www.gmanetwork.com Open in urlscan Pro
143.204.245.119 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Submission: On April 18 via manual (April 18th 2021, 6:23:48 pm UTC) from US

Summary HTTP 193 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 56 IPs in 6 countries across 37 domains to perform 193 HTTP transactions. The main IP is 143.204.245.119, located in United States and belongs to AMAZON-02, US. The main domain is www.gmanetwork.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 10th 2019. Valid for: 2 years.

This is the only time www.gmanetwork.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	143.204.245.119 143.204.245.119	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
5	2600:9000:202... 2600:9000:2021:9c00:c:3460:340:93a1	16509 (AMAZON-02) (AMAZON-02)
42	13.224.119.58 13.224.119.58	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
4	104.108.145.107 104.108.145.107	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	178.79.242.16 178.79.242.16	22822 (LLNW) (LLNW)
2	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
8	13.224.119.14 13.224.119.14	16509 (AMAZON-02) (AMAZON-02)
2	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	104.108.145.205 104.108.145.205	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
6	104.108.145.172 104.108.145.172	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.33.139.96 13.33.139.96	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:710... 2a02:26f0:7100:199::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	13.224.119.77 13.224.119.77	16509 (AMAZON-02) (AMAZON-02)
3	104.40.187.26 104.40.187.26	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:f48:2000... 2a00:f48:2000:1023::3	47447 (TTM) (TTM)
4	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	13.33.139.128 13.33.139.128	16509 (AMAZON-02) (AMAZON-02)
2	2600:1f18:e8a... 2600:1f18:e8a:cd02:882c:d916:bae1:7722	14618 (AMAZON-AES) (AMAZON-AES)
13	2606:2800:233... 2606:2800:233:9de:380:d6:22cb:12e3	15133 (EDGECAST) (EDGECAST)
4	175.41.191.212 175.41.191.212	16509 (AMAZON-02) (AMAZON-02)
9	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	64.202.112.159 64.202.112.159	23352 (SERVERCEN...) (SERVERCENTRAL)
3	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:6c0... 2a02:26f0:6c00:1b8::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	40.79.44.59 40.79.44.59	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a02:26f0:710... 2a02:26f0:7100::1720:ee33	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	52.200.218.179 52.200.218.179	14618 (AMAZON-AES) (AMAZON-AES)
6	2600:9000:20e... 2600:9000:20eb:8600:3:c04e:c780:93a1	16509 (AMAZON-02) (AMAZON-02)
2	13.224.119.12 13.224.119.12	16509 (AMAZON-02) (AMAZON-02)
1	104.117.192.218 104.117.192.218	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:804::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1	35.227.202.26 35.227.202.26	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:206f:f000:c:a9b7:ddc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
1	35.174.194.37 35.174.194.37	14618 (AMAZON-AES) (AMAZON-AES)
1	143.204.237.64 143.204.237.64	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	205.185.216.10 205.185.216.10	20446 (HIGHWINDS3) (HIGHWINDS3)
2	52.29.155.194 52.29.155.194	16509 (AMAZON-02) (AMAZON-02)
4	18.194.64.207 18.194.64.207	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1 1	2.16.107.152 2.16.107.152	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	184.86.251.212 184.86.251.212	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba43	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba33	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
193	56

1 143.204.245.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-245-119.cph50.r.cloudfront.net

www.gmanetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2021:9c00:c:3460:340:93a1 (United States)

ASN16509 (AMAZON-02, US)

aphrodite.gmanetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 13.224.119.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-119-58.mad50.r.cloudfront.net

images.gmanetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::621 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.108.145.107 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-145-107.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.79.242.16 (United States)

ASN22822 (LLNW, US)
PTR: https-178-79-242-16.fra.llnw.net

api.dmcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 13.224.119.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-119-14.mad50.r.cloudfront.net

images.gmanews.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.108.145.205 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-145-205.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.108.145.172 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-145-172.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.139.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-139-96.cph50.r.cloudfront.net

d31qbv1cthcecs.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:7100:199::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
684dd30b.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a03:2880:f02d:12:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.224.119.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-119-77.mad50.r.cloudfront.net

data.gmanetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.40.187.26 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

zdwidget3-bs.sphereup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:f48:2000:1023::3 (Germany)

ASN47447 (TTM, DE)

ob.cheqzone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.139.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-139-128.cph50.r.cloudfront.net

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:e8a:cd02:882c:d916:bae1:7722 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

obs.cheqzone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:2800:233:9de:380:d6:22cb:12e3 (United States)

ASN15133 (EDGECAST, US)

60a6ae725fca.bitsngo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 175.41.191.212 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-175-41-191-212.ap-southeast-1.compute.amazonaws.com

ads.allaccess.com.ph	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a03:2880:f12d:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.159 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:1b8::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 40.79.44.59 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

prod-sb-appanalytics-us1.servicebus.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:7100::1720:ee33 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

player.ivideosmart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.200.218.179 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-218-179.compute-1.amazonaws.com

trinitymedia.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:20eb:8600:3:c04e:c780:93a1 (United States)

ASN16509 (AMAZON-02, US)

ws.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.119.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-119-12.mad50.r.cloudfront.net

related.gmanews.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.117.192.218 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-117-192-218.deploy.static.akamaitechnologies.com

static-tagr.gd1.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:804::2001 (Ireland)

ASN15169 (GOOGLE, US)

8f6fbfdbbcb5c2f6072e34d1168958c1.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.202.26 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 26.202.227.35.bc.googleusercontent.com

ph-gmtdmp.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:f000:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.sharethis.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.174.194.37 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-194-37.compute-1.amazonaws.com

count-server.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.237.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-237-64.cph50.r.cloudfront.net

d2wy8f7a9ursnm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 205.185.216.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

vd.trinitymedia.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.155.194 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.194.64.207 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

depart.trinitymedia.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.107.152 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-107-152.deploy.static.akamaitechnologies.com

trial-eum-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.86.251.212 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-86-251-212.deploy.static.akamaitechnologies.com

xhkkxwaccbvzqyd4pesa-p7f81n-2d3f08604-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba43 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

trial-eum-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba33 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

fiaqj6absjkbikqce3ygyaaaabqhy6je-p7f81n-f530fde3d-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
53	gmanetwork.com www.gmanetwork.com aphrodite.gmanetwork.com images.gmanetwork.com data.gmanetwork.com	626 KB
13	bitsngo.net 60a6ae725fca.bitsngo.net	229 KB
10	gmanews.tv images.gmanews.tv related.gmanews.tv	1 MB
9	sharethis.com ws.sharethis.com count-server.sharethis.com l.sharethis.com	67 KB
9	facebook.com www.facebook.com	27 KB
8	trinitymedia.ai trinitymedia.ai vd.trinitymedia.ai depart.trinitymedia.ai	288 KB
8	windows.net prod-sb-appanalytics-us1.servicebus.windows.net	1 KB
7	googlesyndication.com 8f6fbfdbbcb5c2f6072e34d1168958c1.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	24 KB
6	moatads.com z.moatads.com px.moatads.com	59 KB
5	gstatic.com fonts.gstatic.com	102 KB
5	googleapis.com fonts.googleapis.com	4 KB
4	akamaihd.net 2 redirects trial-eum-clientnsv4-s.akamaihd.net xhkkxwaccbvzqyd4pesa-p7f81n-2d3f08604-clientnsv4-s.akamaihd.net trial-eum-clienttons-s.akamaihd.net fiaqj6absjkbikqce3ygyaaaabqhy6je-p7f81n-f530fde3d-clienttons-s.akamaihd.net	1 KB
4	fbcdn.net static.xx.fbcdn.net	250 KB
4	allaccess.com.ph ads.allaccess.com.ph
4	google-analytics.com www.google-analytics.com	19 KB
4	facebook.net connect.facebook.net	160 KB
4	outbrain.com widgets.outbrain.com widget-pixels.outbrain.com	60 KB
3	cloudflare.com cdnjs.cloudflare.com	40 KB
3	cheqzone.com ob.cheqzone.com obs.cheqzone.com	23 KB
3	sphereup.com zdwidget3-bs.sphereup.com	18 KB
3	outbrainimg.com tcheck.outbrainimg.com log.outbrainimg.com	1 KB
3	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net	104 KB
2	google.com adservice.google.com www.google.com	272 B
2	google.de adservice.google.de www.google.de	272 B
2	mookie1.com static-tagr.gd1.mookie1.com ph-gmtdmp.mookie1.com	2 KB
2	ivideosmart.com player.ivideosmart.com	52 KB
2	go-mpulse.net s.go-mpulse.net c.go-mpulse.net	51 KB
2	cloudfront.net d31qbv1cthcecs.cloudfront.net d2wy8f7a9ursnm.cloudfront.net	15 KB
2	googletagmanager.com www.googletagmanager.com	85 KB
2	youtube.com www.youtube.com	40 KB
1	akstat.io 684dd30b.akstat.io	205 B
1	consensu.org c.sharethis.mgr.consensu.org	1 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	5 KB
1	alexametrics.com certify.alexametrics.com	552 B
1	dmcdn.net api.dmcdn.net	10 KB
1	googletagservices.com www.googletagservices.com	21 KB
1	jsdelivr.net cdn.jsdelivr.net	1 KB
193	37

