC2QzP-9nTOnQ7JpZRtZ7XSKWCukgo5pzKWrtpWr3VcOkzn_cnGpifTnQ3nWgjmHDNQbB8BthCiAc5RgEiPlew__g-0ZLAVLOH0hmKeeHMR2rftVctbfG2JY6xVjYxg9Cc9-QKyncmXSrfNMMBthHGs9XzSbCDSf_Pb6pHDqrlVeMB6zQxLgLl04KO8edAtyCwwdpJw3n7LWdZwf6g&gdpr=1&med_id=639404&req_no=1&v=2&c_pt=1&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world&c_v=1724_0_0_1_0&spp=1&callback=cnxJSONP_fde351b4b1ff5c8692ee1568802187553
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1724/min/connatix.renderer.infeed.min_dc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.86.195.52 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-86-195-52.compute-1.amazonaws.com
Software
nginx/1.15.9 (Ubuntu) /
Resource Hash
35cb0cfceecd6f21f28ea01abbe5fe24d7dbca31b5bb88289a74fbbdd529ab18

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 18 Sep 2019 10:23:08 GMT
Content-Encoding
gzip
Server
nginx/1.15.9 (Ubuntu)
Connection
keep-alive
Content-Length
189
vwt
trk.connatix.com/ Frame CF3B 		0
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk.connatix.com/vwt?id_cl=00035613c417417d42471568802187238&c_vid=639404&c_pl=X2Hv76Y4THnpz169K2qRscV2XOogXIfZuE-dnXM6hgMS29LM8uumC7SQp6FmzIBsrxHgeC2QzP-9nTOnQ7JpZRtZ7XSKWCukgo5pzKWrtpWr3VcOkzn_cnGpifTnQ3nWgjmHDNQbB8BthCiAc5RgEiPlew__g-0ZLAVLOH0hmKeeHMR2rftVctbfG2JY6xVjYxg9Cc9-QKyncmXSrfNMMBthHGs9XzSbCDSf_Pb6pHDqrlVeMB6zQxLgLl04KO8edAtyCwwdpJw3n7LWdZwf6g&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world&c_v=1724_0_0_1_0&spp=1
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.65.212 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-222-65-212.compute-1.amazonaws.com
Software
nginx/1.15.9 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 18 Sep 2019 10:23:07 GMT
Server
nginx/1.15.9 (Ubuntu)
Connection
keep-alive
Content-Length
0
vwt
trk.connatix.com/ Frame CF3B 		0
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk.connatix.com/vwt?connatix_sess=qeturSJgqoCA3opWL_ptNePXTxuAV2NbPMwhkq1QDngoHotLwOHjhhmrE865hluMNcEIGhQSC-oEdPg7mKwbaqAlIEYOCGWLt9A1wFNc63hE33bsSdzBEkIn9-V4GlzLxRKwXGAHe3Dxvz36gHc11I44ixxWNhYuAuZBdXJRJN0tJOttO4K3sX7SZPVzGrf6&c_vid=639404&c_pl=X2Hv76Y4THnpz169K2qRscV2XOogXIfZuE-dnXM6hgMS29LM8uumC7SQp6FmzIBsrxHgeC2QzP-9nTOnQ7JpZRtZ7XSKWCukgo5pzKWrtpWr3VcOkzn_cnGpifTnQ3nWgjmHDNQbB8BthCiAc5RgEiPlew__g-0ZLAVLOH0hmKeeHMR2rftVctbfG2JY6xVjYxg9Cc9-QKyncmXSrfNMMBthHGs9XzSbCDSf_Pb6pHDqrlVeMB6zQxLgLl04KO8edAtyCwwdpJw3n7LWdZwf6g&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world&c_v=1724_0_0_1_0&spp=1
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.65.212 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-222-65-212.compute-1.amazonaws.com
Software
nginx/1.15.9 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 18 Sep 2019 10:23:07 GMT
Server
nginx/1.15.9 (Ubuntu)
Connection
keep-alive
Content-Length
0
apstag.js
c.amazon-adsystem.com/aax2/ 		75 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.86.1.198 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-99-86-1-198.fra6.r.cloudfront.net
Software
Server /
Resource Hash
f31d00a72b38535ab0e9615410790bdd191ce7247198d172e7dcfd6913dbb70f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Sep 2019 17:15:32 GMT
content-encoding
gzip
server
Server
age
61654
etag
cb11f28997167e6ef1527a7077c2cf8c
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
public, max-age=86400
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
5lXfylYt16feIodJyw-NreHs1mylzzXiQiEkjOJQG7C4OxEedes-UQ==
via
1.1 3095e870e1a1a1b03178e40ab1872de5.cloudfront.net (CloudFront)
nncoection
close
config.js
confiant-integrations.global.ssl.fastly.net/dvS98IKwDukcG6gPDYBBcCk9sKY/gpt_and_prebid/ 		172 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/dvS98IKwDukcG6gPDYBBcCk9sKY/gpt_and_prebid/config.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
57b31bd65f1a564e90d8742cb1a8799eb932025fc838cf247ab89c5394482a97

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Sep 2019 10:23:07 GMT
Content-Encoding
gzip
Age
3351
X-Cache
HIT
Connection
keep-alive
Content-Length
36459
x-amz-id-2
jTZtfOHd7YiGtO7GoCm08Kue+QI8NG5QuAGfoaJ1yYU+fJz//jABOfNsiVCDxgFa+kpU82WTRyU=
X-Served-By
cache-fra19183-FRA
Last-Modified
Wed, 18 Sep 2019 09:20:21 GMT
Server
AmazonS3
X-Timer
S1568802188.653642,VS0,VE0
ETag
"03bc032cde36b0787df288384004f4a6"
x-amz-request-id
88DD9BCE429741BF
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
29
v2
d.pub.network/floors/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/floors/v2?key=535desktop
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.71.214 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
214.71.188.35.bc.googleusercontent.com
Software
/
Resource Hash
4fd5bf4f78cfcd3bcb5eb54c6d9cf6e8e9925d29d321a1202866e2a419d3feb5

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Wed, 18 Sep 2019 10:23:07 GMT
Access-Control-Allow-Credentials
true
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding
chunked
Content-Type
application/json
p
sb.scorecardresearch.com/ Frame CF3B 		43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=2&c2=17958079&ns_ap_an=ConnatixWeb&ns_ap_bi=*null&ns_type=hidden&ns_st_sv=6.1.1.171219&ns_st_smv=5.8&ns_st_it=r&ns_st_id=1568802187549&ns_st_ec=2&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=pause&ns_st_po=101&ns_st_cl=30000&ns_st_mp=js_api&ns_st_mv=6.1.1.171219&ns_st_pn=1&ns_st_tp=0&ns_st_ci=v_639404&ns_st_pt=101&ns_st_dpt=101&ns_st_ipt=101&ns_st_et=101&ns_st_det=101&ns_st_upc=101&ns_st_dupc=101&ns_st_iupc=101&ns_st_upa=101&ns_st_dupa=101&ns_st_iupa=101&ns_st_lpc=101&ns_st_dlpc=101&ns_st_lpa=101&ns_st_dlpa=101&ns_st_pa=101&ns_ts=1568802187651&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=1&ns_st_dpc=1&ns_st_pp=1&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=BleepingComputer%20Highlights%20Feed%20-%20Daily%20Highlights&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc11&ns_st_ge=*null&ns_st_st=*null&ns_st_ce=*null&ns_st_ia=*null&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=Connatix&ns_st_ti=*null&c3=*null&c4=*null&c6=*null&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&c8=&c9=&cs_ucfr=0
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.43.224 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-19-43-224.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 18 Sep 2019 10:23:07 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 01 Jan 1990 00:00:00 GMT
av
connatix-d.openx.net/v/1.0/ Frame CF3B 		48 B
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://connatix-d.openx.net/v/1.0/av?auid=540193942&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&cb=dfd4bf8c193bf1bf449a1568802187652&vwd=834&vht=470&gdpr=1&gdpr_consent=0
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1724/min/connatix.renderer.infeed.min_dc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.163.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Sep 2019 10:23:07 GMT
via
1.1 google
server
OXGW/16.163.0
status
200
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
48
expires
Mon, 26 Jul 1997 05:00:00 GMT
jot.html
platform.twitter.com/ Frame 3DC5
Redirect Chain
  • https://syndication.twitter.com/i/jot
  • https://platform.twitter.com/jot.html
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/jot.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40DB) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
Origin
https://www.bleepingcomputer.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Wed, 18 Sep 2019 10:23:07 GMT
Etag
"d9592a6c704736fa4da218d4357976dd"
Last-Modified
Mon, 09 Sep 2019 22:21:05 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/40DB)
X-Cache
HIT
Content-Length
80

Redirect headers

status
302 302 Found
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length
0
content-type
text/html;charset=utf-8
date
Wed, 18 Sep 2019 10:23:07 GMT
expires
Tue, 31 Mar 1981 05:00:00 GMT
last-modified
Wed, 18 Sep 2019 10:23:07 GMT
location
https://platform.twitter.com/jot.html
pragma
no-cache
server
tsa_o
strict-transport-security
max-age=631138519
x-connection-hash
2930ebf0f34d85392a586b494b361187
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-response-time
127
x-transaction
0068338500c040b6
x-tsa-request-body-time
0
x-twitter-response-tags
BouncerCompliant
x-xss-protection
0
wrap.js
confiant-integrations.global.ssl.fastly.net/prebid/201909161255/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/prebid/201909161255/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/dvS98IKwDukcG6gPDYBBcCk9sKY/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bf6dfeb55238667742261daf868564936c9c32468d2a3a8e32c8ded0e0627601

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Sep 2019 10:23:07 GMT
Content-Encoding
gzip
Age
95
X-Cache
HIT
Connection
keep-alive
Content-Length
9682
x-amz-id-2
qaieBehsiZt5XlztHeQZO78rbZryGXJ3B+YvdIUzh/ZNUvWX0Ft+7q/r5R9bMXzd7SQSmTqSR9Y=
X-Served-By
cache-fra19183-FRA
Last-Modified
Tue, 17 Sep 2019 17:19:39 GMT
Server
AmazonS3
X-Timer
S1568802188.714376,VS0,VE0
ETag
"1a63fd335ff2c1f355dbad15f6672704"
x-amz-request-id
1EDE41A65C744F4C
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
206
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.86.1.198 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-99-86-1-198.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6d6f482982f8f1a1814e279ff50df4ccc301533ca9655e4d080d6b90ec69d69e

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Sep 2019 20:38:25 GMT
content-encoding
gzip
vary
Origin
age
49483
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
*
last-modified
Fri, 24 Aug 2018 07:13:51 GMT
server
AmazonS3
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
lpjCaoDEPeRjIkYwo3BvivvN7zr8e9pbVVIYEB-NFw9wfnsEf1Ys_Q==
beacon.js
ad-delivery.net/ 		1 KB
991 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad-delivery.net/beacon.js
Requested by
Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.87 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-87.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7e94fbebf526effec4239c82e5435a412d81ffc4bc9bddf13f9aa1170f6d803e

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
last-modified
Tue, 31 Jan 2017 15:06:54 GMT
server
AmazonS3
age
990
date
Wed, 18 Sep 2019 10:07:11 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=3600
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
AHXt_WnNEYtjJct8sFA234v0qyGv3vgNnu7ApFOZcSCCi4Yyls3Q9Q==
via
1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront)
/
audit.quantcast.mgr.consensu.org/ 		80 B
484 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audit.quantcast.mgr.consensu.org/?log=;1568802187777;BleepingComputer.com;https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F;;;;;p,off,false,,1,en;Shown,;Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36
Requested by
Host: static.quantcast.mgr.consensu.org
URL: https://static.quantcast.mgr.consensu.org/v25/cmpui-popup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.27 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-27.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 14 Jun 2019 18:10:33 GMT
via
1.1 c26b8e74df43cd99786e716221463d0c.cloudfront.net (CloudFront)
vary
Origin
age
7623
x-cache
Hit from cloudfront
status
200
content-length
80
last-modified
Mon, 11 Jun 2018 22:07:34 GMT
server
AmazonS3
etag
"0614149d8033903db5de46d6c184bbfd"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-amz-cf-id
FjswYkcTvdXrZd8cSonK9tDdr_g5v05RcHbKLraH0ajfNtibh-dfOA==
av
connatix-d.openx.net/v/1.0/ Frame CF3B 		48 B
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://connatix-d.openx.net/v/1.0/av?auid=540193960&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&cb=aa29107f3910455c0f141568802187802&vwd=834&vht=470&gdpr=1&gdpr_consent=0
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1724/min/connatix.renderer.infeed.min_dc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.163.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Sep 2019 10:23:07 GMT
via
1.1 google
server
OXGW/16.163.0
status
200
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
48
expires
Mon, 26 Jul 1997 05:00:00 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		47 B
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&u=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&pid=8915218789891568802187736&cb=2512037154351568802187815&ws=1600x1200&v=7.36.01&t=1000&slots=%5B%7B%22sd%22%3A%22bleepingcomputer_728x90_970x90_970x250_320x50_ATF%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_728x90_970x90_970x250_320x50_ATF%22%7D%2C%7B%22sd%22%3A%22bleepingcomputer_728x90_970x90_970x250_320x50_BTF%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF%22%7D%2C%7B%22sd%22%3A%22bleepingcomputer_300x250_300x600_160x600_Right_1%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_1%22%7D%2C%7B%22sd%22%3A%22bleepingcomputer_300x250_300x600_160x600_Right_2%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_2%22%7D%2C%7B%22sd%22%3A%22bleepingcomputer_728x90_320x50_InContent_1%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_728x90_320x50_InContent_1%22%7D%2C%7B%22sd%22%3A%22bleepingcomputer_300x250_300x600_160x600_Right_3%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_3%22%7D%5D&pj=%7B%22apse%22%3A%7B%22chunkRequests%22%3Afalse%2C%22shouldCFRoute%22%3Atrue%2C%22shouldSampleLatency%22%3Afalse%7D%7D&cfgv=0&gdprl=%7B%22status%22%3A%22cmp-timeout%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.86.1.198 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-99-86-1-198.fra6.r.cloudfront.net
Software
Server /
Resource Hash
1859c89b541044355edec58cf4da059ee3c084b76222c37c63052f5a05197fc7

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:07 GMT
via
1.1 3095e870e1a1a1b03178e40ab1872de5.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA6-C1
status
200
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
47
x-amz-cf-id
IAaWroPBtyQb94gYPkb4Yh1Fl71eR6nntRV_rjnd8mecHsYlKsg5-g==
av
connatix-d.openx.net/v/1.0/ Frame CF3B 		48 B
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://connatix-d.openx.net/v/1.0/av?auid=540193947&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&cb=6e0ae4f9507dc5ad4f9e1568802187898&vwd=834&vht=470&gdpr=1&gdpr_consent=0
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1724/min/connatix.renderer.infeed.min_dc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.163.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Sep 2019 10:23:07 GMT
via
1.1 google
server
OXGW/16.163.0
status
200
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
48
expires
Mon, 26 Jul 1997 05:00:00 GMT
av
connatix-d.openx.net/v/1.0/ Frame CF3B 		48 B
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://connatix-d.openx.net/v/1.0/av?auid=540193949&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&cb=dabf585091ddaa3295771568802188005&vwd=834&vht=470&gdpr=1&gdpr_consent=0
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1724/min/connatix.renderer.infeed.min_dc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.163.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Sep 2019 10:23:08 GMT
via
1.1 google
server
OXGW/16.163.0
status
200
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
48
expires
Mon, 26 Jul 1997 05:00:00 GMT
49.45d0d44e9b5e129632e0.js
s7.addthis.com/static/ 		281 B
450 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/49.45d0d44e9b5e129632e0.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/201909161255/wrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-210-248-44.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
66e0f9a747bdd042fb9d01000d611034c4bdd2351cadb25fda445defec19c603