	Domain	Requested by
42	images.gmanetwork.com	www.gmanetwork.com
13	60a6ae725fca.bitsngo.net	zdwidget3-bs.sphereup.com
9	www.facebook.com	www.gmanetwork.com connect.facebook.net
8	prod-sb-appanalytics-us1.servicebus.windows.net	www.gmanetwork.com
8	images.gmanews.tv	www.gmanetwork.com
6	ws.sharethis.com	www.gmanetwork.com ws.sharethis.com
5	px.moatads.com	www.gmanetwork.com
5	data.gmanetwork.com	www.gmanetwork.com
5	fonts.gstatic.com	fonts.googleapis.com
5	aphrodite.gmanetwork.com	www.gmanetwork.com aphrodite.gmanetwork.com
5	fonts.googleapis.com	www.gmanetwork.com aphrodite.gmanetwork.com zdwidget3-bs.sphereup.com
4	depart.trinitymedia.ai	cdnjs.cloudflare.com vd.trinitymedia.ai
4	static.xx.fbcdn.net	www.facebook.com
4	ads.allaccess.com.ph	www.gmanetwork.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com vd.trinitymedia.ai
4	connect.facebook.net	images.gmanetwork.com connect.facebook.net
3	pagead2.googlesyndication.com	cdnjs.cloudflare.com tpc.googlesyndication.com
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	cdnjs.cloudflare.com	zdwidget3-bs.sphereup.com
3	zdwidget3-bs.sphereup.com	www.gmanetwork.com
3	widgets.outbrain.com	www.gmanetwork.com widgets.outbrain.com
2	l.sharethis.com	ws.sharethis.com www.gmanetwork.com
2	vd.trinitymedia.ai	trinitymedia.ai
2	related.gmanews.tv	www.gmanetwork.com cdnjs.cloudflare.com
2	trinitymedia.ai	images.gmanetwork.com www.gmanetwork.com
2	player.ivideosmart.com	www.gmanetwork.com player.ivideosmart.com
2	log.outbrainimg.com	widgets.outbrain.com
2	obs.cheqzone.com	ob.cheqzone.com www.gmanetwork.com
2	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
2	www.googletagmanager.com	www.gmanetwork.com www.googletagmanager.com
2	www.youtube.com	www.gmanetwork.com www.youtube.com
1	684dd30b.akstat.io	s.go-mpulse.net
1	fiaqj6absjkbikqce3ygyaaaabqhy6je-p7f81n-f530fde3d-clienttons-s.akamaihd.net
1	trial-eum-clienttons-s.akamaihd.net	1 redirects
1	xhkkxwaccbvzqyd4pesa-p7f81n-2d3f08604-clientnsv4-s.akamaihd.net
1	trial-eum-clientnsv4-s.akamaihd.net	1 redirects
1	www.google.de	www.gmanetwork.com
1	www.google.com	www.gmanetwork.com
1	d2wy8f7a9ursnm.cloudfront.net	player.ivideosmart.com
1	count-server.sharethis.com	ws.sharethis.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	c.sharethis.mgr.consensu.org	ws.sharethis.com
1	ph-gmtdmp.mookie1.com	www.gmanetwork.com
1	8f6fbfdbbcb5c2f6072e34d1168958c1.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	static-tagr.gd1.mookie1.com	images.gmanetwork.com
1	maxcdn.bootstrapcdn.com	www.gmanetwork.com
1	c.go-mpulse.net	s.go-mpulse.net
1	certify.alexametrics.com	www.gmanetwork.com
1	ob.cheqzone.com	widgets.outbrain.com
1	s.go-mpulse.net	images.gmanetwork.com
1	d31qbv1cthcecs.cloudfront.net	images.gmanetwork.com
1	z.moatads.com	images.gmanetwork.com
1	widget-pixels.outbrain.com	www.gmanetwork.com
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	api.dmcdn.net	www.gmanetwork.com
1	www.googletagservices.com	www.gmanetwork.com
1	cdn.jsdelivr.net	www.gmanetwork.com
1	www.gmanetwork.com
193	60

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
chats.viber.com
blog.trendmicro.com
www.intego.com

Subject Issuer	Validity	Valid
*.gmanetwork.com Sectigo RSA Domain Validation Secure Server CA	`2019-07-10` - `2021-07-09`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-04-13` - `2022-03-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2020-03-09` - `2021-06-08`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.dmcdn.net ZeroSSL RSA Domain Secure Site CA	`2021-03-19` - `2021-06-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.gmanews.tv Amazon	`2020-06-11` - `2021-07-11`	a year	crt.sh
*.outbrainimg.com DigiCert Secure Site ECC CA-1	`2020-03-26` - `2021-06-25`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh
akstat.io DigiCert Secure Site ECC CA-1	`2020-05-06` - `2021-08-05`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
*.sphereup.com Go Daddy Secure Certificate Authority - G2	`2020-10-09` - `2021-11-10`	a year	crt.sh
ob.cheqzone.com R3	`2021-04-07` - `2021-07-06`	3 months	crt.sh
certify.alexametrics.com Amazon	`2020-07-12` - `2021-08-12`	a year	crt.sh
obs.cheqzone.com R3	`2021-04-15` - `2021-07-14`	3 months	crt.sh
*.raynw.net DigiCert SHA2 Secure Server CA	`2020-07-28` - `2022-08-05`	2 years	crt.sh
*.allaccess.com.ph Amazon	`2020-07-09` - `2021-08-10`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
servicebus.windows.net Microsoft Azure TLS Issuing CA 05	`2021-01-21` - `2022-01-16`	a year	crt.sh
player-objects.ivideosmart.com R3	`2021-02-19` - `2021-05-20`	3 months	crt.sh
trinitymedia.ai Sectigo ECC Domain Validation Secure Server CA	`2020-12-15` - `2021-12-15`	a year	crt.sh
sharethis.com Amazon	`2020-08-17` - `2021-09-16`	a year	crt.sh
static-tagr.gd1.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-08` - `2021-12-12`	a year	crt.sh
*.google.de GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-25`	a year	crt.sh
sharethis.mgr.consensu.org Amazon	`2021-04-07` - `2022-05-06`	a year	crt.sh
www.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
vd.trinitymedia.ai Sectigo RSA Domain Validation Secure Server CA	`2020-12-15` - `2021-12-15`	a year	crt.sh
depart.trinitymedia.ai Sectigo RSA Domain Validation Secure Server CA	`2020-12-28` - `2021-12-28`	a year	crt.sh
a248.e.akamai.net DigiCert Secure Site ECC CA-1	`2020-07-15` - `2021-09-13`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Frame ID: A62CAC672AD8763894785E83CFA8D9BC
Requests: 165 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Frame ID: CF4D8051C1B21F6605F68DFBBE7FE9A6
Requests: 2 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/FG65A-Y848M-3TACG-B2LGY-Y72BW
Frame ID: 468BFD91426F975D4C45CD8D14E9FE27
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/v2.5/plugins/like.php?action=like&app_id=255951164473730&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df749897d06ca2%26domain%3Dwww.gmanetwork.com%26origin%3Dhttps%253A%252F%252Fwww.gmanetwork.com%252Ff1275bb104bc25%26relation%3Dparent.parent&container_width=734&href=https%3A%2F%2Fwww.facebook.com%2FGMANews&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=large&width=720
Frame ID: 3B5DCFFA7BB46FD513E7704233B0F489
Requests: 4 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/portal-v2.html
Frame ID: 9E775137AAD7A1B3E37B8CD337922FAC
Requests: 1 HTTP requests in this frame

Frame: https://trinitymedia.ai/player/audio.php?pageURL=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fscitech%2Ftechnology%2F283585%2Fwarning-out-vs-new-cross-platform-malware%2Fstory%2F&GDPR=%24%24GDPR_MACRO%24%24&GDPR_CONSENT=%24%24GDPR_CONSENT_MACRO%24%24&textSelector=I3N0b3J5MSAuc3RvcnlfdGl0bGUgLnN0b3J5X2xpbmtzLCAjc3RvcnkxIC5zdG9yeV9tYWlu&sCampaignID=2900001771&FAB=true&backgroundColor=rgb%28255%2C+255%2C+255%29&playerId=ceeca9954a2777ad72bb18bba6143c92&isLegacyBrowser=false&version=20210416_36c76a966e6901ff7f161a943dc6dcb19643b0af&useCFCDN=0&ts=1618770211103&tsServer=1618770210985&FABOnly=0
Frame ID: B430CA051C10B913A25CB858091FFA58
Requests: 6 HTTP requests in this frame

Frame: https://www.facebook.com/v2.5/plugins/like.php?action=like&app_id=255951164473730&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df220f26011bbfa%26domain%3Dwww.gmanetwork.com%26origin%3Dhttps%253A%252F%252Fwww.gmanetwork.com%252Ff1275bb104bc25%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2FGMANews&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=large&width=720
Frame ID: 66DB435FF61300D2893D21E821F5ABAF
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 0065910039AEDD9E3D1D2E74B904B81E
Requests: 2 HTTP requests in this frame

Frame: https://ws.sharethis.com/secure/index.html
Frame ID: CEF0ACC375A01391DC633E8723950CB4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Page Statistics

193
Requests

100 %
HTTPS

54 %
IPv6

37
Domains

60
Subdomains

56
IPs

6
Countries

3834 kB
Transfer

9519 kB
Size

15
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/gmanews

Search URL Search Domain Scan URL

URL: https://twitter.com/gmanews

Search URL Search Domain Scan URL

URL: https://www.instagram.com/gmanews

Search URL Search Domain Scan URL

URL: https://www.youtube.com/gmanews

Search URL Search Domain Scan URL

URL: https://chats.viber.com/gmanews

Search URL Search Domain Scan URL

URL: https://www.facebook.com/gmanews/
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/gmanews/
Title:

Search URL Search Domain Scan URL

URL: http://www.instagram.com/gmanews/
Title:

Search URL Search Domain Scan URL

URL: http://www.youtube.com/gmanews/
Title:

Search URL Search Domain Scan URL

URL: https://chats.viber.com/gmanews/
Title:

Search URL Search Domain Scan URL

URL: http://www.instagram.com/gmanews
Title:

Search URL Search Domain Scan URL

URL: http://www.youtube.com/gmanews
Title:

Search URL Search Domain Scan URL

URL: http://blog.trendmicro.com/trendlabs-security-intelligence/jacksbot-has-some-dirty-tricks-up-its-sleeves/
Title: a blog post

Search URL Search Domain Scan URL

URL: http://www.intego.com/mac-security-blog/new-multiplatform-backdoor-jacksbot-discovered/
Title: capable of

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 185

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=p7f81nfwy HTTP 302
https://xhkkxwaccbvzqyd4pesa-p7f81n-2d3f08604-clientnsv4-s.akamaihd.net/eum/results.txt

Request Chain 186

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=p7f81nfwy HTTP 302
https://fiaqj6absjkbikqce3ygyaaaabqhy6je-p7f81n-f530fde3d-clienttons-s.akamaihd.net/eum/results.txt

193 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/ 425 KB
97 KB 710ms
567ms Document
text/html 143.204.245.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.245.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-245-119.cph50.r.cloudfront.net
Software: eqmod_httpd v1.0 (author: mon sarmiento) /
Resource Hash: 7df06d0c1d0a5302a37749adbdc40f27d54116c905f87bb1146e812829c251f9

Request headers

:method: GET
:authority: www.gmanetwork.com
:scheme: https
:path: /news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
content-length: 98443
date: Sun, 18 Apr 2021 18:23:28 GMT
publishedtime: 1353668974
expires: Sat, 17 Apr 2021 18:23:28 GMT
content-encoding: gzip
server: eqmod_httpd v1.0 (author: mon sarmiento)
access-control-allow-origin: www.gmanetwork.com
access-control-allow-methods: POST, OPTIONS, GET, PUT
access-control-allow-credentials: true
access-control-allow-headers: Authorization, X-Requested-With
p3p: CP="NON DSP LAW CUR ADM DEV TAI PSA PSD HIS OUR DEL IND UNI PUR COM NAV INT DEM CNT STA POL HEA PRE LOC IVD SAM IVA OTC"
access-control-max-age: 1
cache-control: max-age=120, public
etag: "1618799008"
x-elapsed-time: 298802 microseconds
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 6e7498469e2ca10a35f5f52ababba925.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: Fgs1ZagzftysZSRFRH7eyg7k3MwVKH-fs8H-bLc0It8MsFbgqS4nNw==

GET
H2 200 css
fonts.googleapis.com/ 18 KB
1 KB 16ms
15ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?display=swap&family=PT+Sans%7CLato:300,400,700%7CUbuntu:300,400%7CSource+Sans+Pro:400,600%7CUbuntu+Condensed%7COswald:400,300,700

Requested by

Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

380b47f6ea7d28de20e705c6c8442ae9e5df6be6c8fb729975dfae6228dbc0c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 18 Apr 2021 18:23:28 GMT
server: ESF
date: Sun, 18 Apr 2021 18:23:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 18 Apr 2021 18:23:28 GMT

GET
H2 200 css
fonts.googleapis.com/ 17 KB
1 KB 17ms
16ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?display=swap&family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic

Requested by

Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1a83f7708114effe858a7974dfd5b2a877a5bc347e9f1b1d7754a1dd64f842ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 18 Apr 2021 18:23:28 GMT
server: ESF
date: Sun, 18 Apr 2021 18:23:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 18 Apr 2021 18:23:28 GMT

GET
H2 200 header_style.css
aphrodite.gmanetwork.com/assets/revamp/css/build/widgets/ 26 KB
5 KB 127ms
49ms Stylesheet
text/css 2600:9000:2021:9c00:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/css/build/widgets/header_style.css
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2021:9c00:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6d16ed20b3cddde6e086198fe01669c0e1da6063547a4659094ad89de4d88e45

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Tue, 23 Mar 2021 07:36:09 GMT
server: AmazonS3
x-amz-cf-pop: CPH50-C2
etag: W/"2a63140195615aafd28572488c8b64d5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 c126163fdc452c400ffe65744c8b6612.cloudfront.net (CloudFront)
cache-control: max-age=120,public
date: Sun, 18 Apr 2021 18:23:28 GMT
x-amz-cf-id: E1Yc8gHmuf7mbZEjANh4NhE6BI-8SIQ-JRDP7HQ52aDJj0biN1aIAw==

GET
H2 200 gnoadscript.gz.js Show response
images.gmanetwork.com/res/dist/js/ 15 KB
3 KB 401ms
45ms Script
application/javascript 13.224.119.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/gnoadscript.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.119.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-119-58.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7e373d1ef257fbe7a72515f2d7edb46dde98ae1ef52c663428c81679f49c51db

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:22:57 GMT
content-encoding: gzip
last-modified: Wed, 09 Dec 2020 08:39:12 GMT
server: AmazonS3
age: 33
etag: "2f73af1bd94feca38b5f4977e546a52c"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 546db6834bf5885f55b5457c969e7ad6.cloudfront.net (CloudFront)
cache-control: max-age=120
x-amz-cf-pop: MAD50-C1
content-length: 2775
x-amz-cf-id: YNjiLlZHEqjznlCHhMMLCUrAdzUQHUy330t2kdmzfEExeJZHKi-Cxg==

GET
H2 200 dfp.gz.js Show response
images.gmanetwork.com/res/dist/js/third_party/ 4 KB
1 KB 428ms
73ms Script
application/javascript 13.224.119.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/third_party/dfp.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.119.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-119-58.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d06ac9d723f8a20b2851b8c90aefda827ef956ed5db057a2a68840f82e691cee

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:29 GMT
content-encoding: gzip
last-modified: Tue, 01 Sep 2020 08:31:53 GMT
server: AmazonS3
x-amz-cf-pop: MAD50-C1
etag: "22b730f6f73dd1c6d46893a639c7ab11"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 546db6834bf5885f55b5457c969e7ad6.cloudfront.net (CloudFront)
cache-control: max-age=120
content-length: 1120
x-amz-cf-id: gxLUGF0m6xIvGW5J-Jbzr8wKTXtIDlJeEVY5-lokbCRZ1AXUNKBE8Q==

GET
H2 200 gma_white.png
aphrodite.gmanetwork.com/assets/revamp/img/ 1 KB
2 KB 50ms
49ms Image
image/png 2600:9000:2021:9c00:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/img/gma_white.png
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2021:9c00:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8095e046d436d9957b442dad9827d0289469e91f12cd94f68ffc90198e3b4f31

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Z1a4KR1IgQCUibmGiK2ThFq69ie8hdZd
via: 1.1 c126163fdc452c400ffe65744c8b6612.cloudfront.net (CloudFront)
last-modified: Thu, 01 Feb 2018 07:44:52 GMT
server: AmazonS3
x-amz-cf-pop: CPH50-C2
etag: "e8749bb5058882d51032084665c54c4f"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=180
date: Sun, 18 Apr 2021 18:23:29 GMT
content-length: 1428
x-amz-cf-id: dpW1O-qaPv_Eg6JWC4Z9juc48ao_d_Xea6XPw2y7DS1rTh6QXqpkCA==
x-amz-meta-s3b-last-modified: 20180201T034941Z

GET
H2 200 my_stream.png
images.gmanetwork.com/res/img/ 1 KB
1 KB 76ms
44ms Image
image/png 13.224.119.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.gmanetwork.com/res/img/my_stream.png
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.119.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-119-58.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f1a21d182b937b569183172ed61bbc084ced8c79e0d1c0cea671f0221cf189b

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 19:26:05 GMT
via: 1.1 546db6834bf5885f55b5457c969e7ad6.cloudfront.net (CloudFront)
last-modified: Tue, 05 Nov 2019 09:48:19 GMT
server: AmazonS3
age: 428245
etag: "e17b32d7834a1eec803779a1dd2258de"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000,public
x-amz-cf-pop: MAD50-C1
content-length: 1056
x-amz-cf-id: YSaONZcmb_in8fAMaEGM-l4A7c76-JFFIPG1H8AEvy_kX6GmVUNL2Q==