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:08 GMT
last-modified
Thu, 28 Feb 2019 14:32:49 GMT
content-type
application/javascript
status
200
cache-control
public, max-age=86313600
x-host
s7.addthis.com
accept-ranges
bytes
timing-allow-origin
*
content-length
281
/
graph.facebook.com/ 		303 B
396 B 		Script
General
Check archive.org
Download Go to
Full URL
https://graph.facebook.com/?id=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&fields=og_object%7Bengagement%7D&callback=_ate.cbs.rcb_fv9z0
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
2b9ed752b1f7a1b7ff82910bd04de734cbc2c8b1ea01da2170a75e5891034863
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
etag
"a1331a0e2d53e46fd72b5f3df874d3c5e287a1e5"
x-app-usage
{"call_count":0,"total_cputime":0,"total_time":0}
status
200
x-fb-rev
1001188405
content-length
193
pragma
no-cache
x-fb-debug
49NseSXBprm8QIjZk5HinveDip+XxVXX5vJHfSjTfkDnuj2e/OTpikHOC7ITK2HByywcxauk5d+Y5W4SISktNw==
x-fb-trace-id
EX06Md7/rHD
date
Wed, 18 Sep 2019 10:23:08 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-fb-request-id
AY9CoXax-kghJglWuJTkvTV
cache-control
private, no-cache, no-store, must-revalidate
facebook-api-version
v2.10
expires
Sat, 01 Jan 2000 00:00:00 GMT
info.json
www.reddit.com/api/ 		126 B
692 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.reddit.com/api/info.json?url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&jsonp=_ate.cbs.rcb_7tqx0
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
snooserv /
Resource Hash
846ee19b60269fda100dd4dcc5fcb45352504cec1d2469b918c302362e76f7e2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:08 GMT
via
1.1 varnish
x-content-type-options
nosniff
x-cache
MISS
status
200
content-length
126
x-xss-protection
1; mode=block
x-served-by
cache-fra19135-FRA
x-moose
majestic
expires
-1
server
snooserv
x-timer
S1568802188.088467,VS0,VE746
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
X-Moose
cache-control
private, s-maxage=0, max-age=0, must-revalidate, max-age=0, must-revalidate
x-ua-compatible
IE=edge
accept-ranges
bytes
x-cache-hits
0
/
graph.facebook.com/ 		141 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://graph.facebook.com/?id=http%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&fields=og_object%7Bengagement%7D&callback=_ate.cbs.rcb_4jis0
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
8543535075b0d640008fb97747f5ccd8ee3872abff1aebdde9ba92047afa5dc5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
etag
"1f23218f37fc4dfe0412aecf3c4f5192f8e36dfa"
x-app-usage
{"call_count":0,"total_cputime":0,"total_time":0}
status
200
x-fb-rev
1001188405
content-length
141
pragma
no-cache
x-fb-debug
MXUcZ4M2ubDqkXsRe0jMfe8jcagSlC4Oeq0oLHSuwj8QETCGuv7HdQvS15NBcygzGvo4YNGS6tYEnliExwzTdg==
x-fb-trace-id
GAaeXNfkdbE
date
Wed, 18 Sep 2019 10:23:08 GMT
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-fb-request-id
AJzMyWeM3kk5lZJ18wS58OF
cache-control
private, no-cache, no-store, must-revalidate
facebook-api-version
v2.10
expires
Sat, 01 Jan 2000 00:00:00 GMT
info.json
www.reddit.com/api/ 		126 B
259 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.reddit.com/api/info.json?url=http%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&jsonp=_ate.cbs.rcb_g7rw0
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
snooserv /
Resource Hash
3d68b2301825ce9b36663634e11c9ac93a648eb4b77a066dc02b5bc94de865a8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:08 GMT
via
1.1 varnish
x-content-type-options
nosniff
x-cache
MISS
status
200
content-length
126
x-xss-protection
1; mode=block
x-served-by
cache-fra19135-FRA
x-moose
majestic
expires
-1
server
snooserv
x-timer
S1568802188.088485,VS0,VE776
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
X-Moose
cache-control
private, s-maxage=0, max-age=0, must-revalidate, max-age=0, must-revalidate
x-ua-compatible
IE=edge
accept-ranges
bytes
x-cache-hits
0
av
connatix-d.openx.net/v/1.0/ Frame CF3B 		48 B
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://connatix-d.openx.net/v/1.0/av?auid=540193964&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&cb=a85679b6467068ee66071568802188120&vwd=834&vht=470&gdpr=1&gdpr_consent=0
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1724/min/connatix.renderer.infeed.min_dc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.163.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Sep 2019 10:23:08 GMT
via
1.1 google
server
OXGW/16.163.0
status
200
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
48
expires
Mon, 26 Jul 1997 05:00:00 GMT
av
connatix-d.openx.net/v/1.0/ Frame CF3B 		48 B
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://connatix-d.openx.net/v/1.0/av?auid=540193965&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&cb=337f3a07f4dcfe62b1b71568802188203&vwd=834&vht=470&gdpr=1&gdpr_consent=0
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1724/min/connatix.renderer.infeed.min_dc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.163.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Sep 2019 10:23:08 GMT
via
1.1 google
server
OXGW/16.163.0
status
200
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
48
expires
Mon, 26 Jul 1997 05:00:00 GMT
jquery.color-2.1.2.min.js
cluster-na.cdnjquery.com/color/ 		92 B
356 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cluster-na.cdnjquery.com/color/jquery.color-2.1.2.min.js?integrity=btjsonpcallback1568802188227&checksum=%7B%22cbc%22%3A0%2C%22st%22%3A2%2C%22au%22%3A%5B%5D%2C%22hau%22%3A%5B%5D%2C%22ref%22%3A%22https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F%22%2C%22aa%22%3A3%2C%22pgid%22%3A%22aebd547b-7784-1137-5d37-20e67e0de959%22%2C%22v%22%3A1%2C%22format%22%3A%22jsonp%22%7D&o=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F
Requested by
Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.2.31.64 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-2-31-64.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
eda198cca01cfbca1bf379b67742566b229c0991739664827ec6b2bf3c02ac45
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Sep 2019 10:23:08 GMT
Content-Encoding
gzip
Server
nginx/1.12.1
ETag
W/"5c-BJjCMHQ0nRxS28LTSgZE/CA4A1s"
X-Frame-Options
DENY
Content-Type
text/javascript; charset=utf-8
Charset
utf8
Connection
keep-alive
Content-Length
84
px.gif
ad-delivery.net/ 		43 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.6276605459120863
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.87 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-87.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront)
last-modified
Thu, 27 Jul 2017 18:59:05 GMT
server
AmazonS3
age
46533
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
x-cache
Hit from cloudfront
content-type
image/gif
status
200
date
Tue, 17 Sep 2019 21:32:07 GMT
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
43
x-amz-cf-id
uwBlashz3ZP4IML9I-U_Z5JIToZfG3qwiFHh_k4fOnAD08CKeaVqAA==
av
connatix-d.openx.net/v/1.0/ Frame CF3B 		48 B
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://connatix-d.openx.net/v/1.0/av?auid=540193942&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&cb=80edf37cade79ab554ed1568802188308&vwd=834&vht=470&gdpr=1&gdpr_consent=0
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1724/min/connatix.renderer.infeed.min_dc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.163.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Sep 2019 10:23:08 GMT
via
1.1 google
server
OXGW/16.163.0
status
200
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
48
expires
Mon, 26 Jul 1997 05:00:00 GMT
av
connatix-d.openx.net/v/1.0/ Frame CF3B 		48 B
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://connatix-d.openx.net/v/1.0/av?auid=540193960&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&cb=a0863aac0eeb584c94391568802188407&vwd=834&vht=470&gdpr=1&gdpr_consent=0
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1724/min/connatix.renderer.infeed.min_dc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.163.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Sep 2019 10:23:08 GMT
via
1.1 google
server
OXGW/16.163.0
status
200
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
48
expires
Mon, 26 Jul 1997 05:00:00 GMT
av
connatix-d.openx.net/v/1.0/ Frame CF3B 		48 B
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://connatix-d.openx.net/v/1.0/av?auid=540193947&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&cb=90984f8ab9c2d1a383a31568802188528&vwd=834&vht=470&gdpr=1&gdpr_consent=0
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1724/min/connatix.renderer.infeed.min_dc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.163.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Sep 2019 10:23:08 GMT
via
1.1 google
server
OXGW/16.163.0
status
200
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
48
expires
Mon, 26 Jul 1997 05:00:00 GMT
av
connatix-d.openx.net/v/1.0/ Frame CF3B 		48 B
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://connatix-d.openx.net/v/1.0/av?auid=540193949&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&cb=c0fb33cce83eb04e54d61568802188671&vwd=834&vht=470&gdpr=1&gdpr_consent=0
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1724/min/connatix.renderer.infeed.min_dc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.163.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Sep 2019 10:23:08 GMT
via
1.1 google
server
OXGW/16.163.0
status
200
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
48
expires
Mon, 26 Jul 1997 05:00:00 GMT
av
connatix-d.openx.net/v/1.0/ Frame CF3B 		48 B
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://connatix-d.openx.net/v/1.0/av?auid=540193964&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&cb=dfea0e36b587e21392311568802188774&vwd=834&vht=470&gdpr=1&gdpr_consent=0
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1724/min/connatix.renderer.infeed.min_dc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.163.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Sep 2019 10:23:08 GMT
via
1.1 google
server
OXGW/16.163.0
status
200
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
48
expires
Mon, 26 Jul 1997 05:00:00 GMT
av
connatix-d.openx.net/v/1.0/ Frame CF3B 		48 B
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://connatix-d.openx.net/v/1.0/av?auid=540193965&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&cb=105da8aaff21947b206b1568802188857&vwd=834&vht=470&gdpr=1&gdpr_consent=0
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1724/min/connatix.renderer.infeed.min_dc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.163.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Sep 2019 10:23:08 GMT
via
1.1 google
server
OXGW/16.163.0
status
200
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
48
expires
Mon, 26 Jul 1997 05:00:00 GMT
c
c.pub.network/ 		36 B
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.226.36.58 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
58.36.226.35.bc.googleusercontent.com
Software
/
Resource Hash
45a94e89040b9d051c9cadd268df009d71ec7478bffe770492f21d6f7a2bce5f

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Wed, 18 Sep 2019 10:23:09 GMT
Access-Control-Allow-Credentials
true
Content-Length
36
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain;charset=utf-8
auction
tlx.3lift.com/header/ 		19 B
545 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=2.25.0&referrer=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&tmax=1200
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.206.192 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-156-206-192.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 18 Sep 2019 10:23:10 GMT
status
200
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid_display
display.bfmio.com/ 		136 B
570 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://display.bfmio.com/prebid_display
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.175.5 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-225-175-5.compute-1.amazonaws.com
Software
/
Resource Hash
2bc2f923beb057305b24afa9c51491e6e3e1aadb45c16d213e0ca5cae93e1c84
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding, User-Agent
Content-Type
text/plain;charset=iso-8859-1
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Expose-Headers
location
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
144
imp
g2.gumgum.com/hbid/ 		123 B
571 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=14287&pi=3&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&ns=9933&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.147.35 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-77-147-35.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
afeb5c988e1cf189e21b6b11525e4f24b5d6d955d7fe27e5d879ae75e47357a3

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 18 Sep 2019 10:23:09 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
server
nginx
status
200
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		123 B
570 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=14288&pi=3&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&ns=9933&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.147.35 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-77-147-35.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
2b92869794d4aefbf198e16f39d20121e4660756f5cf78d8b2c14fc044eff83f

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 18 Sep 2019 10:23:09 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
server
nginx
status
200
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		123 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=14287&pi=3&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&ns=9933&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.147.35 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-77-147-35.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d3b9282150d7afaa9263d755f3450d2e3234d7aaf159c3de8e415cbe4d3eafaa

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 18 Sep 2019 10:23:09 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
server
nginx
status
200
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		123 B
570 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=14288&pi=3&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&ns=9933&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.147.35 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-77-147-35.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b332c9810a4dd50bcda1c4b796e08bb51bf911c3f2833f2c2feeddb6ae78ee76

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 18 Sep 2019 10:23:09 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
server
nginx
status
200
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		0
499 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?t=zztu1szx&pi=2&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&ns=9933&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.147.35 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-77-147-35.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 18 Sep 2019 10:23:09 GMT
server
nginx
status
204
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		123 B
570 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=14290&pi=3&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&ns=9933&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.147.35 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-77-147-35.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a3c9f4acd50e3927fb77d3d2744b0258440099664960bcd686b794518aa94a80

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 18 Sep 2019 10:23:09 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
server
nginx
status
200
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		0
500 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?t=zztu1szx&pi=2&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&ns=9933&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.147.35 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-77-147-35.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 18 Sep 2019 10:23:09 GMT
server
nginx
status
204
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		123 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=14290&pi=3&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&ns=9933&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.147.35 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-77-147-35.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
3feb67bc31f81c3e9e3a1d4fe37036623927464b784bb6abd6e70d87921957d5

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 18 Sep 2019 10:23:09 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
server
nginx
status
200
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		123 B
571 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=14287&pi=3&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&ns=9933&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.147.35 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-77-147-35.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
65ee5406a89efe5f0f53489a8fcfb30674d0d7ca02ebcb07f06d1b36b724958c

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 18 Sep 2019 10:23:09 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
server
nginx
status
200
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		0
499 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?t=zztu1szx&pi=2&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&ns=9933&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.147.35 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-77-147-35.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 18 Sep 2019 10:23:09 GMT
server
nginx
status
204
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		123 B
570 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=14290&pi=3&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&ns=9933&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.147.35 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-77-147-35.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
38f5f8cd5c5fda4ded160d672e476bb5542fc3e702a3c53a44850a753ba7cacb

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 18 Sep 2019 10:23:09 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
server
nginx
status
200
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
v1
dmx.districtm.io/b/ 		0
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 18 Sep 2019 10:23:09 GMT
server
cloudflare
status
204
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
51829a522af1c84b-AMS
access-control-allow-headers
origin, content-type
prebid
ib.adnxs.com/ut/v3/ 		711 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 , Ascension Island, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
393703d7785acaf066255fa756de397ff7e250f64a21b6d5cf8407c3a254dc35
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 18 Sep 2019 10:23:11 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
89.38.96.188; 89.38.96.188; 536.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.45:80
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
5ea9bed7-f5d4-4814-9057-5310d250cb90
Server
nginx/1.13.4
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		724 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 , Ascension Island, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
11fb622a8d3e0830daeb3e68573ce4200000b6a4ac1e8b1a66de775a907ec0bf
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 18 Sep 2019 10:23:11 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
89.38.96.188; 89.38.96.188; 536.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.44:80
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
4957f841-a0e8-45c6-a5db-53387903d5b8
Server
nginx/1.13.4
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v2
i.connectad.io/api/ 		210 B
331 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.connectad.io/api/v2
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:8528 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec1df8c4a64148a445a97e79db884ef225a6c91773243119c157b21a4967363b

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 18 Sep 2019 10:23:09 GMT
content-encoding
gzip
content-type
application/json
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
51829a518ff3598e-VIE
alt-svc
clear
via
1.1 google
cygnus
as-sec.casalemedia.com/ 		25 B
914 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?s=393562&v=7.2&r=%7B%22id%22%3A%2270c92cfc621ab25%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2271c0d9952954edd%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22id%22%3A%227242ad9096b1fa2%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22id%22%3A%227393b158238a396%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22id%22%3A%22747cd82d5b891a8%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22id%22%3A%2275dcf7e2673dc16%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22id%22%3A%227678e909b18d2d5%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22id%22%3A%22772a85df1d36cdb%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22id%22%3A%22785cb3501dbf5f1%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x600%22%7D%7D%2C%7B%22id%22%3A%227945e79467a240d%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22id%22%3A%2280ecfe45eb551a5%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x600%22%7D%7D%2C%7B%22id%22%3A%2281abe76e05fdd67%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22id%22%3A%228293db11a98433c%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22id%22%3A%228351f556d3926a8%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1c03bf74cefa77fd7b312c58f119309b4a2b16754bb24075ad5440814748fd7e