GET
H2 200 gno_logo_svg1.svg
images.gmanetwork.com/res/img/ 11 KB
5 KB 77ms
45ms Image
image/svg+xml 13.224.119.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.gmanetwork.com/res/img/gno_logo_svg1.svg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.119.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-119-58.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d11b07859fd9c556a2e9382897ff4d5bb2a811327a3f75e95b071f6804d3f52c

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 19:26:05 GMT
content-encoding: gzip
last-modified: Tue, 05 May 2020 08:50:15 GMT
server: AmazonS3
age: 428245
etag: W/"379589077b63dbd422c97a673ecec40f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 546db6834bf5885f55b5457c969e7ad6.cloudfront.net (CloudFront)
cache-control: max-age=31536000,public
x-amz-cf-pop: MAD50-C1
x-amz-cf-id: cQG3DJudb262eV67vNeA3LokV-3-qxyiQASgFmwAy1DGHmCh1Q3Xaw==

GET
H3-29 200 css
fonts.googleapis.com/ 2 KB
490 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu:400&display=swap

Requested by

Host: aphrodite.gmanetwork.com
URL: https://aphrodite.gmanetwork.com/assets/revamp/css/build/widgets/header_style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0e332b922db69ae1554d1d67b6df95e42aa4aef82dceaae9540b613735fd817d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://aphrodite.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 18 Apr 2021 18:09:06 GMT
server: ESF
date: Sun, 18 Apr 2021 18:23:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 18 Apr 2021 18:23:28 GMT

GET
H2 200 polyfill.min.js Show response
cdn.jsdelivr.net/npm/promise-polyfill@8/dist/ 4 KB
1 KB 36ms
5ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/promise-polyfill@8/dist/polyfill.min.js

Requested by

Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e17ae17f90ae983832f3709e67de0f7902fe1014568410534615235a158d7af0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 26566
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 1372
etag: W/"f21-7y8qDdUZ0tHOjRWwA1LCbmu2V2I"
x-served-by: cache-fra19127-FRA, cache-hhn4054-HHN
date: Sun, 18 Apr 2021 18:23:29 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 62 KB
21 KB 55ms
24ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bee022a4099fdb924d19ba7cdd46c87f30d360ccf955a7fdcb45f8f83ddf4b2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "847 / 830 of 1000 / last-modified: 1618610925"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21051
x-xss-protection: 0
expires: Sun, 18 Apr 2021 18:23:29 GMT

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 171 KB
57 KB 175ms
64ms Script
application/x-javascript 104.108.145.107
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.107 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-107.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 162983af27e6105fafd526cb7a509dbf55b8e84f5320e4cc03a9a7fa3651137d

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:29 GMT
content-encoding: gzip
last-modified: Sun, 18 Apr 2021 11:02:19 GMT
etag: W/"2adc2-hYTJ8xmSikofS1nb9JbmlEC2YfQ"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
x-traceid: 51785a99cb624d8818bd49ea6df84529
timing-allow-origin: *, *
content-length: 58217
expires: Sun, 18 Apr 2021 22:23:29 GMT

GET
H2 200 player_api Show response
www.youtube.com/ 1005 B
1 KB 87ms
26ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/player_api

Requested by

Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9597860d23d61f092be7543c5714d0e1dbf18eae058a76c76da64285392b8eb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cache-control: private, max-age=0
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
content-type: text/javascript; charset=utf-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Sun, 18 Apr 2021 18:23:29 GMT

GET
H2 200 all.js Show response
api.dmcdn.net/ 29 KB
10 KB 138ms
28ms Script
application/x-javascript 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://api.dmcdn.net/all.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: DMS/1.0.42 /
Resource Hash: 4f9325b0e50d54922f785cd9797a3d80de8eda2ddd780e823fbc629d0cb17a92

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:29 GMT
content-encoding: gzip
nel: {"report_to":"telemetry","max_age":7776000,"include_subdomains":true,"failure_fraction":1.0}
age: 17838
content-length: 9766
last-modified: Tue, 19 Jan 2021 13:25:26 GMT
server: DMS/1.0.42
etag: "6006ddc6-73be"
vary: Accept-Encoding
report-to: {"group":"telemetry","max_age":7776000,"endpoints":[{"url":"https://telemetry.dailymotion.com/"}],"include_subdomains":true}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-llid: 918eb8845d3dc16222b39227a65bab20
expires: Mon, 19 Apr 2021 13:26:11 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 95 KB
37 KB 55ms
25ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-242242-2

Requested by

Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4ec4816ff01bbeaa8133086cb0a2c6f29259eaef6482897ca0acf131fdc33d8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:29 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38285
x-xss-protection: 0
expires: Sun, 18 Apr 2021 18:23:29 GMT

GET
H2 200 header.js Show response
aphrodite.gmanetwork.com/assets/revamp/js/build/widgets/ 34 KB
9 KB 127ms
96ms Script
application/javascript 2600:9000:2021:9c00:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/js/build/widgets/header.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2021:9c00:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c77f2497c42c0cf38e4ccf810e651391cbceecd15ae2b8f62e17ebf4524086ab

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Tue, 23 Mar 2021 07:36:10 GMT
server: AmazonS3
x-amz-cf-pop: CPH50-C2
etag: W/"9bc86c07780a023822204de2700e3e70"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c126163fdc452c400ffe65744c8b6612.cloudfront.net (CloudFront)
cache-control: max-age=120,public
date: Sun, 18 Apr 2021 18:23:29 GMT
x-amz-cf-id: -QDKVE7LWLMvOFiw9_PJnRCDUPwLN7ywCDcWrdlRabuTfQkAJUfQVQ==

GET
H2 200 initial.gz.js Show response
images.gmanetwork.com/res/dist/js/ 661 B
727 B 77ms
47ms Script
application/javascript 13.224.119.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/initial.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.119.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-119-58.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3bd5c300f9b36036a0be212fdb9a6184a192b5559d7d362760741e9c98cbd2d3

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:22 GMT
content-encoding: gzip
last-modified: Tue, 01 Sep 2020 08:31:53 GMT
server: AmazonS3
age: 7
etag: "47a92dac25d9c4b6c1652783cc13dd34"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 546db6834bf5885f55b5457c969e7ad6.cloudfront.net (CloudFront)
cache-control: max-age=120
x-amz-cf-pop: MAD50-C1
content-length: 374
x-amz-cf-id: KK97xQiSaqGVkn-LmsnDP05eZ9rR10yGQxS-kIoDcax_zp91-wnmXA==

GET
H2 200 ie-emulation-modes-warning.gz.js Show response
images.gmanetwork.com/res/dist/js/btstrap/ 613 B
766 B 76ms
46ms Script
application/javascript 13.224.119.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/btstrap/ie-emulation-modes-warning.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.119.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-119-58.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d3c25479d7c2977020822fb709b73ef277fe1bdf7d18ae1cd15af9f8c097e504

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:23 GMT
content-encoding: gzip
last-modified: Tue, 01 Sep 2020 08:31:52 GMT
server: AmazonS3
age: 7
etag: "56b8cd137926f6d02133bf15808cd20b"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 546db6834bf5885f55b5457c969e7ad6.cloudfront.net (CloudFront)
cache-control: max-age=120
x-amz-cf-pop: MAD50-C1
content-length: 413
x-amz-cf-id: ipgzoHunpvW9W6tQzNuNT8ascWVdsy4Jfo9rEXt2Jx_q737iSviSLw==

GET
H2 200 global.gz.js Show response
images.gmanetwork.com/res/dist/js/ 11 KB
4 KB 77ms
47ms Script
application/javascript 13.224.119.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/global.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.119.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-119-58.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4a85de9065d5a1bdf2f24f8a39125aa86e684c33b86b511d0e43875fc1a12543

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:22 GMT
content-encoding: gzip
last-modified: Wed, 24 Mar 2021 06:49:32 GMT
server: AmazonS3
age: 7
etag: "2ef2334db46a2892e284c98044b95b98"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 546db6834bf5885f55b5457c969e7ad6.cloudfront.net (CloudFront)
cache-control: max-age=120
x-amz-cf-pop: MAD50-C1
content-length: 3885
x-amz-cf-id: OI9yQT64WifQTl4goKBaZM-SgV5jglCwisEIUM9atF0CQwJRJHX9pA==

GET
H2 200 jquery-ui.gz.js Show response
images.gmanetwork.com/res/dist/js/ 221 KB
59 KB 92ms
63ms Script
application/javascript 13.224.119.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/jquery-ui.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.119.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-119-58.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 139da75dd27ce3e72eb0511df6e68f3a42e8db2b96effb3750a27e2e3dd3167a

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:23 GMT
content-encoding: gzip
last-modified: Tue, 01 Sep 2020 08:31:53 GMT
server: AmazonS3
age: 7
etag: "595e559d0f510cc53877b57dee8bc05f"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 546db6834bf5885f55b5457c969e7ad6.cloudfront.net (CloudFront)
cache-control: max-age=120
x-amz-cf-pop: MAD50-C1
content-length: 60002
x-amz-cf-id: urTcWJtJc5QulkdThLJzlWcv0bmy0K98enGBEDyzJN-l9y7nD7Cbyw==

GET
H2 200 lazyload.gz.js Show response
images.gmanetwork.com/res/dist/js/plugins/ 3 KB
2 KB 120ms
91ms Script
application/javascript 13.224.119.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/plugins/lazyload.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.119.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-119-58.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: afbfe8e368a2051af8391ea4c832a3d1e6784c254621e2bedf3e20b241164fe7

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:22 GMT
content-encoding: gzip
last-modified: Tue, 01 Sep 2020 08:31:53 GMT
server: AmazonS3
age: 7
etag: "571fcc5ee90d980f7303971ec23d753b"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 546db6834bf5885f55b5457c969e7ad6.cloudfront.net (CloudFront)
cache-control: max-age=120
x-amz-cf-pop: MAD50-C1
content-length: 1228
x-amz-cf-id: 8V4MUEyQTAxKMmpVKMModGwyp_z9GydvTG24Z9gBJEEcJiYCjES7lQ==

GET
H2 200 jquery.dotdotdot.gz.js Show response
images.gmanetwork.com/res/dist/js/plugins/ 6 KB
3 KB 122ms
93ms Script
application/javascript 13.224.119.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/plugins/jquery.dotdotdot.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.119.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-119-58.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d362b60418a5963fe304088ba49ebdc91d1a9279c47ae8a044ddfbee6f52eccd

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 01:13:43 GMT
content-encoding: gzip
last-modified: Tue, 01 Sep 2020 08:31:51 GMT
server: AmazonS3
age: 3085787
etag: "9e61fb7be190dbbcc7833bbd85675624"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 546db6834bf5885f55b5457c969e7ad6.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: MAD50-C1
content-length: 2344
x-amz-cf-id: RCdxKogrZMPnAtpc7sIpVsr8GAP3nDdt4n0YsFkWCmWpPDXqPnqWzQ==

GET
H2 200 jquery.marquee.gz.js Show response
images.gmanetwork.com/res/dist/js/plugins/ 4 KB
2 KB 120ms
92ms Script
application/javascript 13.224.119.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/plugins/jquery.marquee.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.119.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-119-58.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 05c173701f520cc53fcf2fba4ea74aa600c4daf76ee7d7fc321c1f00c7097603

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 01:07:23 GMT
content-encoding: gzip
last-modified: Tue, 01 Sep 2020 08:31:51 GMT
server: AmazonS3
age: 13713367
etag: "ceb92161930b1a0192bd0b8ab559bb33"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 546db6834bf5885f55b5457c969e7ad6.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: MAD50-C1
content-length: 1757
x-amz-cf-id: d7_AVH3dPUl06GFAK5UU-JDnMS-GxeZyXv0QfLV7eybymB1nrk7kCA==

GET
H2 200 jquery.mousewheel.gz.js Show response
images.gmanetwork.com/res/dist/js/plugins/ 2 KB
1 KB 122ms
93ms Script
application/javascript 13.224.119.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/plugins/jquery.mousewheel.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.119.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-119-58.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ad09eb4f381f7bdd2df06a98dde61dd1a8d88c01170865914f972ceefcc45037

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 25 Nov 2020 01:36:02 GMT
content-encoding: gzip
last-modified: Tue, 01 Sep 2020 08:31:51 GMT
server: AmazonS3
age: 12502048
etag: "b68fffb7025d12d1cfdb53b7f0c98cb1"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 546db6834bf5885f55b5457c969e7ad6.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: MAD50-C1
content-length: 1010
x-amz-cf-id: iP-JtqXnFB5eunWVXzrsMVHdkJQBO3uCNtzhPMQv3AmpLLPDEr99Cw==

GET
H2 200 jscrollpane.gz.js Show response
images.gmanetwork.com/res/dist/js/plugins/ 14 KB
5 KB 121ms
94ms Script
application/javascript 13.224.119.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/plugins/jscrollpane.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.119.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-119-58.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7cdbfc4262e966041c8dd26a5ba6996cff3991b180fd01f3d24f726ef4f780a1

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:22 GMT
content-encoding: gzip
last-modified: Tue, 01 Sep 2020 08:31:53 GMT
server: AmazonS3
age: 7
etag: "28046dd731aab769ae5b12f1d6bc558f"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 546db6834bf5885f55b5457c969e7ad6.cloudfront.net (CloudFront)
cache-control: max-age=120
x-amz-cf-pop: MAD50-C1
content-length: 4738
x-amz-cf-id: 8c-xNxs7_31gyHwmfH6hSDwjHwK_RDqjsIUjlZ0QWisQyqj-ExpOkA==

GET
H2 200 jstorage.gz.js Show response
images.gmanetwork.com/res/dist/js/plugins/ 8 KB
3 KB 154ms
127ms Script
application/javascript 13.224.119.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/plugins/jstorage.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.119.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-119-58.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e362a1e3d92a5cbd936c2ae0460c62af5f231a2edadd05034e13e6b0ee9b1f81

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:22 GMT
content-encoding: gzip
last-modified: Tue, 01 Sep 2020 08:31:53 GMT
server: AmazonS3
age: 7
etag: "daee76b0a24dd7aefe25054edaf655c9"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 546db6834bf5885f55b5457c969e7ad6.cloudfront.net (CloudFront)
cache-control: max-age=120
x-amz-cf-pop: MAD50-C1
content-length: 2787
x-amz-cf-id: ykXWCZBUVbd1UvOS8GieKuuRGhsqnP5DrrCYpTFSW8XuSBI3VQ5XVQ==

GET
H2 200 jquery.ck.gz.js Show response
images.gmanetwork.com/res/dist/js/plugins/ 1 KB
1 KB 121ms
94ms Script
application/javascript 13.224.119.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/plugins/jquery.ck.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.119.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-119-58.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2e9422dcae50c91ac6103d603a3621effc774cf7c3ba15916710963e742282a4

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 01:07:23 GMT
content-encoding: gzip
last-modified: Tue, 01 Sep 2020 08:31:51 GMT
server: AmazonS3
age: 13713367
etag: "8604b7c9d2c133d5a85c47243e230a18"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 546db6834bf5885f55b5457c969e7ad6.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: MAD50-C1
content-length: 671
x-amz-cf-id: YWS9lfQIamkN2w9uj9mnHHQ9igWZZXsMSWAMrALVFbYcxXfisKvuzg==

GET
H2 200 lazyload_initial.gz.js Show response
images.gmanetwork.com/res/dist/js/ 605 B
674 B 149ms
122ms Script
application/javascript 13.224.119.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/lazyload_initial.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.119.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-119-58.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 80a67a582fed34d5f1c3a3cbd37d3fb1866c6f02cd05d9dac1cec59d97be1d07

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:23 GMT
content-encoding: gzip
last-modified: Tue, 01 Sep 2020 08:31:53 GMT
server: AmazonS3
age: 7
etag: "e949d36964c3e45e4c79f8dca154f3bc"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 546db6834bf5885f55b5457c969e7ad6.cloudfront.net (CloudFront)
cache-control: max-age=120
x-amz-cf-pop: MAD50-C1
content-length: 320
x-amz-cf-id: HTlO3ez4gHgjwuSIvaqm5NZbefH4ROP7awVFrPLnJjn-t7lm0g_Hwg==

GET
H2 200 adsTracking.gz.js Show response
images.gmanetwork.com/res/dist/js/ 2 KB
916 B 122ms
95ms Script
application/javascript 13.224.119.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/adsTracking.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.119.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-119-58.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3bc2947b3cb9aab23eb5ef3b20b4b80aec5d43f4d4c4ef0717d9a09570fdd3ff

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:22 GMT
content-encoding: gzip
last-modified: Tue, 01 Sep 2020 08:31:52 GMT
server: AmazonS3
age: 7
etag: "93f097712e06b751009d552aeb30a029"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 546db6834bf5885f55b5457c969e7ad6.cloudfront.net (CloudFront)
cache-control: max-age=120
x-amz-cf-pop: MAD50-C1
content-length: 563
x-amz-cf-id: EuB9cRQXXBwq8d6kjDPs9hBnDltSAd-R7fGYoXYiKsF5tdDizMrzlw==

GET
H2 200 breaking_banner.gz.js Show response
images.gmanetwork.com/res/dist/js/widgets/ 7 KB
3 KB 122ms
95ms Script
application/javascript 13.224.119.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/widgets/breaking_banner.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.119.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-119-58.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3f78cb7ec4796fbf923d1c995bfa6aa339020b7778db02fe0d2089bf057ad1e1

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:22 GMT
content-encoding: gzip
last-modified: Mon, 16 Nov 2020 07:05:56 GMT
server: AmazonS3
age: 7
etag: "af00ceda359fe56d879fc6f01f00121f"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 546db6834bf5885f55b5457c969e7ad6.cloudfront.net (CloudFront)
cache-control: max-age=120
x-amz-cf-pop: MAD50-C1
content-length: 2238
x-amz-cf-id: BSKq68TQ24dyJOR5kR3i-pb9JxI16rXb9WvZ-RgKNcTAM5da2RYMQg==

GET
H2 200 moment.gz.js Show response
images.gmanetwork.com/res/dist/js/plugins/ 31 KB
11 KB 122ms
95ms Script
application/javascript 13.224.119.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/plugins/moment.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.119.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-119-58.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 42396341ae3c3d0cc59c90dc48397115f409545f964e955b9deceabe50b9aecf