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 18 Sep 2019 10:23:09 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
45
Expires
Wed, 18 Sep 2019 10:23:09 GMT
/
hb.emxdgt.com/ 		0
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=1200&ts=1568802188985&src=pbjs
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.104.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-196-104-43.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 18 Sep 2019 10:23:08 GMT
Content-Type
text/html
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Access-Control-Allow-Headers
security, Content-Type
Content-Length
0
v1
btlr.sharethrough.com/header-bid/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/header-bid/v1?placement_key=GrVComq83JzCSLK1pi9waoyR&bidId=89c491d532fe37b&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.25.0&strVersion=3.0.1&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.6.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-120-6-212.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/header-bid/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/header-bid/v1?placement_key=wDH8n844o8J5LF7qDwHQ7sj5&bidId=90648a1877aa56a&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.25.0&strVersion=3.0.1&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.6.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-120-6-212.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/header-bid/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/header-bid/v1?placement_key=L7rKdgz52e7UZ4fMkwkYmaxf&bidId=91fed1babd944fd&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.25.0&strVersion=3.0.1&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.6.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-120-6-212.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/header-bid/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/header-bid/v1?placement_key=GrVComq83JzCSLK1pi9waoyR&bidId=928d7da22e4c9be&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.25.0&strVersion=3.0.1&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.6.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-120-6-212.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/header-bid/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/header-bid/v1?placement_key=wDH8n844o8J5LF7qDwHQ7sj5&bidId=933dec269c800ff&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.25.0&strVersion=3.0.1&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.6.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-120-6-212.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/header-bid/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/header-bid/v1?placement_key=L7rKdgz52e7UZ4fMkwkYmaxf&bidId=940edaef7c96671&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.25.0&strVersion=3.0.1&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.6.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-120-6-212.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/header-bid/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/header-bid/v1?placement_key=DSthphoQqH66AkQXPDoXn74b&bidId=95d86a67d6b96f5&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.25.0&strVersion=3.0.1&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.6.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-120-6-212.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/header-bid/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/header-bid/v1?placement_key=Y2PwNBba8FyKXESSc72DFF25&bidId=96d2a81a0831f39&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.25.0&strVersion=3.0.1&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.6.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-120-6-212.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/header-bid/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/header-bid/v1?placement_key=Kwm6ycRx3Uk3CYRoM3xEqtjr&bidId=97bd17d76fab5fc&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.25.0&strVersion=3.0.1&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.6.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-120-6-212.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/header-bid/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/header-bid/v1?placement_key=DSthphoQqH66AkQXPDoXn74b&bidId=98a2f6339a93921&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.25.0&strVersion=3.0.1&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.6.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-120-6-212.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/header-bid/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/header-bid/v1?placement_key=Y2PwNBba8FyKXESSc72DFF25&bidId=996a6840eb13578&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.25.0&strVersion=3.0.1&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.6.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-120-6-212.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/header-bid/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/header-bid/v1?placement_key=Kwm6ycRx3Uk3CYRoM3xEqtjr&bidId=100b3e674f6f0c7a&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.25.0&strVersion=3.0.1&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.6.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-120-6-212.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/header-bid/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/header-bid/v1?placement_key=GrVComq83JzCSLK1pi9waoyR&bidId=1012175a3f1f7f6&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.25.0&strVersion=3.0.1&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.6.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-120-6-212.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/header-bid/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/header-bid/v1?placement_key=Ggh1aXSgpQAvBpkxoyAsBJPd&bidId=10236f92348d57a1&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.25.0&strVersion=3.0.1&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.6.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-120-6-212.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/header-bid/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/header-bid/v1?placement_key=DSthphoQqH66AkQXPDoXn74b&bidId=103c58235a41d7da&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.25.0&strVersion=3.0.1&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.6.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-120-6-212.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/header-bid/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/header-bid/v1?placement_key=Y2PwNBba8FyKXESSc72DFF25&bidId=104f690720bd63ad&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.25.0&strVersion=3.0.1&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.6.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-120-6-212.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/header-bid/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/header-bid/v1?placement_key=Kwm6ycRx3Uk3CYRoM3xEqtjr&bidId=105a883753722565&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.25.0&strVersion=3.0.1&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.6.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-120-6-212.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
arj
freestar-d.openx.net/w/1.0/ 		175 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://freestar-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&jr=&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_2.1.7&dddid=0d809ff4-cfb1-4d8d-8c83-28966ca98d4f%2C32496333-dde8-4711-b56f-1cbfc8a0617a%2C21f813a4-e3b3-4092-a6d0-160cc0e4d17c%2C15c60f93-e76d-41a9-b8c2-e4c71dc092dd%2Cb0e8bee9-2328-4e2f-9186-fc9d1bc28008%2C2893f492-dc3d-4bcc-b314-9e07d22895f4&nocache=1568802188988&x_gdpr_f=1&pubcid=8456d5b0-afe5-45d2-a074-0e4b44467297&aus=728x90%2C970x90%2C970x250%7C728x90%2C970x90%2C970x250%7C300x250%2C300x600%7C300x250%2C300x600%7C728x90%7C300x250%2C300x600&divIds=bleepingcomputer_728x90_970x90_970x250_320x50_ATF%2Cbleepingcomputer_728x90_970x90_970x250_320x50_BTF%2Cbleepingcomputer_300x250_300x600_160x600_Right_1%2Cbleepingcomputer_300x250_300x600_160x600_Right_2%2Cbleepingcomputer_728x90_320x50_InContent_1%2Cbleepingcomputer_300x250_300x600_160x600_Right_3&auid=539181725%2C539181725%2C539181725%2C539181725%2C539181725%2C539181725&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.163.0 /
Resource Hash
eefa2fb2f05b9f0b175b8a18c38b245df7da5153219cc9865fb94ad964d20fcc

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 18 Sep 2019 10:23:09 GMT
via
1.1 google
server
OXGW/16.163.0
status
200
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
175
expires
Mon, 26 Jul 1997 05:00:00 GMT
24
web.hb.ad.cpe.dotomi.com/s2s/header/ 		534 B
725 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:16::1460 , Sweden, ASN25751 (VALUECLICK - Conversant, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
4dbb0d7a9aab9d404ab13a33b8edc915ee1faefd43daec748a821c4459cb126e

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 18 Sep 2019 10:23:09 GMT
server
nginx
status
200
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
534
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		263 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=2&alt_size_ids=55%2C57&p_pos=unknown&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&tk_flint=pbjs_lite_v2.25.0&x_source.tid=0d809ff4-cfb1-4d8d-8c83-28966ca98d4f&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.9467266828783205
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.142 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
347b8ff8ee90634c9d3ea71cb45a94c1c8dd62baa42e7d7cb52bf01edf03e727

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 18 Sep 2019 10:23:09 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=355
Content-Length
263
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		263 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=2&alt_size_ids=55%2C57&p_pos=unknown&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&tk_flint=pbjs_lite_v2.25.0&x_source.tid=32496333-dde8-4711-b56f-1cbfc8a0617a&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.03631917430439424
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.142 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
d7afc2814615dbb587745a45806573e3c19b9dc8e08d0ae12ea6b87dafc02910

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 18 Sep 2019 10:23:09 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=240
Content-Length
263
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		261 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=15&alt_size_ids=10&p_pos=unknown&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&tk_flint=pbjs_lite_v2.25.0&x_source.tid=21f813a4-e3b3-4092-a6d0-160cc0e4d17c&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.7949271428237612
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.142 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
72b7b82b18145a70db4cc8bb690f260452de3dd3db1a51b83d1aa01b43e74050

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 18 Sep 2019 10:23:09 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=437
Content-Length
261
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		261 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=15&alt_size_ids=10&p_pos=unknown&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&tk_flint=pbjs_lite_v2.25.0&x_source.tid=15c60f93-e76d-41a9-b8c2-e4c71dc092dd&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.2722691928490846
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.142 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
d86077e61e477ae6338f52a8395adc9e992039f715a860507cf80696b6c65128

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 18 Sep 2019 10:23:09 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=283
Content-Length
261
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		240 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=2&p_pos=unknown&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&tk_flint=pbjs_lite_v2.25.0&x_source.tid=b0e8bee9-2328-4e2f-9186-fc9d1bc28008&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.2605644224807546
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.142 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
6f8a44936bd24db5c54200edf2ef1ed44dcd80496b36b921ddb82f8b8800f5b0

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 18 Sep 2019 10:23:09 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=371
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		261 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=15&alt_size_ids=10&p_pos=unknown&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&tk_flint=pbjs_lite_v2.25.0&x_source.tid=2893f492-dc3d-4bcc-b314-9e07d22895f4&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.21251621161402579
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.142 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
9ed49a16cf8b6854c0f3c8bbd18bea92c7059b690a9b16d69c3d8833434a038d

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 18 Sep 2019 10:23:09 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=426
Content-Length
261
Expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Wed, 18 Sep 2019 10:23:09 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://www.bleepingcomputer.com
ads
securepubads.g.doubleclick.net/gampad/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=176970077632908&correlator=1817198228059158&output=ldjh&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&json_a=1&eid=21062414%2C21063047%2C21063636%2C21064169%2C21064527&vrg=2019090901&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A16809992%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20190918&iu_parts=15184186%2Cbleepingcomputer_728x90_970x90_970x250_320x50_ATF%2Cbleepingcomputer_728x90_970x90_970x250_320x50_BTF%2Cbleepingcomputer_300x250_300x600_160x600_Right_1%2Cbleepingcomputer_300x250_300x600_160x600_Right_2%2Cbleepingcomputer_728x90_320x50_InContent_1%2Cbleepingcomputer_1x1%2Cbleepingcomputer_300x250_300x600_160x600_Right_3&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7&prev_iu_szs=728x90%7C970x90%7C970x250%2C728x90%7C970x90%7C970x250%2C300x250%7C300x600%2C300x250%7C300x600%2C728x90%2C1x1%2C300x250%7C300x600&prev_scp=amznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7C%7Camznbid%3D2%26amznp%3D2&eri=1&cust_params=user-agent%3DChrome&cookie_enabled=1&bc=31&abxe=1&lmt=1566571145&dt=1568802189001&dlt=1568802186595&idt=1033&frm=20&biw=1600&bih=1200&oid=3&adxs=436%2C436%2C1082%2C1082%2C268%2C800%2C1082&adys=146%2C6622%2C327%2C1136%2C5037%2C7128%2C1661&adks=960084856%2C976516616%2C771041174%2C2389526111%2C4047242158%2C2635258439%2C523518761&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&ifi=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&dssz=58&icsg=2686459904&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1170x120%7C1200x90%7C306x250%7C306x250%7C834x90%7C1600x7129%7C306x250&msz=1170x90%7C1170x90%7C306x250%7C306x250%7C834x90%7C1600x1%7C306x250&ga_vid=1642976656.1568802187&ga_sid=1568802187&ga_hid=1897262523&fws=4%2C4%2C4%2C4%2C4%2C4%2C516&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019090901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f2.1e100.net
Software
cafe /
Resource Hash
e74f568e9d5a1d66917a37fbb26fbb7171bf3e052dcf7841e90d789bddfed3d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:09 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
2061
x-xss-protection
0
google-lineitem-id
-2,-2,-2,-2,-2,4769125089,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,-2,-2,-2,138241540478,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_2019090901.js
securepubads.g.doubleclick.net/gpt/ 		62 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019090901.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019090901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f2.1e100.net
Software
sffe /
Resource Hash
f92613e18f86a27550aa6d749c835105da1adcb8144563d352341a871cf7e8ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 09 Sep 2019 13:07:13 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
24115
x-xss-protection
0
expires
Wed, 18 Sep 2019 10:23:09 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/201909161255/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
bid
c.amazon-adsystem.com/e/dtb/ 		47 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&u=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&pid=8915218789891568802187736&cb=8526780067711568802189068&ws=1600x1200&v=7.36.01&t=1000&slots=%5B%7B%22sd%22%3A%22bleepingcomputer_970x90_728x90_320x50_sticky%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_970x90_728x90_320x50_sticky%22%7D%5D&pj=%7B%22apse%22%3A%7B%22chunkRequests%22%3Afalse%2C%22shouldCFRoute%22%3Atrue%2C%22shouldSampleLatency%22%3Afalse%7D%7D&cfgv=0&gdprl=%7B%22status%22%3A%22cmp-timeout%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.86.1.198 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-99-86-1-198.fra6.r.cloudfront.net
Software
Server /
Resource Hash
6006bbf34b3125901c8333fe76a9daeb862a8cb76844dbf75140fc0f59cee667

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:09 GMT
via
1.1 3095e870e1a1a1b03178e40ab1872de5.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA6-C1
status
200
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
47
x-amz-cf-id
B7JA5WV4I2YkLnWjDqsnxWzjv96M7gOjzNPkCK_kjRyF62KH3hlEXQ==
quant.js
secure.quantserve.com/ 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.210 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software
QS /
Resource Hash
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Sep 2019 10:23:09 GMT
Content-Encoding
gzip
Last-Modified
Wed, 18-Sep-2019 10:23:09 GMT
Server
QS
ETag
M0-e2b9884a
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=604800
Connection
keep-alive
Content-Length
5456
Expires
Wed, 25 Sep 2019 10:23:09 GMT
bxl.js
hbx.media.net/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/bxl.js?cid=8CUFH1GPH&dn=www.bleepingcomputer.com&version=&https=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.68.31 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-68-31.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94d2da1e1639032b0a185a9f2d6abbf3c7f5dddd9dcaf21941a1dea1f7078f82

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:09 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
status
200
cache-control
max-age=86400
content-length
6638
x-mnet-hl2
E
expires
Thu, 19 Sep 2019 10:23:09 GMT
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.43.224 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-19-43-224.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Sep 2019 10:23:09 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
901
Expires
Thu, 19 Sep 2019 10:23:09 GMT
load.js
s.ntv.io/serve/ 		282 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.163 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-234-163.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
b56d484dae3d7041de26ec13b3a3aa54e9c652f1e702033ffb44176a1275933b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Sep 2019 10:23:09 GMT
Content-Encoding
gzip
x-amz-request-id
3897D863F56E99B7
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
5ERbrDyo/KUZwEUJd8T9N6qoe8QhJZZdfwFaCkMVXP0Iw3LbA3pKwRoHdxMITsc2j1nRIDPOjIA=
Last-Modified
Thu, 12 Sep 2019 19:04:08 GMT
Server
AmazonS3
ETag
"5dcea17c5e4b3c9d8a23a6ae9147251c"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
b1b9220a-9b1d-4e9d-8f77-21d7dc9d4216
d.pub.network/rfm/cookie/ 		3 B
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/rfm/cookie/b1b9220a-9b1d-4e9d-8f77-21d7dc9d4216
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.71.214 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
214.71.188.35.bc.googleusercontent.com
Software
/
Resource Hash
8eb95bcbc154530931e15fc418c8b1fe991095671409552099ea1aa596999ede

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Wed, 18 Sep 2019 10:23:09 GMT
Access-Control-Allow-Credentials
true
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding
chunked
Content-Type
application/json
classification
d.pub.network/ 		3 B
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/classification?siteId=535&pageUrl=https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.71.214 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
214.71.188.35.bc.googleusercontent.com
Software
/
Resource Hash
8eb95bcbc154530931e15fc418c8b1fe991095671409552099ea1aa596999ede

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Wed, 18 Sep 2019 10:23:09 GMT
Access-Control-Allow-Credentials
true
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding
chunked
Content-Type
application/json
av
connatix-d.openx.net/v/1.0/ Frame CF3B 		48 B
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://connatix-d.openx.net/v/1.0/av?auid=540193942&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&cb=957bb2fe28550b1b18a61568802189084&vwd=834&vht=470&gdpr=1&gdpr_consent=0
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1724/min/connatix.renderer.infeed.min_dc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.163.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Sep 2019 10:23:09 GMT
via
1.1 google
server
OXGW/16.163.0
status
200
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
48
expires
Mon, 26 Jul 1997 05:00:00 GMT
b
sb.scorecardresearch.com/ 		0
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=23384447&cs_ucfr=1&ns__t=1568802189146&ns_c=UTF-8&cv=3.1&c8=Emotet%20Botnet%20Is%20Back%2C%20Servers%20Active%20Across%20the%20World&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&c9=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.43.224 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-19-43-224.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 18 Sep 2019 10:23:09 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
v2
i.connectad.io/api/ 		97 B
642 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.connectad.io/api/v2
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:8528 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
20b9c5252847cdf2295fe94b5b65406f9bd0b46c5c1ccc88292bf2c22b09203b

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 18 Sep 2019 10:23:09 GMT
content-encoding
gzip
content-type
application/json
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
51829a526896598e-VIE
alt-svc
clear
via
1.1 google
prebid_display
display.bfmio.com/ 		136 B
570 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://display.bfmio.com/prebid_display
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.175.5 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-225-175-5.compute-1.amazonaws.com
Software
/
Resource Hash
7e5825d5c855dee230929a99393f7242cb190f69ebb15820ed2e12c9b4039c39
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding, User-Agent
Content-Type
text/plain;charset=iso-8859-1
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Expose-Headers
location
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
144
cygnus
as-sec.casalemedia.com/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?s=393562&v=7.2&r=%7B%22id%22%3A%2214528a0d8f37c648%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22146604d82a378684%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22id%22%3A%22147986ac7a10f733%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22970x90%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f6abffc1195b8b06f6ddf6d7aac5a7f9d103fb91eebea626de9785d12bdc8732

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 18 Sep 2019 10:23:09 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
1006
Expires
Wed, 18 Sep 2019 10:23:09 GMT
24
web.hb.ad.cpe.dotomi.com/s2s/header/ 		194 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:16::1460 , Sweden, ASN25751 (VALUECLICK - Conversant, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
bbf102c5075f97a7a750916e31fce68b9dd30074841cec6a1e16f10328b7ce73

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 18 Sep 2019 10:23:09 GMT
server
nginx
status
200
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
194
expires
0
arj
freestar-d.openx.net/w/1.0/ 		175 B
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://freestar-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&jr=&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_2.1.7&dddid=e958f45b-b257-415b-983b-da592dd79f54&nocache=1568802189173&x_gdpr_f=1&pubcid=8456d5b0-afe5-45d2-a074-0e4b44467297&aus=728x90%2C970x90&divIds=bleepingcomputer_970x90_728x90_320x50_sticky&auid=539181725&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.163.0 /
Resource Hash
8f0eed2c4b4577fbe95ac13af4ad75470e06aefe42e12c22c8a9e66512371d09