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:23 GMT
content-encoding: gzip
last-modified: Tue, 01 Sep 2020 08:31:53 GMT
server: AmazonS3
age: 7
etag: "5d82b3499dbc4da498b3ae1654d597fa"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 546db6834bf5885f55b5457c969e7ad6.cloudfront.net (CloudFront)
cache-control: max-age=120
x-amz-cf-pop: MAD50-C1
content-length: 10811
x-amz-cf-id: _juhpiRNoEGBqLupI_WTWXQdN-_c9QGFziuWCmeLASiWTc7kaR1x3w==

GET
H2 200 custom_analytics.gz.js Show response
images.gmanetwork.com/res/dist/js/ 3 KB
1 KB 181ms
155ms Script
application/javascript 13.224.119.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/custom_analytics.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.119.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-119-58.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 58e76bcd9db528d7fe8acd4b6c6762256a84ab7d4d48ff54b4a4d64050323284

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:29 GMT
content-encoding: gzip
last-modified: Wed, 09 Sep 2020 06:16:46 GMT
server: AmazonS3
x-amz-cf-pop: MAD50-C1
etag: "9c297263698766e4dddc85dfca9e7b39"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 546db6834bf5885f55b5457c969e7ad6.cloudfront.net (CloudFront)
cache-control: max-age=120
content-length: 1003
x-amz-cf-id: YghU2eDDb7_0DOPznfWT5WF0251g2W2HRczKauYZFebCwpCyo2JY5A==

GET
H2 200 listen_new_ad_exec.gz.js Show response
images.gmanetwork.com/res/dist/js/third_party/ 927 B
814 B 122ms
96ms Script
application/javascript 13.224.119.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/third_party/listen_new_ad_exec.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.119.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-119-58.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 881c83b3b2713d24d5b5d0c45043c5c67e6b1c21a9fc821cab1b5223f3c654e3

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:22 GMT
content-encoding: gzip
last-modified: Fri, 04 Sep 2020 02:59:00 GMT
server: AmazonS3
age: 7
etag: "c7856e565fd5a26de83adebd617c9d0f"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 546db6834bf5885f55b5457c969e7ad6.cloudfront.net (CloudFront)
cache-control: max-age=120
x-amz-cf-pop: MAD50-C1
content-length: 460
x-amz-cf-id: Y70LJ64aw_-sqUQ61oF6aJrrWr-PBVxnaYsXCbqkvQnXRFK2VFuUvQ==

GET
H2 200 moat_content_tag.gz.js Show response
images.gmanetwork.com/res/dist/js/third_party/ 3 KB
2 KB 135ms
110ms Script
application/javascript 13.224.119.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/third_party/moat_content_tag.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.119.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-119-58.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fcd9b5232e83a460316b49b7ae2c1bd73222f00167bc9b70adda941919c6be1a

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:22 GMT
content-encoding: gzip
last-modified: Tue, 01 Sep 2020 08:31:53 GMT
server: AmazonS3
age: 7
etag: "9a27b0e509317f529b45258332d629d3"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 546db6834bf5885f55b5457c969e7ad6.cloudfront.net (CloudFront)
cache-control: max-age=120
x-amz-cf-pop: MAD50-C1
content-length: 1321
x-amz-cf-id: ELWOpSN8I117psKwrlUeTDePiOB5fU4RgSILfH50VlBpoUm8NVfUkg==

GET
H2 200 alexa.gz.js Show response
images.gmanetwork.com/res/dist/js/third_party/ 298 B
599 B 149ms
123ms Script
application/javascript 13.224.119.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/third_party/alexa.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.119.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-119-58.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0bb2cc51ed094008a0c4720b3086c1c7ddea74192c32aad90439e23c00a64bcc

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:22 GMT
content-encoding: gzip
last-modified: Tue, 01 Sep 2020 08:31:53 GMT
server: AmazonS3
age: 7
etag: "d652c9c37f20553bc41d2a2aaaeede88"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 546db6834bf5885f55b5457c969e7ad6.cloudfront.net (CloudFront)
cache-control: max-age=120
x-amz-cf-pop: MAD50-C1
content-length: 245
x-amz-cf-id: tsuf7HxtGxS1BuMzLHkJLNhGh60MvhgWzJZsB-zmnYXgEW_AqHHGQg==

GET
H2 200 akamai.gz.js Show response
images.gmanetwork.com/res/dist/js/third_party/ 913 B
903 B 148ms
123ms Script
application/javascript 13.224.119.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/third_party/akamai.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.119.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-119-58.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1626bb546b447d9ef6b8772bae92b22e6613ef7b65b21444c7efe3437ef48677

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:23 GMT
content-encoding: gzip
last-modified: Tue, 01 Sep 2020 08:31:53 GMT
server: AmazonS3
age: 7
etag: "3017dbe185848a3c96b759bc9535e63f"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 546db6834bf5885f55b5457c969e7ad6.cloudfront.net (CloudFront)
cache-control: max-age=120
x-amz-cf-pop: MAD50-C1
content-length: 549
x-amz-cf-id: cQuHvFll4OdkjqwZGsVSNUquI8P7D1wRA_l25TLo5dpbi5h-2dmSgw==

GET
H2 200 allianz_message_listener.gz.js Show response
images.gmanetwork.com/res/dist/js/third_party/ 1 KB
817 B 149ms
124ms Script
application/javascript 13.224.119.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/third_party/allianz_message_listener.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.119.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-119-58.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9cf97a6958f2ba4a3942a9add3202f4f32dc43fd7f637038968550806b92de56

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:23 GMT
content-encoding: gzip
last-modified: Mon, 21 Sep 2020 04:28:51 GMT
server: AmazonS3
age: 7
etag: "fb7eae206ed960080a010d16b45dd7ef"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 546db6834bf5885f55b5457c969e7ad6.cloudfront.net (CloudFront)
cache-control: max-age=120
x-amz-cf-pop: MAD50-C1
content-length: 464
x-amz-cf-id: phaywoRNT-aLX6UzoGbF8HlXmgSgOKiErs9o_zIXlRh6wVicCeYGyA==

GET
H2 200 facebook_sdk.gz.js Show response
images.gmanetwork.com/res/dist/js/third_party/ 354 B
632 B 150ms
125ms Script
application/javascript 13.224.119.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/third_party/facebook_sdk.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.119.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-119-58.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 530e7f85a527a573329c03e2db7b3862913d14025efb3f4aa4b026f9160600ee

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:23 GMT
content-encoding: gzip
last-modified: Tue, 01 Sep 2020 08:31:53 GMT
server: AmazonS3
age: 7
etag: "f7a7fa9aea46c23122f0adcebccfac2a"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 546db6834bf5885f55b5457c969e7ad6.cloudfront.net (CloudFront)
cache-control: max-age=120
x-amz-cf-pop: MAD50-C1
content-length: 280
x-amz-cf-id: rpRzPipsOXBZZbYYiD16ffK0ufI4i0ftYQYdCfsHetqNNd3xSP6PbA==

GET
H2 200 facebook_pixel.gz.js Show response
images.gmanetwork.com/res/dist/js/third_party/ 471 B
676 B 149ms
124ms Script
application/javascript 13.224.119.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/third_party/facebook_pixel.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.119.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-119-58.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ae1947a2826e5e189f4a57f8d6a2e8cadf74cfc1bc4b529489b2bbfd802bfd14

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:23 GMT
content-encoding: gzip
last-modified: Tue, 01 Sep 2020 08:31:53 GMT
server: AmazonS3
age: 7
etag: "6d84ecc4d5d843913f4b88387f8a4d80"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 546db6834bf5885f55b5457c969e7ad6.cloudfront.net (CloudFront)
cache-control: max-age=120
x-amz-cf-pop: MAD50-C1
content-length: 323
x-amz-cf-id: k5R2a6GUKjgdMt3nlPEcR7K1DlOhCv2s0tTJ6bwoKyUPdaswgxDVJw==

GET
H2 200 google_em_scripts.gz.js Show response
images.gmanetwork.com/res/dist/js/third_party/ 486 B
689 B 150ms
125ms Script
application/javascript 13.224.119.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/third_party/google_em_scripts.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.119.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-119-58.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c6459f5c8dc1dc1bd6581f0517d67b3d55c143cc419615d4ab772b2b3f24a2c4

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:23 GMT
content-encoding: gzip
last-modified: Wed, 09 Sep 2020 06:16:46 GMT
server: AmazonS3
age: 7
etag: "ad5eec8cd331a2c6305d43e14c26d545"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 546db6834bf5885f55b5457c969e7ad6.cloudfront.net (CloudFront)
cache-control: max-age=120
x-amz-cf-pop: MAD50-C1
content-length: 336
x-amz-cf-id: HrXi1xRhmOhmqF2zmQIRffPkn3RD4KR3P0RozrNermrSDiNWcgwyQQ==

GET
H2 200 _ie_notification.gz.js Show response
images.gmanetwork.com/res/dist/js/partials/ 1 KB
873 B 150ms
126ms Script
application/javascript 13.224.119.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/partials/_ie_notification.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.119.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-119-58.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89919930da4c7d0f027496907625bb5d97db45b07ca75582ca850b72cad1a44b