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 18 Sep 2019 10:23:09 GMT
via
1.1 google
server
OXGW/16.163.0
status
200
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
175
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
865 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 , Ascension Island, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
2544182fb9a0a2f65dac966c91bcbcb8239798c4c5d8278f0fd6d9f4056d301e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 18 Sep 2019 10:23:11 GMT
X-Proxy-Origin
89.38.96.188; 89.38.96.188; 536.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.229:80
AN-X-Request-Uuid
9c742e47-3239-4de9-8777-fabd16ba8031
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
imp
g2.gumgum.com/hbid/ 		123 B
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pv=e35cef8b-b418-4154-8d05-e7bba6fb76e1&si=14287&pi=3&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&ns=9933&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.147.35 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-77-147-35.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a3c9f4acd50e3927fb77d3d2744b0258440099664960bcd686b794518aa94a80

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 18 Sep 2019 10:23:09 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
server
nginx
status
200
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		123 B
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pv=e35cef8b-b418-4154-8d05-e7bba6fb76e1&si=14288&pi=3&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&ns=9933&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.147.35 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-77-147-35.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a3c9f4acd50e3927fb77d3d2744b0258440099664960bcd686b794518aa94a80

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 18 Sep 2019 10:23:09 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
server
nginx
status
200
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
translator
hbopenbid.pubmatic.com/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Wed, 18 Sep 2019 10:23:09 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://www.bleepingcomputer.com
fastlane.json
fastlane.rubiconproject.com/a/api/ 		260 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=2&alt_size_ids=55&p_pos=unknown&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&tk_flint=pbjs_lite_v2.25.0&x_source.tid=e958f45b-b257-415b-983b-da592dd79f54&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.09487365678716086
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.142 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
ffe394a02e073e30cace149f2c3b2e38ca91259a0555fa85d9bc00a4b7ec8e13

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 18 Sep 2019 10:23:09 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=173
Content-Length
260
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 , Ascension Island, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
c5ef160472db06c81136a8fb1f219346e0bd3c6d83dfdaa670332b6fd2a3f10f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 18 Sep 2019 10:23:11 GMT
X-Proxy-Origin
89.38.96.188; 89.38.96.188; 536.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.39:80
AN-X-Request-Uuid
354f13a8-1b97-48eb-8d3e-2e8bdeb3aa33
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
dmx.districtm.io/b/ 		0
37 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 18 Sep 2019 10:23:09 GMT
server
cloudflare
status
204
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
51829a531cf6c84b-AMS
access-control-allow-headers
origin, content-type
checksync.php
hbx.media.net/ Frame D2DF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/checksync.php?&vsSync=1&cs=1&hb=1&cv=37&ndec=1&cid=8CUFH1GPH&prvid=56%2C70%2C77%2C80%2C82%2C97%2C99%2C109%2C111%2C112%2C113%2C139%2C154%2C157%2C159%2C175%2C178%2C10000&https=1&gdpr=1&gdprconsent=2
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/bxl.js?cid=8CUFH1GPH&dn=www.bleepingcomputer.com&version=&https=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.68.31 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-68-31.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

:method
GET
:authority
hbx.media.net
:scheme
https
:path
/checksync.php?&vsSync=1&cs=1&hb=1&cv=37&ndec=1&cid=8CUFH1GPH&prvid=56%2C70%2C77%2C80%2C82%2C97%2C99%2C109%2C111%2C112%2C113%2C139%2C154%2C157%2C159%2C175%2C178%2C10000&https=1&gdpr=1&gdprconsent=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
accept-encoding
gzip, deflate, br
cookie
gdpr_status=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/

Response headers

status
200
server
Apache
content-type
text/html; charset=UTF-8
set-cookie
gdpr_status=1; Expires=Sat, 21 Mar 2020 10:23:09 GMT; domain=.media.net; Path=/; visitor-id=2118037898735656000V10; Expires=Thu, 17 Sep 2020 10:23:09 GMT; domain=.media.net; Path=/;
x-mnet-hl2
E
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=28575
expires
Wed, 18 Sep 2019 18:19:24 GMT
date
Wed, 18 Sep 2019 10:23:09 GMT
content-length
6513
fbevents.js
connect.facebook.net/en_US/ 		121 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
14d88b3a27f0e6de034f86ad42d6411081e9467daf754147f2f16bcb20782177
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
31604
x-xss-protection
0
pragma
public
x-fb-debug
Vg9h4KQU03F0D63i0UxNyK26vVC43TZMKJ1s+lGacV6maSnIRkXXsZXVazCu9ndcMayhYi6ocjWlInrzgJFkXA==
x-fb-trip-id
420120009
x-frame-options
DENY
date
Wed, 18 Sep 2019 10:23:09 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
av
connatix-d.openx.net/v/1.0/ Frame CF3B 		48 B
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://connatix-d.openx.net/v/1.0/av?auid=540193960&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&cb=305f4f9e4d3a16643ef11568802189186&vwd=834&vht=470&gdpr=1&gdpr_consent=0
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1724/min/connatix.renderer.infeed.min_dc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.163.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Sep 2019 10:23:09 GMT
via
1.1 google
server
OXGW/16.163.0
status
200
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
48
expires
Mon, 26 Jul 1997 05:00:00 GMT
rules-p-UeXruRVtZz7w6.js
rules.quantcount.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:2a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:02:41 GMT
content-encoding
gzip
last-modified
Thu, 07 Dec 2017 17:06:25 GMT
server
AmazonS3
age
1262
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=3600
x-amz-cf-pop
FRA56
x-amz-cf-id
vR3bYlC8Nj9qIAAca9ohWun0EMfItMhXSlCaeFILpkRKu-areSLT1A==
via
1.1 5e6663e1b6bfcd319fbf11ba3c6a1259.cloudfront.net (CloudFront)
134240187179576
connect.facebook.net/signals/config/ 		307 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/134240187179576?v=2.9.4&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
c33b559368969ef8c79d2a6a9e5deedf6dc4eae13111a5dca2ed6fdc399d233f
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
79752
x-xss-protection
0
pragma
public
x-fb-debug
bjl+YxEN/J0QoIIZY0SZQ0Pu8H2Zport4ysznYVF9dp2jpnz1rbSYSe2xVvHE0bqGz+/013FXc+7ySMeR7lTfw==
x-fb-trip-id
420120009
x-frame-options
DENY
date
Wed, 18 Sep 2019 10:23:09 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
t
jadserve.postrelease.com/ 		97 B
526 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&ntv_mvi
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/201909161255/wrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.22.176 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-217-22-176.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
5de79bd33c164a62fe3389aeef0af2f54b82e7f8ba5fd7d0721f8080823babcb

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Sep 2019 10:23:09 GMT
content-encoding
gzip
server
nginx/1.12.1
status
200
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
text/javascript;charset=UTF-8
content-length
108
expires
Mon, 1 Jan 1990 12:00:00 GMT
inferredEvents.js
connect.facebook.net/signals/plugins/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.9.4
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
b4e9e9bef19c34422f55a7fdb9d10c4db5e39cff24b8c98a0be0e09b2ee6ac2b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
10218
x-xss-protection
0
pragma
public
x-fb-debug
tI3nfLQ1eP65HI30EnIv8j6wQky2jvaNaAap6fNK+RiUJTanwANmxBaLP7ZUY2sm9dJO4G+W64bte0b3nsgxZw==
x-fb-trip-id
420120009
x-frame-options
DENY
date
Wed, 18 Sep 2019 10:23:09 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=134240187179576&ev=PageView&dl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&rl=&if=false&ts=1568802189255&sw=1600&sh=1200&v=2.9.4&r=stable&ec=0&o=30&fbp=fb.1.1568802189255.2132692873&it=1568802189203&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:09 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Wed, 18 Sep 2019 10:23:09 GMT
/
www.facebook.com/tr/ 		44 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=134240187179576&ev=ViewContent&dl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&rl=&if=false&ts=1568802189257&cd[freestar]=b1b9220a-9b1d-4e9d-8f77-21d7dc9d4216&cd[client]=392&cd[site]=535&cd[page]=7e7f061d4693a6cacd797426314d11a4&sw=1600&sh=1200&v=2.9.4&r=stable&ec=1&o=30&fbp=fb.1.1568802189255.2132692873&it=1568802189203&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:09 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Wed, 18 Sep 2019 10:23:09 GMT
av
connatix-d.openx.net/v/1.0/ Frame CF3B 		48 B
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://connatix-d.openx.net/v/1.0/av?auid=540193947&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&cb=bf97098ce07bd7a4d5e81568802189269&vwd=834&vht=470&gdpr=1&gdpr_consent=0
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1724/min/connatix.renderer.infeed.min_dc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.163.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Sep 2019 10:23:09 GMT
via
1.1 google
server
OXGW/16.163.0
status
200
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
48
expires
Mon, 26 Jul 1997 05:00:00 GMT
av
connatix-d.openx.net/v/1.0/ Frame CF3B 		48 B
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://connatix-d.openx.net/v/1.0/av?auid=540193949&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&cb=bcbf4bd67e0e65828e6a1568802189346&vwd=834&vht=470&gdpr=1&gdpr_consent=0
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1724/min/connatix.renderer.infeed.min_dc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.163.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Sep 2019 10:23:09 GMT
via
1.1 google
server
OXGW/16.163.0
status
200
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
48
expires
Mon, 26 Jul 1997 05:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame AE8B 		0
57 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvi4tx_ybpZGG4QL70QBtHO66xLl9fdFREfRa-KQiAH-ug-bjBhVpGEgWZKb1fAgysiBOYjhXWwV05uTmIjcavCpwlLwNk63mG7ej-0Ip2i2RaMLc8U33YFFYjZnh0aIjnD28-SyV6qezeMKc2k67Dz0NOgeBg1e56q1_fE7wSaDHltIkL_2gU1Ft-KM1L42w1c--I9wVbEWfOQ-5HJT5luTmgBL7LBUlkdQ1CelwAUiG6TPAvwrAqTeCtRWeWozhDn2d3_XeM5ntmvGknhRrr_lJKdww&sig=Cg0ArKJSzHkGF9qdOEfDEAE&urlfix=1&adurl=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 18 Sep 2019 10:23:09 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
0
x-xss-protection
0
native-loader.js
video.unrulymedia.com/native/ Frame AE8B 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.unrulymedia.com/native/native-loader.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019090901.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.145.226 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-145-226.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2a08157b09c1800e35d091d60c4dbea6e644e9cef8455d3fa2b972d9f8c64bbc

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:16:08 GMT
content-encoding
gzip
x-amz-expiration
expiry-date="Fri, 04 Sep 2026 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified
Thu, 05 Sep 2019 09:14:24 GMT
server
AmazonS3
age
433
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=600
x-amz-cf-pop
FRA56
x-amz-cf-id
aSJBnYKdvFe0Mg4sGyOXpHZwJecdByl5-k7bknuBxrOII6cIjZ0FOg==
via
1.1 fc3a4fa8a6bf80fc624a0bc082bb5b4e.cloudfront.net (CloudFront)
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame AE8B 		78 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019090901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
bc75cfa9ea1dd6b85931d3637e76b4774ac0c77f55deef27243a7725f51df67f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1568632677987726"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
29651
x-xss-protection
0
expires
Wed, 18 Sep 2019 10:23:09 GMT
c
c.pub.network/ 		36 B
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.226.36.58 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
58.36.226.35.bc.googleusercontent.com
Software
/
Resource Hash
45a94e89040b9d051c9cadd268df009d71ec7478bffe770492f21d6f7a2bce5f

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Wed, 18 Sep 2019 10:23:09 GMT
Access-Control-Allow-Credentials
true
Content-Length
36
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain;charset=utf-8
av
connatix-d.openx.net/v/1.0/ Frame CF3B 		48 B
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://connatix-d.openx.net/v/1.0/av?auid=540193964&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&cb=0d1cb5564dfb0cd5b4461568802189467&vwd=834&vht=470&gdpr=1&gdpr_consent=0
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1724/min/connatix.renderer.infeed.min_dc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.163.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Sep 2019 10:23:09 GMT
via
1.1 google
server
OXGW/16.163.0
status
200
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
48
expires
Mon, 26 Jul 1997 05:00:00 GMT
et_v1.0.1506-0-g3694911.js
video.unrulymedia.com/native/ Frame 8EEB 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.unrulymedia.com/native/et_v1.0.1506-0-g3694911.js
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/native-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.145.226 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-145-226.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6562895bb17ee8d2b2b1a3e9ef2d1cc977c88e82331e085dff38cea57ca00485

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 30 Aug 2019 07:03:08 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
1653601
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
https://www.bleepingcomputer.com
x-amz-expiration
expiry-date="Fri, 28 Aug 2026 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified
Thu, 29 Aug 2019 15:43:46 GMT
server
AmazonS3
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 c4ada86230c95b165d889d1f1d10389d.cloudfront.net (CloudFront)
cache-control
max-age=63072000
access-control-allow-credentials
true
x-amz-cf-pop
FRA56
x-amz-cf-id
TRaNm3C7fIs_ACIAPJlQM2UEKqDH8bFLlcgfZ1voYtSn6FWDkLNl6g==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ Frame 8EEB 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/native-loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 30 Aug 2019 11:21:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1638117
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
30244
x-xss-protection
0
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 29 Aug 2020 11:21:12 GMT
blank.gif
stats3.unrulymedia.com/ Frame AE8B 		43 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats3.unrulymedia.com/blank.gif?t=pp_tag_imp&app=native&pid=1101818&id=509072398&d=1568802189477&in_iframe=true&h=v1.0.1506-0-g3694911&compat=CSS1Compat&pageLoadId=612448608&supplyMode=direct&unr.site.env=html&ts=2019-09-18T10%253A23%253A09.477-%252B02%253A00
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
54.194.54.228 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-194-54-228.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.2 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Sep 2019 10:23:09 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.4.2
X-Unruly-Server
stats3n-eu-065.unrulymedia.com
P3P
CP="CUR IVDo OUR IND"
Cache-Control
no-store,no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
truncated
/ Frame AE8B 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7380bd3cfeca403770e39e49079f26b6ca309d61b80c576df3ac43d26db7c1f3

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
ads
securepubads.g.doubleclick.net/gampad/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=176970077632908&correlator=1817198228059158&output=ldjh&callback=googletag.impl.pubads.callbackProxy2&impl=fifs&adsid=NT&json_a=1&eid=21062414%2C21063047%2C21063636%2C21064169%2C21064527%2C21064502&vrg=2019090901&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A16809992%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20190918&iu_parts=15184186%2Cbleepingcomputer_970x90_728x90_320x50_sticky&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&prev_scp=amznbid%3D2%26amznp%3D2%26fs_safeframe%3Dfalse%26custom_bidder_size%3Dix_728x90%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.01%26hb_adid%3D1668bee42f65ada9%26hb_bidder%3Dix&eri=1&cust_params=user-agent%3DChrome&cookie=ID%3D77fd8d8af3fbf161%3AT%3D1568802189%3AS%3DALNI_MZYM3s5viN2f0jwvsx75FlMNK7yCw&cookie_enabled=1&bc=31&abxe=1&lmt=1566571145&dt=1568802189544&dlt=1568802186595&idt=1033&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=1105&adks=3056404191&ucis=f&ifi=10&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&dssz=67&icsg=10745815040&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x-1&msz=1600x-1&psts=CigI4aWM4hHoAf6C2v6CBIICDfrd4Qby3uEGob7d9lDRAugpFXU7o3oB&ga_vid=1642976656.1568802187&ga_sid=1568802187&ga_hid=1897262523&fws=516&ohw=1600
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019090901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f2.1e100.net
Software
cafe /
Resource Hash
20e8edc4933e5ed9acce52bfb2c4c78d8764d2b5c3ab073aa839f9766958a13a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:09 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
1998
x-xss-protection
0
google-lineitem-id
4721361505
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138237452901
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
native_v1.0.1506-0-g3694911.js
video.unrulymedia.com/native/ Frame 8EEB 		56 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.unrulymedia.com/native/native_v1.0.1506-0-g3694911.js
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/native-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.145.226 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-145-226.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b76f163adbbdb47d8b825ceee9c6eac744cb9de13c843f320a17d090afc231c0