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:22 GMT
content-encoding: gzip
last-modified: Tue, 01 Sep 2020 08:31:53 GMT
server: AmazonS3
age: 7
etag: "7ce56ff5e120485ecf770418513dfd5b"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 546db6834bf5885f55b5457c969e7ad6.cloudfront.net (CloudFront)
cache-control: max-age=120
x-amz-cf-pop: MAD50-C1
content-length: 519
x-amz-cf-id: 4GWQnFDvmeZ_lHFw7b2DnejBm-_NTL86PLziMBXHsbA6uppopv4KBQ==

GET
H2 200 interstitial_ads.gz.js Show response
images.gmanetwork.com/res/dist/js/ads/ 620 B
668 B 178ms
156ms Script
application/javascript 13.224.119.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/ads/interstitial_ads.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.119.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-119-58.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 12185420516acfdda1713b70ae0b7d4377cfa88a42bb66bd0b928aaa414dcb28

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:29 GMT
content-encoding: gzip
last-modified: Tue, 01 Sep 2020 08:31:52 GMT
server: AmazonS3
x-amz-cf-pop: MAD50-C1
etag: "aadbbd983e2bb6adc3902fb1dc3835b9"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 546db6834bf5885f55b5457c969e7ad6.cloudfront.net (CloudFront)
cache-control: max-age=120
content-length: 320
x-amz-cf-id: Fs2nNJUEQ0bqOwSqyt0n7kxfVz2taRxu6qZRC9rYVV7BoYibFDayMQ==

GET
H2 200 permanent-url.gz.js Show response
images.gmanetwork.com/res/dist/js/ 1 KB
743 B 148ms
126ms Script
application/javascript 13.224.119.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/permanent-url.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.119.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-119-58.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ad6f29ca8a46fd6ceea1d1ccbd28f0bcf41ae8193ca25369da72d1212bba73b4

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:23 GMT
content-encoding: gzip
last-modified: Tue, 01 Sep 2020 08:31:53 GMT
server: AmazonS3
age: 7
etag: "56a5224595e912c9afb1def78e5dfed0"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 546db6834bf5885f55b5457c969e7ad6.cloudfront.net (CloudFront)
cache-control: max-age=120
x-amz-cf-pop: MAD50-C1
content-length: 390
x-amz-cf-id: LpyUNkpQP4DZJ--cLC3WKL93c3aKGR5KZpbp5fp605DWkm3_0mw3og==

GET
H2 200 header.gz.js Show response
images.gmanetwork.com/res/dist/js/ 2 KB
925 B 164ms
143ms Script
application/javascript 13.224.119.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/header.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.119.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-119-58.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dd50088ddee3d663d0a5fa745b9a24a139398fef46685aef75987a881ddf2523

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:22 GMT
content-encoding: gzip
last-modified: Fri, 26 Mar 2021 10:12:16 GMT
server: AmazonS3
age: 7
etag: "9d0e849bf7cfe58e99954c4a095a9cfe"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 546db6834bf5885f55b5457c969e7ad6.cloudfront.net (CloudFront)
cache-control: max-age=120
x-amz-cf-pop: MAD50-C1
content-length: 571
x-amz-cf-id: fdREC_Jd27fUAbhK8Cj-OqKpLjwiKNFoj1oVSCiiV3uUrI9v4qafHQ==

GET
H2 200 cross_sell.gz.js Show response
images.gmanetwork.com/res/dist/js/consolidated/ 100 KB
26 KB 174ms
153ms Script
application/javascript 13.224.119.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/consolidated/cross_sell.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.119.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-119-58.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 81a935f45850ccb6970a821de458801d7ca72b56ac31b5f13607eacbefb794e5

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:22 GMT
content-encoding: gzip
last-modified: Thu, 08 Apr 2021 02:10:27 GMT
server: AmazonS3
age: 7
etag: "f1189375fb2c464211496fb4c58d7508"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 546db6834bf5885f55b5457c969e7ad6.cloudfront.net (CloudFront)
cache-control: max-age=120
x-amz-cf-pop: MAD50-C1
content-length: 25888
x-amz-cf-id: iyqr_S0Noi03yPR0p_T0Y0VwnzitlNR5fcklP7zbcEwdcFgE8FFwYQ==

GET
H2 200 story.cec1622ae1cc309f4ef917cbc03f2a63.gz.js Show response
images.gmanetwork.com/res/dist/js/consolidated/hash/ 316 KB
77 KB 164ms
144ms Script
application/javascript 13.224.119.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/consolidated/hash/story.cec1622ae1cc309f4ef917cbc03f2a63.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.119.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-119-58.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 24a54f9f01ce9a671184c9d6e7c8d0f8acaa473d0631911cae13b71e0dae0341

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 19:26:05 GMT
content-encoding: gzip
last-modified: Mon, 29 Mar 2021 11:06:07 GMT
server: AmazonS3
age: 428245
etag: "42e4cb77ffbbed20806f212fdaa35aa9"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 546db6834bf5885f55b5457c969e7ad6.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: MAD50-C1
content-length: 78676
x-amz-cf-id: FgoKBF1rgc6IwEGg4LGOHJI66_CW7xE85bmKABQ0QAw8_1gIfhHXiQ==

GET
H2 200 unruly.gz.js Show response
images.gmanetwork.com/res/dist/js/third_party/ 52 B
424 B 171ms
151ms Script
application/javascript 13.224.119.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/third_party/unruly.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.119.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-119-58.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2c905617c98925807a6fdf98d7ead4be0f281661de8de7e061af32bbc328eeab

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:23 GMT
content-encoding: gzip
last-modified: Tue, 01 Sep 2020 08:31:53 GMT
server: AmazonS3
age: 7
etag: "bfe18942cb6e66c9d2c68b7b3854f034"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 546db6834bf5885f55b5457c969e7ad6.cloudfront.net (CloudFront)
cache-control: max-age=120
x-amz-cf-pop: MAD50-C1
content-length: 72
x-amz-cf-id: 6eTogsQwZ4lOXHx22J15scP5eVsbTDLaKsjT-So3AN_1_0BNp6SLTQ==

GET
H2 200 btstrap_min_e10-viewport_js.gz Show response
images.gmanetwork.com/res22/js/btstrap/ 31 KB
9 KB 172ms
152ms Script
text/javascript 13.224.119.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res22/js/btstrap/btstrap_min_e10-viewport_js.gz
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.119.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-119-58.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7040f351fa93cddd426c4978c3cd5938173a69efc3365986135fda7da0cb5c67

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:22 GMT
content-encoding: gzip
last-modified: Wed, 06 Apr 2016 11:40:21 GMT
server: AmazonS3
age: 7
etag: "2266bd8d5c0a99c405f3b63cdac76983"
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 546db6834bf5885f55b5457c969e7ad6.cloudfront.net (CloudFront)
cache-control: max-age=120
x-amz-cf-pop: MAD50-C1
content-length: 8618
x-amz-cf-id: Ha3gk179ASiVHCAbuL3dl7maaNFYkc1Vi_qOmLbLaIYPP77f9MjwRg==

GET
H2 200 4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v15/ 33 KB
34 KB 27ms
22ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v15/4iCs6KVjbNBYlgoKfw72.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?display=swap&family=PT+Sans%7CLato:300,400,700%7CUbuntu:300,400%7CSource+Sans+Pro:400,600%7CUbuntu+Condensed%7COswald:400,300,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f4524f7e1a87079bc50a64681f880ccf3e6f5db1ec5fc27949377532a3881da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.gmanetwork.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:02:57 GMT
server: sffe
age: 29991
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34260
x-xss-protection: 0
expires: Mon, 18 Apr 2022 10:03:38 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 16 KB
16 KB 24ms
22ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.gmanetwork.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 02:03:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:09 GMT
server: sffe
age: 318027
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16112
x-xss-protection: 0
expires: Fri, 15 Apr 2022 02:03:02 GMT

GET
H2 200 side_adv.png
images.gmanews.tv/v3/img/ 677 B
1017 B 205ms
45ms Image
image/png 13.224.119.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.gmanews.tv/v3/img/side_adv.png
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.119.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-119-14.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3d85bf6dc7e193ba6aba1c7f19fa7cff8480f6a424f7511d30dd93c098fac77f

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 20:37:41 GMT
via: 1.1 06bb36c6f8415e5c64e03df316bffb5b.cloudfront.net (CloudFront)
last-modified: Fri, 01 Apr 2016 01:22:17 GMT
server: AmazonS3
age: 423949
etag: "d011246b48da6e449ffcef2d3d6a48f9"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000,public
x-amz-cf-pop: MAD50-C1
content-length: 677
x-amz-cf-id: f2TUzt91DTODhVP5uQce8OsWv-1BKJwy5sWROjwjTZigOiVgYJ8Cpg==

GET
H2 200 ellipsis.svg
images.gmanetwork.com/res/img/ 6 KB
1 KB 68ms
54ms Image
image/svg+xml 13.224.119.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.gmanetwork.com/res/img/ellipsis.svg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.119.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-119-58.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b22313fd719ae7c104f6bc4be142ffb0b9d2f5c604ab92163ec18a628927ce99