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 30 Aug 2019 07:03:09 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
1653601
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
https://www.bleepingcomputer.com
x-amz-expiration
expiry-date="Fri, 28 Aug 2026 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified
Thu, 29 Aug 2019 15:43:45 GMT
server
AmazonS3
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 c4ada86230c95b165d889d1f1d10389d.cloudfront.net (CloudFront)
cache-control
max-age=63072000
access-control-allow-credentials
true
x-amz-cf-pop
FRA56
x-amz-cf-id
F54VvLgN0fArYxSu-qVvHR1PVIzzGQlrFH-RhvosawXtJ8nPgilLBw==
av
connatix-d.openx.net/v/1.0/ Frame CF3B 		48 B
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://connatix-d.openx.net/v/1.0/av?auid=540193965&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&cb=6fcfd88a2146a81332531568802189576&vwd=834&vht=470&gdpr=1&gdpr_consent=0
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1724/min/connatix.renderer.infeed.min_dc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.163.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Sep 2019 10:23:09 GMT
via
1.1 google
server
OXGW/16.163.0
status
200
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
48
expires
Mon, 26 Jul 1997 05:00:00 GMT
skin-1101818.json
video.unrulymedia.com/native/skins/ Frame 8EEB 		347 B
934 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.unrulymedia.com/native/skins/skin-1101818.json
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.145.226 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-145-226.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ffd88402bd7da213453634115d1872431f2ff6132e2a7c6aa38644606b3de809

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 18 Sep 2019 07:08:49 GMT
via
1.1 c4ada86230c95b165d889d1f1d10389d.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop
FRA56
x-cache
Hit from cloudfront
status
200
content-length
347
x-amz-expiration
expiry-date="Sat, 02 May 2026 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified
Fri, 03 May 2019 20:45:43 GMT
server
AmazonS3
etag
"09362ea19ef8bf59029394bda9399b2f"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
max-age=3600
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
ZqxCzgBWeorgSS3D7eudE65FXqTpcRVCLZH1V1u4SsXBNoNYJopGGQ==
third-party-iframes.html
video.unrulymedia.com/iframes/ Frame D7F8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://video.unrulymedia.com/iframes/third-party-iframes.html?h=v1.0.1506-0-g3694911&siteId=1101818
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/201909161255/wrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.145.226 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-145-226.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

:method
GET
:authority
video.unrulymedia.com
:scheme
https
:path
/iframes/third-party-iframes.html?h=v1.0.1506-0-g3694911&siteId=1101818
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
accept-encoding
gzip, deflate, br
cookie
unruly_u=uid=84CD110A8D05825D7805C93D021B61D0; uid=ChHNhF2CBY09yQV40GEbAg==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/

Response headers

status
200
content-type
text/html
content-length
466
last-modified
Thu, 05 Sep 2019 09:14:26 GMT
x-amz-expiration
expiry-date="Fri, 04 Sep 2026 00:00:00 GMT", rule-id="Delete after 7 years"
accept-ranges
bytes
server
AmazonS3
date
Wed, 18 Sep 2019 07:08:59 GMT
etag
"9f12c0950e0350140296eca32744d05e"
cache-control
max-age=600
x-cache
Hit from cloudfront
via
1.1 fc3a4fa8a6bf80fc624a0bc082bb5b4e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56
x-amz-cf-id
ie5zhKaP4lghsTfqWngZehMH2wJqNALSL4Yo2tbpn9L4W9Z86OWTOA==
chunk-vendors~populatePlacement-465c44968aea1f318a35.js
video.unrulymedia.com/native/chunks/ Frame 8EEB 		111 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.unrulymedia.com/native/chunks/chunk-vendors~populatePlacement-465c44968aea1f318a35.js
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/native_v1.0.1506-0-g3694911.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.145.226 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-145-226.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
df6180c4d7f87eef7309332e901e4d3d4619d1ceb038050ee3fdf8bedb5bf44d

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 13 Jun 2019 07:05:30 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
8392660
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
https://www.bleepingcomputer.com
x-amz-expiration
expiry-date="Thu, 11 Jun 2026 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified
Wed, 12 Jun 2019 14:49:12 GMT
server
AmazonS3
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 c4ada86230c95b165d889d1f1d10389d.cloudfront.net (CloudFront)
cache-control
max-age=63072000
access-control-allow-credentials
true
x-amz-cf-pop
FRA56
x-amz-cf-id
TnoowTHGx5Ed8K3x3bYsn3p6nrVfMwre7Z8QqSyUL431rjDsOrfItg==
chunk-populatePlacement-2a0b9b6c59544804cbe5.js
video.unrulymedia.com/native/chunks/ Frame 8EEB 		81 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.unrulymedia.com/native/chunks/chunk-populatePlacement-2a0b9b6c59544804cbe5.js
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/native_v1.0.1506-0-g3694911.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.145.226 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-145-226.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6579b35f61f78040d581b9c1c22d4da9a0db25cade04f41b214ca011de445240

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 07:08:30 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
1826080
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
https://www.bleepingcomputer.com
x-amz-expiration
expiry-date="Wed, 26 Aug 2026 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified
Tue, 27 Aug 2019 15:41:01 GMT
server
AmazonS3
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 c4ada86230c95b165d889d1f1d10389d.cloudfront.net (CloudFront)
cache-control
max-age=63072000
access-control-allow-credentials
true
x-amz-cf-pop
FRA56
x-amz-cf-id
L5e1Lx5A86eSrkh7JbInadUb6fND-IQavXeRBx6uJ8zR5uwAAyhStw==
blank.gif
stats3.unrulymedia.com/ Frame 8EEB 		43 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats3.unrulymedia.com/blank.gif?t=pp_adcall&site.page=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&site.domain=www.bleepingcomputer.com&placementName=bleepingcomputer.com%20-%20In-Article&adf=inarticle&imp%5B0%5D.placement=3&supplyMode=direct&app=native&pid=1101818&isMobile=false&pageLoadId=612448608&unr.site.env=html&ts=2019-09-18T10%253A23%253A09.708-%252B02%253A00&perf_consent_start=1568802189610&perf_corejs_start=1568802189477&perf_corejs_end=1568802189611&perf_skin_start=1568802189611&perf_skin_end=1568802189644&perf_adAge_start=1568802189707&id=509072398&d=1568802189709&h=v1.0.1506-0-g3694911
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
54.194.54.228 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-194-54-228.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.2 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Sep 2019 10:23:09 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.4.2
X-Unruly-Server
stats3n-eu-065.unrulymedia.com
P3P
CP="CUR IVDo OUR IND"
Cache-Control
no-store,no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
2.2
targeting.unrulymedia.com/openrtb/ Frame 8EEB 		0
172 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/openrtb/2.2?uuid=2e4df11b-0c63-4b2b-88bf-2b5b7002021d&site.page=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&site.domain=www.bleepingcomputer.com&video_width=834&video_height=469&allowDisplay=false&imp%5B0%5D.placement=3&unr.site.env=html&h=v1.0.1506-0-g3694911
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/chunks/chunk-populatePlacement-2a0b9b6c59544804cbe5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.189.67 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-72-189-67.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
date
Wed, 18 Sep 2019 10:23:10 GMT
access-control-allow-credentials
true
x-unruly-server
c7-unrulyx-eu-570b.unrulymedia.com
access-control-allow-origin
https://www.bleepingcomputer.com
p3p
CP="CUR IVDo OUR IND"
av
connatix-d.openx.net/v/1.0/ Frame CF3B 		48 B
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://connatix-d.openx.net/v/1.0/av?auid=540193942&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&cb=fd9980fde0abdced2b9a1568802189717&vwd=834&vht=470&gdpr=1&gdpr_consent=0
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1724/min/connatix.renderer.infeed.min_dc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.163.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Sep 2019 10:23:09 GMT
via
1.1 google
server
OXGW/16.163.0
status
200
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
48
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
www.facebook.com/tr/ Frame 0351 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
POST
:authority
www.facebook.com
:scheme
https
:path
/tr/
content-length
4770
pragma
no-cache
cache-control
no-cache
origin
https://www.bleepingcomputer.com
upgrade-insecure-requests
1
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
accept-encoding
gzip, deflate, br
cookie
fr=0qycNXZkHAT05MCli..BdggWN...1.0.BdggWN.
Origin
https://www.bleepingcomputer.com
Upgrade-Insecure-Requests
1
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/

Response headers

status
200
content-type
text/plain
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-length
0
server
proxygen-bolt
date
Wed, 18 Sep 2019 10:23:09 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame FD6C 		0
57 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst69muZr5fw8ONeRScEaeVXomD52c-9O0xQlk4BJmjIMSqq4uBA9tps5EJUr9Hsso2tgrYt87b34yQSpmVCqjbkuLptuoAPEWDiKl77vV7olLvam9f2WTADhmBEPdk8Xdy8iDJKXs4vPAJTVs5Zh6nFOSuXwKMu99s6rDScnE_V22RCXa-qZ1l9YRm2iZv3UYG-CQ6s2KzrcYG67Fe4E4gYAgSMLaWjpD2BApjB6xK4NI1R3CCxLkOuudWeOk1y1zr0PY6PUSOELgDUG9D8BdZsLDX2TgmLNOzwg-AMxHEW93GdZLrrWfEh5JnH&sig=Cg0ArKJSzHVEDyeGf5jJEAE&urlfix=1&adurl=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 18 Sep 2019 10:23:09 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
0
x-xss-protection
0
Cookie set ifnotify
a3187.casalemedia.com/ Frame B9F1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a3187.casalemedia.com/ifnotify?gdprconsent=1&c=1323407&r=C07DD112&t=5D82058D&u=WFlJRmpWVmJMSGNBQUY4ZWVlWUFBQUF0&m=26436fdd74e9783f617ca0dbcce7ca50&wp=2&aid=6F1A934639DFA91D&tid=15063&s=6015A&cp=0.02&n=www.bleepingcomputer.com&pr=xx&epr=14528a0d8f37c648
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.91.44.119 , Ascension Island, ASN27381 (CASALE-MEDIA - Index Exchange Inc., CA),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Host
a3187.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Accept-Encoding
gzip, deflate, br
Cookie
CMID=XYIFjVVbLHcAAF8eeeYAAAAt; CMPS=3187; CMST=XYIFjV2CBY0B; CMDD=AAYBWgE*; CMPRO=1118
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/

Response headers

Date
Wed, 18 Sep 2019 10:23:10 GMT
Server
Apache
Pragma
no-cache
Cache-Control
no-cache
Expires
0
Set-Cookie
CMST=XYIFjV2CBY4B;domain=casalemedia.com;path=/;expires=Thu, 19 Sep 2019 10:23:10 GMT CMDD=AAYBWgE*;domain=casalemedia.com;path=/;expires=Thu, 19 Sep 2019 10:23:10 GMT CMRUM3=275d82058e0b40&395d82058e27601875819616606837034&035d82058e276010825d82-0333-4f00-8aaf-f187f5b1c6bd&2f5d82058e05a0&515d82058e05a0&045d82058d05a0&bf5d82058e05a0&a65d82058e276000cca4b05ed744008104c408&585d82058e05a0&2e5d82058d05a0&2d5d82058e2760CAESEMZDoNOhg6HEDE2Z6DPk3xc&495d82058e05a00&695d82058e05a0&415d82058e05a0;domain=casalemedia.com;path=/;expires=Thu, 17 Sep 2020 10:23:10 GMT
Keep-Alive
timeout=1, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html
js
tags.mathtag.com/notify/ Frame FD6C 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.mathtag.com/notify/js?id=5aW95q2jLzIwLyAvTURCak9UaGhaRE10Tm1FeE1TMDJZV0ZoTFRBd01EQXRNREF3TURBd01EQXdNREF3LzY0Mjk5Njc2NjU4ODQwODg5NzMvNjgxNjAwNC80NzM5NjE5LzE1Lzgwdl9IclliMFRyTXhvVDFTVW5ubGJJSDR1cEJ0X1EyN1RUMENKbkQzWHMvMS8xNS8wLzAvOTk4MDg4LzE0OTU2ODcxNjgvMjE2NTM2LzY2OTk3MC8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzY0Mjk5Njc2NjU4ODQwODg5NzMvYW1zLzAvMzgyLzUxLzk5OS8zMi84OS4zOC45Ni4wLzAuMDAwLzE1Njg4MDIxODkv/jv_X4P8X-MkyzcXw1bbQthJdVSw&nodeid=356&auctionid=6429967665884088973&exch=cas&sid=4739619&cid=6816004&price=0.02&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&group=eu&bp=a_aceaaa
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.133.223 , United Kingdom, ASN30419 (MEDIAMATH-INC - MediaMath Inc, US),
Reverse DNS
Software
MMBD/3.154.1 /
Resource Hash
45f9cb99b1bdd660e34f540cba37e0c88dd3f1875a9b365dcdd74cb0067941ea

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Sep 2019 10:23:10 GMT
Content-Encoding
gzip
x-mm-bid-request-time
1568802189
Last-Modified
Wed, 18 Sep 2019 10:23:09 GMT
Server
MMBD/3.154.1
x-mm-latency
13 (1)
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg
count
Cache-Control
no-cache
x-mm-host
zrh-router-x41, cdg-bidder-x53
Connection
close
Content-Type
application/x-javascript; charset=UTF-8
Expires
Wed, 18 Sep 2019 10:23:09 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame FD6C 		78 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019090901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
bc75cfa9ea1dd6b85931d3637e76b4774ac0c77f55deef27243a7725f51df67f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 10:23:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1568632677987726"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
29651
x-xss-protection
0
expires
Wed, 18 Sep 2019 10:23:09 GMT
pixel
protected-by.clarium.io/ Frame FD6C 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_ZHZTOThJS3dEdWtjRzZnUERZQkJjQ2s5c0tZL2l4OjcyOHg5MA==&v=5&s=v31dl1ubchf&id=eyJwcmViaWQiOnsiYWRJZCI6IjE2NjhiZWU0MmY2NWFkYTkiLCJjcG0iOjAuMDF9fQ%3D%3D&sb=0&cb=6409102&h=www.bleepingcomputer.com&d=eyJ3aCI6IlpIWlRPVGhKUzNkRWRXdGpSelpuVUVSWlFrSmpRMnM1YzB0WkwybDRPamN5T0hnNU1BPT0iLCJ3ZCI6eyJrIjp7ImhiX2JpZGRlciI6WyJpeCJdLCJoYl9zaXplIjpbIjcyOHg5MCJdfX0sIndyIjowfQ==
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.27.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-194-27-222.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 18 Sep 2019 10:23:09 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
av
connatix-d.openx.net/v/1.0/ Frame CF3B 		48 B
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://connatix-d.openx.net/v/1.0/av?auid=540193960&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&cb=60bc0773012bf1190fdc1568802189851&vwd=834&vht=470&gdpr=1&gdpr_consent=0
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1724/min/connatix.renderer.infeed.min_dc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.163.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Sep 2019 10:23:09 GMT
via
1.1 google
server
OXGW/16.163.0
status
200
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
48
expires
Mon, 26 Jul 1997 05:00:00 GMT
av
connatix-d.openx.net/v/1.0/ Frame CF3B 		48 B
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://connatix-d.openx.net/v/1.0/av?auid=540193947&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&cb=80989cd328000bdcfe071568802189961&vwd=834&vht=470&gdpr=1&gdpr_consent=0
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1724/min/connatix.renderer.infeed.min_dc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.163.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Sep 2019 10:23:10 GMT
via
1.1 google
server
OXGW/16.163.0
status
200
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
48
expires
Mon, 26 Jul 1997 05:00:00 GMT
blank.gif
stats3.unrulymedia.com/ Frame 8EEB 		43 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats3.unrulymedia.com/blank.gif?t=no_ads&placementName=bleepingcomputer.com%20-%20In-Article&adf=inarticle&imp%5B0%5D.placement=3&supplyMode=direct&message=Empty%20VAST%20Response&app=native&pid=1101818&isMobile=false&pageLoadId=612448608&unr.site.env=html&ts=2019-09-18T10%253A23%253A10.053-%252B02%253A00&perf_consent_start=1568802189610&perf_corejs_start=1568802189477&perf_corejs_end=1568802189611&perf_skin_start=1568802189611&perf_skin_end=1568802189644&perf_adAge_start=1568802189707&perf_vast_0_start=1568802189710&id=509072398&d=1568802190053&h=v1.0.1506-0-g3694911
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
54.194.54.228 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-194-54-228.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.2 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Sep 2019 10:23:10 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.4.2
X-Unruly-Server
stats3n-eu-065.unrulymedia.com
P3P
CP="CUR IVDo OUR IND"
Cache-Control
no-store,no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
qjrb633sv5h8
hal9000.redintelligence.net/zone/ Frame FD6C 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/qjrb633sv5h8?subid=&rnd=6429967665884088973&extVar[]=DOUBLEBORDER:1&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6429967665884088973%26mt_id%3D6816004%26mt_adid%3D216536%26mt_sid%3D4739619%26mt_exid%3D15%26mt_inapp%3D0%26mt_uuid%3D10825d82-0333-4f00-8aaf-f187f5b1c6bd%26redirect%3D
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.243.51.222 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.222.51.243.136.clients.your-server.de
Software
Apache /
Resource Hash
6b736efd6387849e247861264aecf132e9d163950774cae7d67918ef4b252dd8

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Sep 2019 10:23:10 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
2750
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
img
pixel.mathtag.com/event/ Frame FD6C 		43 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=15&v2=6429967665884088973&v3=669970&v4=4739619&v5=6816004&mt_nsync=1&no_attr=1
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 1710 796a9e3 master zrh-pixel-x3 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Sep 2019 10:23:10 GMT
Server
MT3 1710 796a9e3 master zrh-pixel-x3
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 18 Sep 2019 10:23:09 GMT
img
tags.mathtag.com/event/ Frame FD6C 		49 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=cas&bid=6429967665884088973&st=4739619&time=1568802190&nodeid=356
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.133.223 , United Kingdom, ASN30419 (MEDIAMATH-INC - MediaMath Inc, US),
Reverse DNS
Software
MMBD/3.154.1 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Sep 2019 10:23:10 GMT
Server
MMBD/3.154.1
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
zrh-router-x26, cdg-bidder-x53
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Wed, 18 Sep 2019 10:23:09 GMT
js
pixel.mathtag.com/sync/ Frame FD6C 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.mathtag.com/sync/js?sync=auto&mt_lim=5
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 1710 796a9e3 master zrh-pixel-x19 /
Resource Hash
017c99660f80c6e9ebd2d21de7779aeedab552228d2003483b1dba12b8a17c9b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Sep 2019 10:23:10 GMT
Server
MT3 1710 796a9e3 master zrh-pixel-x19
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/javascript
Content-Length
1347
Expires
Wed, 18 Sep 2019 10:23:09 GMT
pixel
cm.g.doubleclick.net/ Frame FD6C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_cm&google_hm=MDBjOThhZDMtNmExMS02YWFhLTAwMDAtMDAwMDAwMDAwMDAw&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=4&mt_ec=64ws&mt_exuid=&gdpr=0&gdpr_consent=&google_gid=CAESECD5LFieXNMgL0BUQIGRRJE&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=EIJdggMzTwCKr_GH9bHGvQ
170 B
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=EIJdggMzTwCKr_GH9bHGvQ
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Sep 2019 10:23:10 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-type
image/png
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 18 Sep 2019 10:23:10 GMT
Server
MT3 1710 796a9e3 master zrh-pixel-x18
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=EIJdggMzTwCKr_GH9bHGvQ
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 18 Sep 2019 10:23:09 GMT
4448
stags.bluekai.com/site/ Frame FD6C 		62 B
753 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/4448?id=00c98ad3-6a11-6aaa-0000-000000000000&gdpr=0&gdpr_consent=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.241.32 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-241-32.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Sep 2019 10:23:10 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
BK-Server
9a6a
Content-Type
image/gif
av
connatix-d.openx.net/v/1.0/ Frame CF3B 		48 B
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://connatix-d.openx.net/v/1.0/av?auid=540193949&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&cb=d901aebe0b9a8fb2427f1568802190110&vwd=834&vht=470&gdpr=1&gdpr_consent=0
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1724/min/connatix.renderer.infeed.min_dc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.163.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Sep 2019 10:23:10 GMT
via
1.1 google
server
OXGW/16.163.0
status
200
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
48
expires
Mon, 26 Jul 1997 05:00:00 GMT
request.php
hal90001.redintelligence.net/ Frame FD6C
Redirect Chain
  • https://hal90001.redintelligence.net/request.php?zone=qjrb633sv5h8&nw=20&renderingType=javascript&namespace=696817d977&subid=&uid=d83d20633d495d4d&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
  • https://hal90001.redintelligence.net/request.php?zone=qjrb633sv5h8&nw=20&renderingType=javascript&namespace=696817d977&subid=&uid=d83d20633d495d4d&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
610 B
910 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90001.redintelligence.net/request.php?zone=qjrb633sv5h8&nw=20&renderingType=javascript&namespace=696817d977&subid=&uid=d83d20633d495d4d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6429967665884088973%26mt_id%3D6816004%26mt_adid%3D216536%26mt_sid%3D4739619%26mt_exid%3D15%26mt_inapp%3D0%26mt_uuid%3D10825d82-0333-4f00-8aaf-f187f5b1c6bd%26redirect%3D&documentReferer=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&ancestorOrigins=https%3A%2F%2Fwww.bleepingcomputer.com&random=2075575171439&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.49.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
bc5d9ecb724eaca0336e16a5a11876bc091f67be5235d006dacc40673832d5fb

Request headers

Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 18 Sep 2019 10:23:10 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
14557600084842001041198010990001
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
327
Expires
Wed, 18 Sep 2019 11:23:10 +0200

Redirect headers

Pragma
no-cache
Date
Wed, 18 Sep 2019 10:23:10 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=qjrb633sv5h8&nw=20&renderingType=javascript&namespace=696817d977&subid=&uid=d83d20633d495d4d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6429967665884088973%26mt_id%3D6816004%26mt_adid%3D216536%26mt_sid%3D4739619%26mt_exid%3D15%26mt_inapp%3D0%26mt_uuid%3D10825d82-0333-4f00-8aaf-f187f5b1c6bd%26redirect%3D&documentReferer=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&ancestorOrigins=https%3A%2F%2Fwww.bleepingcomputer.com&random=2075575171439&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Wed, 18 Sep 2019 11:23:10 +0200
av
connatix-d.openx.net/v/1.0/ Frame CF3B 		48 B
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://connatix-d.openx.net/v/1.0/av?auid=540193947&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&cb=49dff9d4aeced2e162521568802190218&vwd=834&vht=470&gdpr=1&gdpr_consent=0
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1724/min/connatix.renderer.infeed.min_dc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.163.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Sep 2019 10:23:10 GMT
via
1.1 google
server
OXGW/16.163.0
status
200
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
48
expires
Mon, 26 Jul 1997 05:00:00 GMT
av
connatix-d.openx.net/v/1.0/ Frame CF3B 		48 B
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://connatix-d.openx.net/v/1.0/av?auid=540193947&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&cb=cf9255c1f4f5a36b2c8a1568802190294&vwd=834&vht=470&gdpr=1&gdpr_consent=0
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1724/min/connatix.renderer.infeed.min_dc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.163.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Sep 2019 10:23:10 GMT
via
1.1 google
server
OXGW/16.163.0
status
200
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
48
expires
Mon, 26 Jul 1997 05:00:00 GMT
request_content.php
hal90001.redintelligence.net/ Frame 5E25 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://hal90001.redintelligence.net/request_content.php?s=14557600084842001041198010990001&a=a029617d
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.49.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash

Request headers

Host
hal90001.redintelligence.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Accept-Encoding
gzip, deflate, br
Cookie
8lcfmzhxc8d6_uid=170b0c54e0e0936e
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/

Response headers

Date
Wed, 18 Sep 2019 10:23:10 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Wed, 18 Sep 2019 11:23:10 +0200
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1552
Connection
close
Content-Type
text/html; charset=utf-8
iframe
pixel.mathtag.com/sync/ Frame 570F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.mathtag.com/sync/iframe?mt_uuid=10825d82-0333-4f00-8aaf-f187f5b1c6bd&no_iframe=1&mt_lim=5
Requested by
Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/js?sync=auto&mt_lim=5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 1710 796a9e3 master zrh-pixel-x18 /
Resource Hash

Request headers

Host
pixel.mathtag.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Accept-Encoding
gzip, deflate, br
Cookie
uuid=10825d82-0333-4f00-8aaf-f187f5b1c6bd; uuidc=FfRtSDx1WFyQx3htWr3emcWzxVp/Zb2hEb0OZOukes+8HGAOffMEad7mKzO2iRDdk0BwZk/hi0JS2wioT6rFFKXVai7etJXL6PtKojD4vhs=; mt_mop=4:1568802190|15:1568802190|10010:1568802190
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/

Response headers

Content-Type
text/html
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 1710 796a9e3 master zrh-pixel-x18
Expires
Wed, 18 Sep 2019 10:23:09 GMT
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1154
Date
Wed, 18 Sep 2019 10:23:10 GMT
Connection
keep-alive
img
pixel.mathtag.com/misc/ Frame FD6C 		43 B
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 1710 796a9e3 master zrh-pixel-x21 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Sep 2019 10:23:10 GMT
Server
MT3 1710 796a9e3 master zrh-pixel-x21
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 18 Sep 2019 10:23:09 GMT
truncated
/ Frame FD6C 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8ca9f163db4163d05630ad05764db1741e01287d7b9f0444e2005ee963233330

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
av
connatix-d.openx.net/v/1.0/ Frame CF3B 		48 B
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://connatix-d.openx.net/v/1.0/av?auid=540193947&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&cb=224ee508451de8fd09f81568802190420&vwd=834&vht=470&gdpr=1&gdpr_consent=0
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1724/min/connatix.renderer.infeed.min_dc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.163.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Sep 2019 10:23:10 GMT
via
1.1 google
server
OXGW/16.163.0
status
200
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
48
expires
Mon, 26 Jul 1997 05:00:00 GMT
av
connatix-d.openx.net/v/1.0/ Frame CF3B 		48 B
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://connatix-d.openx.net/v/1.0/av?auid=540193947&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&cb=512901f7ce5542ef37151568802190525&vwd=834&vht=470&gdpr=1&gdpr_consent=0
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1724/min/connatix.renderer.infeed.min_dc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.163.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Sep 2019 10:23:10 GMT
via
1.1 google
server
OXGW/16.163.0
status
200
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
48
expires
Mon, 26 Jul 1997 05:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame FD6C 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssm_N5SqIxtPXhrqGqZMpxAFZWwlnej5bA4xQSdzIY8FDPhEW8k066CZ6Y6J7rLKcpdEyKUJgOEKktLusYN0QPDLLqdIM9iq51BsIEZa08&sig=Cg0ArKJSzHcoqgECRRHoEAE&adk=3056404191&tt=2451&bs=1600%2C1200&mtos=1013,1013,1013,1013,1013&tos=1013,0,0,0,0&p=1110,436,1200,1164&mcvt=1013&rs=3&ht=0&tfs=3449&tls=4462&mc=1&lte=1&bas=0&bac=0&met=0&avms=nio&niot_obs=2811&niot_cbk=2815&md=2&lm=2&rst=1568802189872&rpt=544&isd=0&msd=0&oseid=3&xdi=0&ps=1600%2C7170&ss=1600%2C1200&pt=2012&bin=1&deb=1-2-4-23-45-13-155-43-0-0-0&tvt=4456&r=v&id=osdim&vs=4&za&uc=11&upc=1&tgt=DIV&cl=1&cec=1&clc=1&cac=1&cd=0x0&itpl=19&v=20190916
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Sep 2019 10:23:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
cdn.districtm.io/ids/ Frame 80A6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:method
GET
:authority
cdn.districtm.io
:scheme
https
:path
/ids/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/

Response headers

status
200
date
Wed, 18 Sep 2019 10:23:15 GMT
content-type
text/html
set-cookie
__cfduid=db41e0a20269a30b78512524977a77b241568802195; expires=Thu, 17-Sep-20 10:23:15 GMT; path=/; domain=.districtm.io; HttpOnly
last-modified
Thu, 10 Jan 2019 16:50:48 GMT
cache-control
s-maxage=1209600, max-age=14400
strict-transport-security
max-age=31536000; includeSubDomains; preload
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
51829a7a4e6ec84b-AMS
content-encoding
br
pd
eu-u.openx.net/w/1.0/ Frame 231B
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.163.0 /
Resource Hash

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
accept-encoding
gzip, deflate, br
cookie
i=9126b240-1ffb-0f6e-1c17-9fc2092ac7af|1568802195
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/

Response headers

status
200
vary
Accept
set-cookie
i=9126b240-1ffb-0f6e-1c17-9fc2092ac7af|1568802195; Version=1; Expires=Thu, 17-Sep-2020 10:23:15 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1568802195|mOsLgqgikin0fcmWiygu; Version=1; Expires=Thu, 03-Oct-2019 10:23:15 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server
OXGW/16.163.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Wed, 18 Sep 2019 10:23:15 GMT
content-type
text/html
content-length
862
via
1.1 google
alt-svc
clear

Redirect headers

status
302
set-cookie
i=9126b240-1ffb-0f6e-1c17-9fc2092ac7af|1568802195; Version=1; Expires=Thu, 17-Sep-2020 10:23:15 GMT; Max-Age=31536000; Domain=.openx.net; Path=/
server
OXGW/16.163.0
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
date
Wed, 18 Sep 2019 10:23:15 GMT
content-length
0
via
1.1 google
alt-svc
clear
Cookie set showad.js
ads.pubmatic.com/AdServer/js/ Frame 4F08 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/

Response headers

Last-Modified
Fri, 26 Jul 2019 09:39:45 GMT
ETag
"13006b6-9bf6-58e925294ef26"
Server
Apache/2.2.15 (CentOS)
Set-Cookie
KTPCACOOKIE=YES; domain=.pubmatic.com; path=/; max-age=7776000;
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14898
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=169256
Expires
Fri, 20 Sep 2019 09:24:11 GMT
Date
Wed, 18 Sep 2019 10:23:15 GMT
Connection
keep-alive
Vary
Accept-Encoding
connectmyusers.php
cdn.connectad.io/ Frame 1BE7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:8528 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
cdn.connectad.io
:scheme
https
:path
/connectmyusers.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/

Response headers

status
200
date
Wed, 18 Sep 2019 10:23:15 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d2cd62c46601e5d9f8cfeca7db41346e51568802195; expires=Thu, 17-Sep-20 10:23:15 GMT; path=/; domain=.connectad.io; HttpOnly
cf-cache-status
HIT
age
777
expires
Wed, 18 Sep 2019 18:23:15 GMT
cache-control
public, max-age=28800
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
51829a7a6c4a598e-VIE
content-encoding
gzip
Cookie set sync_iframe
sync.bfmio.com/ Frame 69AE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Freestar+-+Header+Bidding+-+Display&gdpr=0&gc=&gce=1&cb=1568802189394
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.101.210 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-20-101-210.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Host
sync.bfmio.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/

Response headers

Access-Control-Allow-Origin
*
Content-Type
text/html
Date
Wed, 18 Sep 2019 10:23:15 GMT
Set-Cookie
__io_cid=6ee12d706a97f05268b17da4ead126e9c65f6200; Domain=.bfmio.com; Max-Age=31536000; Expires=Thu, 17-Sep-2020 06:23:15 GMT-0400; Path=/; SameSite=None; Secure
Content-Length
217
Connection
keep-alive
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame D2E1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.9.13 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/

Response headers

Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Server
nginx/1.9.13
Content-Type
text/html
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Length
506
Cache-Control
max-age=31536000
Expires
Thu, 17 Sep 2020 10:23:15 GMT
Date
Wed, 18 Sep 2019 10:23:15 GMT
Connection
keep-alive
connectmyusers.php
cdn.connectad.io/ Frame 37DC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:8528 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
cdn.connectad.io
:scheme
https
:path
/connectmyusers.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/

Response headers

status
200
date
Wed, 18 Sep 2019 10:23:15 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d2cd62c46601e5d9f8cfeca7db41346e51568802195; expires=Thu, 17-Sep-20 10:23:15 GMT; path=/; domain=.connectad.io; HttpOnly
cf-cache-status
HIT
age
777
expires
Wed, 18 Sep 2019 18:23:15 GMT
cache-control
public, max-age=28800
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
51829a7a6c48598e-VIE
content-encoding
gzip
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame DC42 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.9.13 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/

Response headers

Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Server
nginx/1.9.13
Content-Type
text/html
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Length
506
Cache-Control
max-age=31536000
Expires
Thu, 17 Sep 2020 10:23:15 GMT
Date
Wed, 18 Sep 2019 10:23:15 GMT
Connection
keep-alive
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 927F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.9.13 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/

Response headers

Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Server
nginx/1.9.13
Content-Type
text/html
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Length
506
Cache-Control
max-age=31536000
Expires
Thu, 17 Sep 2020 10:23:15 GMT
Date
Wed, 18 Sep 2019 10:23:15 GMT
Connection
keep-alive
index.html
cdn.districtm.io/ids/ Frame 17EF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:method
GET
:authority
cdn.districtm.io
:scheme
https
:path
/ids/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/

Response headers

status
200
date
Wed, 18 Sep 2019 10:23:15 GMT
content-type
text/html
set-cookie
__cfduid=db41e0a20269a30b78512524977a77b241568802195; expires=Thu, 17-Sep-20 10:23:15 GMT; path=/; domain=.districtm.io; HttpOnly
last-modified
Thu, 10 Jan 2019 16:50:48 GMT
cache-control
s-maxage=1209600, max-age=14400
strict-transport-security
max-age=31536000; includeSubDomains; preload
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
51829a7a6eb5c84b-AMS
content-encoding
br
Cookie set sync_iframe
sync.bfmio.com/ Frame D575 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Freestar+-+Header+Bidding+-+Display&gdpr=0&gc=&gce=1&cb=1568802189491
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.101.210 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-20-101-210.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Host
sync.bfmio.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/

Response headers

Access-Control-Allow-Origin
*
Content-Type
text/html
Date
Wed, 18 Sep 2019 10:23:15 GMT
Set-Cookie
__io_cid=d8b4e640b58fc7905974de797af497ffbb981c32; Domain=.bfmio.com; Expires=Thu, 17-Sep-2020 10:23:15 GMT; Path=/
Content-Length
217
Connection
keep-alive
Cookie set showad.js
ads.pubmatic.com/AdServer/js/ Frame 4201 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/

Response headers

Last-Modified
Fri, 26 Jul 2019 09:39:45 GMT
ETag
"13006b6-9bf6-58e925294ef26"
Server
Apache/2.2.15 (CentOS)
Set-Cookie
KTPCACOOKIE=YES; domain=.pubmatic.com; path=/; max-age=7776000;
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14898
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=169259
Expires
Fri, 20 Sep 2019 09:24:14 GMT
Date
Wed, 18 Sep 2019 10:23:15 GMT
Connection
keep-alive
Vary
Accept-Encoding
Cookie set check.html
biddr.brealtime.com/ Frame 8772 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.119.107 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Host
biddr.brealtime.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/

Response headers

Date
Wed, 18 Sep 2019 10:23:15 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d6d0cb2190ac650984adc8cf3d164bd3a1568802195; expires=Thu, 17-Sep-20 10:23:15 GMT; path=/; domain=.brealtime.com; HttpOnly
x-amz-id-2
avkWHamSa/erPUleuk0LWmMdY13rHAUH9XtVYo0zn6Ug6D/WocMJevI/iMkGH//Hs1TrOgDrcJs=
x-amz-request-id
41EC72810F7ED8D6
x-amz-meta-origin-date-iso8601
2019-05-30T19:14:20.000Z
Last-Modified
Thu, 30 May 2019 19:21:30 GMT
CF-Cache-Status
HIT
Age
1732
Expires
Wed, 18 Sep 2019 10:24:15 GMT
Cache-Control
public, max-age=60
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
51829a7b1e0dbdcd-AMS
Content-Encoding
gzip
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 2E26 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.9.13 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/

Response headers

Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Server
nginx/1.9.13
Content-Type
text/html
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Length
506
Cache-Control
max-age=31536000
Expires
Thu, 17 Sep 2020 10:23:15 GMT
Date
Wed, 18 Sep 2019 10:23:15 GMT
Connection
keep-alive
usync.html
eus.rubiconproject.com/ Frame 1153 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/

Response headers

Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified
Wed, 11 Sep 2019 18:27:19 GMT
Content-Encoding
gzip
Content-Length
7616
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=21694
Expires
Wed, 18 Sep 2019 16:24:49 GMT
Date
Wed, 18 Sep 2019 10:23:15 GMT
Connection
keep-alive
Vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 3522
Redirect Chain
  • https://ib.3lift.com/sync?
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.68.67 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-59-68-67.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

:method
GET
:authority
eb2.3lift.com
:scheme
https
:path
/sync?&ld=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
accept-encoding
gzip, deflate, br
cookie
tluid=15951266311135637262
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/

Response headers

status
200
date
Wed, 18 Sep 2019 10:23:15 GMT
content-type
text/html; charset=utf-8
content-length
548
set-cookie
sync=CgoI4gEQlZSXn9QtCgkIcxCVlJef1C0KCgjmARCVlJef1C0KCQgJEJWUl5_ULQoKCKkBEJWUl5_ULQoJCDkQlZSXn9QtCgkIOhCVlJef1C0KCQgLEJWUl5_ULQoKCI4BEJWUl5_ULQoJCB8QlZSXn9Qt; Max-Age=7776000; Expires=Tue, 17 Dec 2019 10:23:15 GMT; Path=/sync; Domain=.3lift.com tluid=15951266311135637262; Max-Age=7776000; Expires=Tue, 17 Dec 2019 10:23:15 GMT; Path=/; Domain=.3lift.com
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate

Redirect headers

status
302
date
Wed, 18 Sep 2019 10:23:15 GMT
content-length
0
set-cookie
tluid=15951266311135637262; Max-Age=7776000; Expires=Tue, 17 Dec 2019 10:23:15 GMT; Path=/; Domain=.3lift.com
location
/sync?&ld=1
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pd
eu-u.openx.net/w/1.0/ Frame 7371 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.25.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.163.0 /
Resource Hash

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
accept-encoding
gzip, deflate, br
cookie
i=9126b240-1ffb-0f6e-1c17-9fc2092ac7af|1568802195
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/

Response headers

status
200
vary
Accept
set-cookie
i=9126b240-1ffb-0f6e-1c17-9fc2092ac7af|1568802195; Version=1; Expires=Thu, 17-Sep-2020 10:23:15 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1568802195|mOsLgqgikin0fcmWiygu; Version=1; Expires=Thu, 03-Oct-2019 10:23:15 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server
OXGW/16.163.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Wed, 18 Sep 2019 10:23:15 GMT
content-type
text/html
content-length
862
via
1.1 google
alt-svc
clear
g
rtb.connatix.com/ 		101 B
302 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb.connatix.com/g?c_pw=834&c_ph=470&c_tk=C018218D-4AD0-4E01-8158-045425E65946&c_bu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world%2F&c_ivt=0&connatix_sess=qeturSJgqoCA3opWL_ptNePXTxuAV2NbPMwhkq1QDngoHotLwOHjhhmrE865hluMNcEIGhQSC-oEdPg7mKwbaqAlIEYOCGWLt9A1wFNc63hE33bsSdzBEkIn9-V4GlzLxRKwXGAHe3Dxvz36gHc11I44ixxWNhYuAuZBdXJRJN0tJOttO4K3sX7SZPVzGrf6&notServed=false&xplr=true&c_s=false&c_pl=X2Hv76Y4THnpz169K2qRscV2XOogXIfZuE-dnXM6hgMS29LM8uumC7SQp6FmzIBsrxHgeC2QzP-9nTOnQ7JpZRtZ7XSKWCukgo5pzKWrtpWr3VcOkzn_cnGpifTnQ3nWgjmHDNQbB8BthCiAc5RgEiPlew__g-0ZLAVLOH0hmKeeHMR2rftVctbfG2JY6xVjYxg9Cc9-QKyncmXSrfNMMBthHGs9XzSbCDSf_Pb6pHDqrlVeMB6zQxLgLl04KO8edAtyCwwdpJw3n7LWdZwf6g&gdpr=1&med_id=639404&req_no=2&v=1&c_pt=1&c_f=[{id:14442,r:4,i:0,f:1},{id:14449,r:2,i:0,f:2.02},{id:14451,r:1,i:0,f:2.08},{id:14509,r:4,i:0,f:1.7},{id:14552,r:3,i:0,f:4.05},{id:14554,r:3,i:0,f:3.42}]&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Femotet-botnet-is-back-servers-active-across-the-world&c_v=1724_0_0_1_0&spp=1&callback=cnxJSONP_9614af3227bd129367141568802197272
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1724/min/connatix.renderer.infeed.min_dc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.86.195.52 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-86-195-52.compute-1.amazonaws.com
Software
nginx/1.15.9 (Ubuntu) /
Resource Hash
46e4c702e0dbf320e702e5c708afafa7c89a5c1a6777a34f09e207907d2098f0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 18 Sep 2019 10:23:17 GMT
Content-Encoding
gzip
Server
nginx/1.15.9 (Ubuntu)
Connection
keep-alive
Content-Length
114

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc

Verdicts & Comments Add Verdict or Comment

175 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery object| freestar object| apd_options function| gtag object| dataLayer object| __twttrll object| twttr object| __twttr object| google_tag_manager object| adsbygoogle object| elem object| scpt function| __cmp string| GoogleAnalyticsObject function| ga object| google_js_reporting_queue object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad number| _gfp_ function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| google_t12n_vars boolean| cnx_poly object| cnxBindings function| cnxUnbind object| cnxtimeouts object| cnxintervals function| cnxSetTimeout function| cnxSetInterval function| cnxClearAll object| cnxUmm function| Blazy object| jQuery111102397899590241046 object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| fixto function| validate_comment_box_not_empty function| cz_strip_tags function| cz_br2nl function| editForm string| loginhash boolean| main_nav_hide_flag number| scrollTop string| main_nav_hide_timer function| call_main_nav_hide number| cz_header_pos number| prevScrollTop string| cnxPageGuid number| spp object| cnxJSONP_b6a212533b6d688bbe0f1568802186844 function| loadDeferredStyles function| raf function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto object| addthis_share object| addthis_config function| google_sa_impl object| google_jobrunner object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_iframe_oncopy function| Goog_AdSense_getAdAdapterInstance boolean| google_osd_loaded boolean| google_onload_fired function| __cmpui function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| oattr object| _atw function| _ object| fsdata function| load_script object| googletag object| pbjs object| closure_memoize_cache_ function| _slicedToArray function| _nonIterableRest function| _iterableToArrayLimit function| _arrayWithHoles function| _typeof object| _0x24da function| _0x2d0c object| BT object| BT_PAGEVIEW_MAP object| blockthrough object| apstag boolean| google_noFetch object| confiant boolean| apstagLOADED function| pbjsChunk object| __core-js_shared__ function| JSEncrypt string| btID string| addthis_exclude boolean| addthis_use_personalization string| addthis_options_default string| addthis_options_rank string| addthis_options object| __callbacks object| cnxJSONP_fde351b4b1ff5c8692ee1568802187553 function| btjsonpcallback1568802188227 object| cnxJSONP_f75302199ce0b935d4b91568802187270 object| _qevents object| advBidxc object| _comscore function| Goog_AdSense_OsdAdapter function| udm_ object| ns_p object| COMSCORE function| _mR function| _mD function| fbq function| _fbq function| quantserve function| __qc object| ezt object| _qoptions object| $jscomp object| ntv number| ntvLoadStart undefined| nQuery object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvArticleTracker object| safeTrackingTags function| ntvGetElementViewability function| ntvViewableImpressionTracker object| ntvToutAds object| PostRelease boolean| onFocus function| parcelRequire number| __unrulyPageLoadId number| unruly:native-ad:nativeAdLoadedTimes string| bidcache object| cnxJSONP_9614af3227bd129367141568802197272 function| cnxAddEventListener

17 Cookies

Domain/Path Name / Value
www.bleepingcomputer.com/ Name: _fsloc
Value: ?i=NL&c=Capelle aan den IJssel
www.bleepingcomputer.com/ Name: _fsuid
Value: b1b9220a-9b1d-4e9d-8f77-21d7dc9d4216
www.bleepingcomputer.com/ Name: fssts
Value: false
.bleepingcomputer.com/ Name: _gid
Value: GA1.2.1324694396.1568802187
www.bleepingcomputer.com/ Name: _fssid
Value: 7bcbd0d9-ae24-4cdd-9eef-acef5054ad56
www.bleepingcomputer.com/ Name: _cmpQcif3pcsupported
Value: 1
www.bleepingcomputer.com/ Name: _fs-test
Value: {"id":"71ac7a9f-98c5-444e-be52-8ce863d5c7b9","split":0.5,"expiry":1569308399000,"items":["https://a.pub.network/bleepingcomputer-com/pubfig.min.js","https://a.pub.network/bleepingcomputer-com/ab_test/87892bb6-da87-4a81-88c9-f0128e542964/pubfig.min.js"],"selection":"https://a.pub.network/bleepingcomputer-com/pubfig.min.js"}
www.bleepingcomputer.com/ Name: __atuvc
Value: 1%7C38
.doubleclick.net/ Name: IDE
Value: AHWqTUkoJ_qHYg77wjTLOmrG3bO-hAvY2Y8IsOYW6Wf-vI61xxXamJpjAE-jjKuy
www.bleepingcomputer.com/ Name: lav
Value: 6666
.bleepingcomputer.com/ Name: _gat_gtag_UA_91740_1
Value: 1
.bleepingcomputer.com/ Name: session_id
Value: b781e79de90229d62fc8811b295c7c67
.bleepingcomputer.com/ Name: __beaconTrackerID
Value: nz7s27pdn
.bleepingcomputer.com/ Name: __cfduid
Value: d7a0518de88065483552aa88e0c8e215f1568802185
www.bleepingcomputer.com/ Name: __atuvs
Value: 5d82058acb3ca9a8000
.bleepingcomputer.com/ Name: _ga
Value: GA1.2.1642976656.1568802187
www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world Name: fsbotchecked
Value: true

3 Console Messages

Source Level URL
Text
console-api warning URL: https://quantcast.mgr.consensu.org/cmp.js(Line 1)
Message:
Dependency check failed for Publisher Purpose Legitimate Interest IDs: Publisher Purpose Legitimate Interest IDs must be an array containing only purpose IDs contained in the Publisher Purpose IDs array, the following purpose IDs will be ignored: 1, 4, 5
console-api warning URL: https://static.quantcast.mgr.consensu.org/v25/cmpui-popup.js(Line 1)
Message:
Unable to get NonIab Vendor list.
console-api log URL: https://freestar-io.videoplayerhub.com/gallery.js(Line 13)
Message:
Video gallery initializing

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.pub.network
a3187.casalemedia.com
acdn.adnxs.com
ad-delivery.net
ads.pubmatic.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
api.quantcast.mgr.consensu.org
as-sec.casalemedia.com
audit.quantcast.mgr.consensu.org
biddr.brealtime.com
btlr.sharethrough.com
c.amazon-adsystem.com
c.pub.network
cdn.connatix.com
cdn.connectad.io
cdn.districtm.io
cdn.syndication.twimg.com
cdns.connatix.com
ck.connatix.com
cluster-na.cdnjquery.com
cm.g.doubleclick.net
confiant-integrations.global.ssl.fastly.net
connatix-d.openx.net
connect.facebook.net
core.connatix.com
cse.google.com
d.pub.network
display.bfmio.com
dmx.districtm.io
eb2.3lift.com
ecdn.analysis.fi
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
freestar-d.openx.net
freestar-io.videoplayerhub.com
g2.gumgum.com
googleads.g.doubleclick.net
graph.facebook.com
hal9000.redintelligence.net
hal90001.redintelligence.net
hb.emxdgt.com
hbopenbid.pubmatic.com
hbx.media.net
i.connatix.com
i.connectad.io
ib.3lift.com
ib.adnxs.com
jadserve.postrelease.com
pagead2.googlesyndication.com
pbs.twimg.com
pixel.mathtag.com
platform.twitter.com
protected-by.clarium.io
quantcast.mgr.consensu.org
rtb.connatix.com
rules.quantcount.com
s.ntv.io
s7.addthis.com
s9.addthis.com
sb.scorecardresearch.com
secure.quantserve.com
securepubads.g.doubleclick.net
stags.bluekai.com
static.quantcast.mgr.consensu.org
stats3.unrulymedia.com
sync.bfmio.com
sync.mathtag.com
syndication.twitter.com
tags.mathtag.com
targeting.unrulymedia.com
tlx.3lift.com
tpc.googlesyndication.com
trk.connatix.com
v1.addthisedge.com
vendorlist.consensu.org
video.unrulymedia.com
web.hb.ad.cpe.dotomi.com
www.bleepingcomputer.com
www.bleepstatic.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.reddit.com
cm.g.doubleclick.net
104.111.230.142
104.111.241.32
104.16.68.69
104.17.119.107
104.20.60.209
104.24.0.61
104.244.42.72
13.32.145.226
13.35.253.27
13.35.253.87
136.243.51.222
143.204.214.17
143.204.214.60
143.204.214.69
151.101.13.140
151.101.13.194
172.217.16.130
178.79.175.86
18.194.27.222
18.196.104.43
185.29.132.92
185.29.133.223
185.64.189.112
2.18.232.130
2.18.233.180
2.18.233.201
2.18.234.163
2.18.234.21
2.18.68.31
2.19.43.224
216.58.206.2
23.210.248.44
2600:9000:2057:1600:1:af78:4c0:93a1
2600:9000:2057:d800:9:46dc:4700:93a1
2600:9000:20bb:2a00:6:44e3:f8c0:93a1
2600:9000:20bb:a400:9:46dc:4700:93a1
2606:2800:134:1a0d:1429:742:782:b6
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:10::6814:8528
2606:4700:20::6819:bf72
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::200a
2a00:1450:4001:818::2004
2a00:1450:4001:819::2008
2a00:1450:4001:819::200e
2a00:1450:4001:81d::2003
2a00:1450:4001:821::200a
2a00:1450:4001:821::200e
2a00:1450:4001:824::2002
2a00:1450:4001:825::2001
2a02:fa8:8806:16::1460
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f02d:e:face:b00c:0:2
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:1b::645
3.120.6.212
3.217.22.176
3.222.65.212
3.225.175.5
34.95.120.147
35.156.206.192
35.188.71.214
35.226.36.58
37.252.173.22
46.4.10.49
52.2.31.64
52.20.101.210
52.59.68.67
54.194.54.228
54.236.131.34
54.72.189.67
54.77.147.35
54.86.195.52
69.173.144.142
85.91.44.119
91.228.74.210
99.86.1.198
017c99660f80c6e9ebd2d21de7779aeedab552228d2003483b1dba12b8a17c9b
0341a4478ce861ef85c819b913fa0a2501836a6a2ffda8643e95e39f4a2a7de0
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
055de8868a2f067358a5abf7a789ce7b5c2d7d6793ae839e3e0c494bfc8379db
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0f427d0f88a0698c955ff63bf13af4ca80c9b32f218b5e210847450da901a74f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11fb622a8d3e0830daeb3e68573ce4200000b6a4ac1e8b1a66de775a907ec0bf
14d88b3a27f0e6de034f86ad42d6411081e9467daf754147f2f16bcb20782177
1859c89b541044355edec58cf4da059ee3c084b76222c37c63052f5a05197fc7
1903602c3145b18067c0ca07595f5096a29ce615fcd72dab63784695b4c9eae8
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
19db4a2cde712e2ceaac317e732b4ec40b62818a938a8bf8391ad68470845019
1a69f53445712daa0b82d80e32696b95d81b6a301d7cbfedafd9945571941456
1bf7f942638a5a657d1fa10cd2e2e50f6d78cba23e60e61393191330fae38d27
1c03bf74cefa77fd7b312c58f119309b4a2b16754bb24075ad5440814748fd7e
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1ffe3a7e36e4040d985f550a42ecaf3eb3a3c38ddfee44cb056e9cc66132ff79
20b9c5252847cdf2295fe94b5b65406f9bd0b46c5c1ccc88292bf2c22b09203b
20e8edc4933e5ed9acce52bfb2c4c78d8764d2b5c3ab073aa839f9766958a13a
2137b85fb02da63ebddb0df947618705e590cac29d7dd5e268337e92ebf6751e
22e977346d45bab9f531ce1132d7ecfbe8e46868eaea790a0d4dcd1d0649d74b
235317084559b00e0e99260796052636e0e9b413a9cc9fc48d5860bacfbb70bf
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
2544182fb9a0a2f65dac966c91bcbcb8239798c4c5d8278f0fd6d9f4056d301e
2a08157b09c1800e35d091d60c4dbea6e644e9cef8455d3fa2b972d9f8c64bbc
2b92869794d4aefbf198e16f39d20121e4660756f5cf78d8b2c14fc044eff83f
2b9ed752b1f7a1b7ff82910bd04de734cbc2c8b1ea01da2170a75e5891034863
2bc2f923beb057305b24afa9c51491e6e3e1aadb45c16d213e0ca5cae93e1c84
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb
2d702a47207c7b825e20444afb2b9cec3aa53f1c7d3b9d023e33026b7c70a5e1
2d71a6cdc27ead2e1573baf2393b4fba17802dd4d009c0d7ba5d25903ced83ae
31689f8d6eb1b3893de316c482b745b5fc7f0ee5408f7e86ec0e20c320e6b1c4
31cd7d9398307ca2e6cfaa111bbe7b69d69cbaaed2ff74034412ebc5008671fd
338e5578a7b3021caec1db415b93b214c378029d3cd8d19adc833d8b85ea7d29
33eb81af8a0101c1ad2a210f322fb362ce1598e6e37f0a7ecc62d6ff39add590
347b8ff8ee90634c9d3ea71cb45a94c1c8dd62baa42e7d7cb52bf01edf03e727
35cb0cfceecd6f21f28ea01abbe5fe24d7dbca31b5bb88289a74fbbdd529ab18
371e60eaea3df0bf53403a81ca0d49fad4e0c08dca679cf6a85300da15bf3208
38f5f8cd5c5fda4ded160d672e476bb5542fc3e702a3c53a44850a753ba7cacb
393703d7785acaf066255fa756de397ff7e250f64a21b6d5cf8407c3a254dc35
3b6a84a416edfb98ed7608dad8cd26ffd7123e54bce2bb13a4a3394e0b948382
3d68b2301825ce9b36663634e11c9ac93a648eb4b77a066dc02b5bc94de865a8
3feb67bc31f81c3e9e3a1d4fe37036623927464b784bb6abd6e70d87921957d5
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176
444d73420e7332d529b73c2d01f065e99031764eb10ec6b1c6b52065747f865b
4468e35646c229b518e5f398c5a3d6b15ba1351a71ef22692129bb32f5030ac0
45491009ecacd44a68ce929f718ec44a30d50b204a1c0302871ea801a2410171
45a94e89040b9d051c9cadd268df009d71ec7478bffe770492f21d6f7a2bce5f
45f9cb99b1bdd660e34f540cba37e0c88dd3f1875a9b365dcdd74cb0067941ea
46e4c702e0dbf320e702e5c708afafa7c89a5c1a6777a34f09e207907d2098f0
46f054a5c98b253c46ff84547ce118625668349700a0730724df4bb25bcf5f78
4bb3aaeb6bd2ba6d6c88f1497a5b86b2dba5ed0a39dcdbe82ee94dd06990e146
4dbb0d7a9aab9d404ab13a33b8edc915ee1faefd43daec748a821c4459cb126e
4eeb4df3522892ea2ec61de6a58e870e8262019f8e3c759c099450cefb589313
4fd5bf4f78cfcd3bcb5eb54c6d9cf6e8e9925d29d321a1202866e2a419d3feb5
502e2d68eebfd5f94df29568c8725fa6109f2e8215300c1f34e15f87ed24aeb0
511ef1b3982c438b86a27cbc14ffdacee595fcf6a3863312d0c3e063528161d8
537487518278d08ff3933b0a4046f313d77120f0057d292ccb800c3411429f74
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
57811344d04a892ddcd3623c551ce97f268cdf0b300e2396cac5168dbc49d425
57b31bd65f1a564e90d8742cb1a8799eb932025fc838cf247ab89c5394482a97
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5a4061ff8312e2ad494bd984b7df966438232be64a3b284ab69f66c6705009a6
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5de79bd33c164a62fe3389aeef0af2f54b82e7f8ba5fd7d0721f8080823babcb
5fe405e64b42b49a5813c2c7b8e48ccf290310c5eb351d2b15966856d1a2f06e
6006bbf34b3125901c8333fe76a9daeb862a8cb76844dbf75140fc0f59cee667
61cb7a1fefe87904c7b02aa16c88d4b42805526d63f9d20f2f797380713e4577
6562895bb17ee8d2b2b1a3e9ef2d1cc977c88e82331e085dff38cea57ca00485
6579b35f61f78040d581b9c1c22d4da9a0db25cade04f41b214ca011de445240
65ee5406a89efe5f0f53489a8fcfb30674d0d7ca02ebcb07f06d1b36b724958c
66e0f9a747bdd042fb9d01000d611034c4bdd2351cadb25fda445defec19c603
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6b736efd6387849e247861264aecf132e9d163950774cae7d67918ef4b252dd8
6c8d16fd525d689560442806ff2b2e6909949950453cb8215aa30ab3da66845f
6d6f482982f8f1a1814e279ff50df4ccc301533ca9655e4d080d6b90ec69d69e
6e86593083facba2710a2312f26bd7b436d7ef299f99cbc2ccc1b32693ec3144
6f29b545ddb8edb38a74d6d22236b39b9c8bbf39207f429e74a1a32615dfcdbc
6f8a44936bd24db5c54200edf2ef1ed44dcd80496b36b921ddb82f8b8800f5b0
72b7b82b18145a70db4cc8bb690f260452de3dd3db1a51b83d1aa01b43e74050
7380bd3cfeca403770e39e49079f26b6ca309d61b80c576df3ac43d26db7c1f3
78c372f8aece809225131a8fe9f7b117cf1675c07bcaade16598740bac0ed36c
7c42933014424dabb2256a0732a9f792559d26ba09a84308c278f52834522f9a
7d6d26827b887aa09b2a5eb7c001e35b93773e53c36ddbfc127ad824e0a6ba39
7e5825d5c855dee230929a99393f7242cb190f69ebb15820ed2e12c9b4039c39
7e7c74d95df84ef3a6be5c4fcde54fae313a04a9bd611059e6a97a23ff09f26f
7e8d9c376f9c2619e8812440b680d6b28c3ed51cb6e7e71ea877fe5441aa9215
7e94fbebf526effec4239c82e5435a412d81ffc4bc9bddf13f9aa1170f6d803e
82362621d84dafedb468e0a04d88dcc0730114e52b6907a2e89141e7ae379aed
82608c622156adaadee6df53da087724b6477470251a5873610327e57c811af0
827252be04765631f8ff21fee8ffe1028e27dfa52f62c08ef3182609a0a0e991
82c7fdbc4d001907e1e5d56cd335af3f0d48e0ffa7f0ad2aa3486ebb1123cb21
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
846ee19b60269fda100dd4dcc5fcb45352504cec1d2469b918c302362e76f7e2
8543535075b0d640008fb97747f5ccd8ee3872abff1aebdde9ba92047afa5dc5
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8733e2183f16906b2fa2e58fdab82cf336f249ab71ac1b184470da2dd3c6e29f
87562d3773ffab3d0716a70faa73c38b322fde3b8f265c3d646a3cea976ef67e
8a56e644a617b2d1e4e7d808dfc334a7ea8622979f22999dc9eccd21c61958b3
8aebd7cff13dca5a8ee6d79d574b0e76aa199b219c7fad5835291427adb8d0d4
8ca9f163db4163d05630ad05764db1741e01287d7b9f0444e2005ee963233330
8eb95bcbc154530931e15fc418c8b1fe991095671409552099ea1aa596999ede
8f0eed2c4b4577fbe95ac13af4ad75470e06aefe42e12c22c8a9e66512371d09
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
94d2da1e1639032b0a185a9f2d6abbf3c7f5dddd9dcaf21941a1dea1f7078f82
97a14d08d1a0b888930ca73b02789dce46222fe4d4966d262a1e4f30326ae1cd
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
9ed49a16cf8b6854c0f3c8bbd18bea92c7059b690a9b16d69c3d8833434a038d
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f
a3c9f4acd50e3927fb77d3d2744b0258440099664960bcd686b794518aa94a80
a40b9206f0d11b6147523e3805c5eb22e2cae24851a5350a21889cb40d74ddba
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
afeb5c988e1cf189e21b6b11525e4f24b5d6d955d7fe27e5d879ae75e47357a3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b332c9810a4dd50bcda1c4b796e08bb51bf911c3f2833f2c2feeddb6ae78ee76
b34676178982122b66b0a55d3ee411fa343b1d19a6c119c0c9b0ea2c892738a1
b3498f138f5418bd58413e79e4c0969e618d6f2fee2d9d98c0f4e70a6cbd04ad
b4e9e9bef19c34422f55a7fdb9d10c4db5e39cff24b8c98a0be0e09b2ee6ac2b
b56d484dae3d7041de26ec13b3a3aa54e9c652f1e702033ffb44176a1275933b
b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290
b76f163adbbdb47d8b825ceee9c6eac744cb9de13c843f320a17d090afc231c0
b79833f34aa21fd056a7e20d93c184a59c8a9fe462de04c6f7ea6fa8f83ad1df
b845f2d1f90649b1f179899e2655575fe42f844a32206ae95e864c1723541acf
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbf102c5075f97a7a750916e31fce68b9dd30074841cec6a1e16f10328b7ce73
bc5d9ecb724eaca0336e16a5a11876bc091f67be5235d006dacc40673832d5fb
bc75cfa9ea1dd6b85931d3637e76b4774ac0c77f55deef27243a7725f51df67f
bf6dfeb55238667742261daf868564936c9c32468d2a3a8e32c8ded0e0627601
bfc8e65089dc5421d56ecc71a0328eafd4feb2a602503ae5c15bfa3189c02f7e
c237e0ee4bb4f57215b8ea2c46b4c70b62bfdc6753cc019971ded30e06c96246
c26fd569cbff7c7b33fe25517c92338cf7fee0beacb4fb93a55885eb506f01d5
c2ff48bcbf9eadb11a5db2905263a74dfce1f4d3067910bfa74c4284a2ee7055
c3034d0370c5faa09e7a8d7b0c48925afa0371cf17e4827dde23059f56019dae
c33b559368969ef8c79d2a6a9e5deedf6dc4eae13111a5dca2ed6fdc399d233f
c3531ed2c934e5daee80955db42a0245d666131e6322c6ec6985992922520ab4
c50a17e8272b9359e4b62e0f305e201f359cb5bd2245671c115d031f2b7f68d0
c5ef160472db06c81136a8fb1f219346e0bd3c6d83dfdaa670332b6fd2a3f10f
c9e727b37a735a7983ea8bdad06a38b246261c239bb80b86cc0ff3663c910adb
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
cea82d67689c1c17b9ba59f2b218bf4d7c60d660f1dfed642759c08442e0ef06
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912
d2064583dc074f40b117a6e11043ea853c50bc49954b5ac936a48d9482d36fa7
d229886fc63edf6b95865ad6a9e90b589ca7585d2203bc61b69f73f61f746830
d3b9282150d7afaa9263d755f3450d2e3234d7aaf159c3de8e415cbe4d3eafaa
d4a0134009f70c36d82c43c77b2a6f0ee48a57beb8d4f9e9ff7c3dd3887212bc
d6161bbd6a0b0e633c76312aee3eefd52600990feece1abfb426c04b19ca2df3
d6d408ceb31cfae3d3d87971b82e522a331aa2eb042a793223b7ec19e419c564
d6d912ff99935b5bea175a599032c6d052cfa22e6ecf9137eead601a393051b9
d7afc2814615dbb587745a45806573e3c19b9dc8e08d0ae12ea6b87dafc02910
d86077e61e477ae6338f52a8395adc9e992039f715a860507cf80696b6c65128
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5
df6180c4d7f87eef7309332e901e4d3d4619d1ceb038050ee3fdf8bedb5bf44d
e1d9d600c635a50b91f8a197252ea3ce07f334bda185fc627cdee4081068a852
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4ab4a6bcf67f50610fb39af3ab7afb69b1daf39b641e1b046d01372287b70fd
e5cdcb6c15e64a5c414ce8c8726bb1c9b57e7dfeae98b6099dfd280ba633418c
e5e0f326458e8b8ed839d42a0cf6892df80bf26d7dc7e4f8276a65c41582ab85
e74f568e9d5a1d66917a37fbb26fbb7171bf3e052dcf7841e90d789bddfed3d9
ea6dec8a911924c0098fa147b9c983693d079299d19a9e89ee23a913e6f352e0
eb7a00d129fca004e51bfb80284a4b5c63676184c43233ba787db74e553f6085
ec1df8c4a64148a445a97e79db884ef225a6c91773243119c157b21a4967363b
eda198cca01cfbca1bf379b67742566b229c0991739664827ec6b2bf3c02ac45
eefa2fb2f05b9f0b175b8a18c38b245df7da5153219cc9865fb94ad964d20fcc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f30ad4f8025ecae16f7b285399d479a84e0d6e0954d2451581433b974047baf0
f31d00a72b38535ab0e9615410790bdd191ce7247198d172e7dcfd6913dbb70f
f36d71c69bcec4ce625d2923d36a4b1f64bbc2e5691c99cf8a4f3b0f79d1edb4
f568903f0c94a9cf128ea5b5e3e4d535600f0c52fd0c509e4a77bf720d60c2c6
f6abffc1195b8b06f6ddf6d7aac5a7f9d103fb91eebea626de9785d12bdc8732
f92613e18f86a27550aa6d749c835105da1adcb8144563d352341a871cf7e8ec
f9278e008fc4edcd157a9a7b3f5dfbd75c167f405d11296e19c313dc5d052cc2
fe90507931ad98f0c9bde0cb1d852e829e234e6b731486becbd1d7e19067d3dc
ffd88402bd7da213453634115d1872431f2ff6132e2a7c6aa38644606b3de809
ffe394a02e073e30cace149f2c3b2e38ca91259a0555fa85d9bc00a4b7ec8e13