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Nov 2020 02:12:28 GMT
content-encoding: gzip
last-modified: Tue, 05 Nov 2019 09:48:18 GMT
server: AmazonS3
age: 13623062
etag: W/"6373ba91f5bae052a2ca12af09659d66"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 546db6834bf5885f55b5457c969e7ad6.cloudfront.net (CloudFront)
cache-control: max-age=31536000,public
x-amz-cf-pop: MAD50-C1
x-amz-cf-id: gmyDu-HIgsXbt4uJWfN-ArQBF9x2ypY0OVVjICanM__qGIGeeE7zIg==

GET
H2 200 MuseoSans-500.otf
images.gmanetwork.com/res/fonts/MuseoSans/ 62 KB
62 KB 256ms
137ms Font
application/vnd.oasis.opendocument.formula-template 13.224.119.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/fonts/MuseoSans/MuseoSans-500.otf
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.119.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-119-58.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e6017bdf5d16d3357b1bf6848ef88af9389a7cb3b4e54f5a8a276676bb0efb65

Request headers

Origin: https://www.gmanetwork.com
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:22:57 GMT
via: 1.1 a79264f1781916a9abe8d5b96e40a058.cloudfront.net (CloudFront)
age: 33
x-cache: Hit from cloudfront
content-length: 63024
last-modified: Wed, 24 Mar 2021 06:49:23 GMT
server: AmazonS3
etag: "032337e82232f53e67317d5f6680d729"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: application/vnd.oasis.opendocument.formula-template
access-control-allow-origin: https://www.gmanetwork.com
access-control-expose-headers: ETag
cache-control: max-age=120
access-control-allow-credentials: true
x-amz-cf-pop: MAD50-C1
x-amz-cf-id: am-JAJwrOFoBn7L1_-Huzk2OHuR3nnvHBfZ1G42IC28wNnnw0tMKZQ==

GET
H2 200 MuseoSans-700.otf
images.gmanetwork.com/res/fonts/MuseoSans/ 63 KB
63 KB 212ms
93ms Font
application/vnd.oasis.opendocument.formula-template 13.224.119.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/fonts/MuseoSans/MuseoSans-700.otf
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.119.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-119-58.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6f0e7735adfcdf2111bdd4128aeff3912c579c0dd0fb415553327c3da059ab4d

Request headers

Origin: https://www.gmanetwork.com
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:22:57 GMT
via: 1.1 a79264f1781916a9abe8d5b96e40a058.cloudfront.net (CloudFront)
age: 33
x-cache: Hit from cloudfront
content-length: 64088
last-modified: Wed, 24 Mar 2021 06:49:23 GMT
server: AmazonS3
etag: "1087c6a9da22ebf924be80a001a84d2f"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: application/vnd.oasis.opendocument.formula-template
access-control-allow-origin: https://www.gmanetwork.com
access-control-expose-headers: ETag
cache-control: max-age=120
access-control-allow-credentials: true
x-amz-cf-pop: MAD50-C1
x-amz-cf-id: UX0VazwgdqWGX-6o_vV6TlgDq7rQmmWZ9A_SF9TuRRaLgJToybCTAQ==

GET
H2 200 Lora-Regular.ttf
images.gmanetwork.com/res/fonts/Lora/ 121 KB
61 KB 212ms
93ms Font
application/font-sfnt 13.224.119.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/fonts/Lora/Lora-Regular.ttf
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.119.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-119-58.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 359501180b779548ad4e1ca74f38b08474350c38bed64ad69b278837d179e792

Request headers

Origin: https://www.gmanetwork.com
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:22:57 GMT
content-encoding: gzip
age: 33
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.gmanetwork.com
last-modified: Wed, 24 Mar 2021 06:49:23 GMT
server: AmazonS3
etag: W/"c684a3de5c014a61d5139d5b97da99fc"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: application/font-sfnt
via: 1.1 a79264f1781916a9abe8d5b96e40a058.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
cache-control: max-age=120
access-control-allow-credentials: true
x-amz-cf-pop: MAD50-C1
x-amz-cf-id: 3Nbje3PZMsjYG-_xzCdh6KmY-puqTuV-9zna-gXUmfeWXfH9B1GERQ==

GET
H2 200 Lora-Bold.ttf
images.gmanetwork.com/res/fonts/Lora/ 121 KB
63 KB 178ms
60ms Font
application/font-sfnt 13.224.119.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/fonts/Lora/Lora-Bold.ttf
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.119.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-119-58.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 51906a46cedc27ed5e349475e3bf0eb36d464f0e642eaad0f3d430f5f89af2bf

Request headers

Origin: https://www.gmanetwork.com
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:22:57 GMT
content-encoding: gzip
age: 33
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.gmanetwork.com
last-modified: Wed, 24 Mar 2021 13:03:05 GMT
server: AmazonS3
etag: W/"eec9b1b134bfc16624d240b70db7ed59"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: application/font-sfnt
via: 1.1 a79264f1781916a9abe8d5b96e40a058.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
cache-control: max-age=120
access-control-allow-credentials: true
x-amz-cf-pop: MAD50-C1
x-amz-cf-id: lCKZVMwSIuERw2ti6Gc3TLbwDhkFnynwS6FSMc9so_l26UTLLJhZZA==

GET
H2 200 pubads_impl_2021041301.js Show response
securepubads.g.doubleclick.net/gpt/ 295 KB
104 KB 31ms
30ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041301.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

31e420b79e7760a7860ed2fb595c4f11b498559791571fed7eb22be20c7fa5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Apr 2021 08:38:34 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106168
x-xss-protection: 0
expires: Sun, 18 Apr 2021 18:23:29 GMT

GET
H2 200 put.html Show response
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame CF4D 416 B
798 B 30ms
30ms Document
text/html 104.108.145.107
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.107 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-107.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /nanoWidget/externals/cookie/put.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gmanetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "c0311cf15c21ddda054005e92fad3f9e:1618744635.939316"
last-modified: Sun, 18 Apr 2021 11:01:42 GMT
server: AkamaiNetStorage
content-length: 416
cache-control: max-age=345600
date: Sun, 18 Apr 2021 18:23:29 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
set-cookie: akacd_widgets_routing=1618770209~rv=2~id=eb329876bead8ea3e8ba00ba5c038c46; path=/; Expires=Sun, 18 Apr 2021 18:23:29 GMT; Secure; SameSite=None

GET
H/1.1 200
OK d3d3LmdtYW5ldHdvcmsuY29t Show response
tcheck.outbrainimg.com/tcheck/check/ 15 B
462 B 97ms
30ms XHR
application/json 104.108.145.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/d3d3LmdtYW5ldHdvcmsuY29t
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.205 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-205.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Apr 2021 18:23:29 GMT
ETag: W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=19086
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: 51c44f3a98a9621fc1162e505836bd7d
Content-Length: 15
Expires: Sun, 18 Apr 2021 23:41:35 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
450 B 35ms
32ms Image
image/gif 104.108.145.107
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=1.6549938623081661
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.107 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-107.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:29 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
expires: Tue, 18 May 2021 18:23:29 GMT

GET
H3-29 200 www-widgetapi.js Show response
www.youtube.com/s/player/e0d06a61/www-widgetapi.vflset/ 109 KB
39 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e0d06a61/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/player_api

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

688787521ed7834cc36e290802e240d5003d419188c265ad7b50e4e2e9128bd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 05:03:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 15 Apr 2021 00:18:36 GMT
server: sffe
age: 47972
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39492
x-xss-protection: 0
expires: Mon, 18 Apr 2022 05:03:57 GMT

GET
H3-29 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ 14 KB
14 KB 15ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?display=swap&family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.gmanetwork.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:22 GMT
server: sffe
age: 29991
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14380
x-xss-protection: 0
expires: Mon, 18 Apr 2022 10:03:38 GMT

GET
H2 200 fontello.woff
images.gmanews.tv/res/fonts/social/ 8 KB
8 KB 158ms
53ms Font
application/font-woff 13.224.119.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanews.tv/res/fonts/social/fontello.woff
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.119.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-119-14.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d59c24b766c8088486b920c1c36e1b3576cd415528dc01a486d3d97c776a2c8b

Request headers

Origin: https://www.gmanetwork.com
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:22:56 GMT
via: 1.1 a72068a5d77ecba7daccda339a668499.cloudfront.net (CloudFront)
age: 37
x-cache: Hit from cloudfront
content-length: 7812
last-modified: Tue, 05 Nov 2019 09:48:08 GMT
server: AmazonS3
etag: "9f972961c468281bf7ee69deec7839e9"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: application/font-woff
access-control-allow-origin: https://www.gmanetwork.com
access-control-expose-headers: ETag
cache-control: max-age=120,public
access-control-allow-credentials: true
x-amz-cf-pop: MAD50-C1
x-amz-cf-id: F_asRG4Z9GTZS0HUs-BCQ07dCIOlABx73m8wgpA19YHbum3ObyqpKA==

GET
H3-29 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ 23 KB
23 KB 11ms
8ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.gmanetwork.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
age: 29991
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
expires: Mon, 18 Apr 2022 10:03:38 GMT

GET
H2 200 gma-header-logo.svg
aphrodite.gmanetwork.com/ 2 KB
1 KB 33ms
33ms Image
image/svg+xml 2600:9000:2021:9c00:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/gma-header-logo.svg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2021:9c00:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4265686660c12d10f6954d8dec60884933d680f10dd79a4ff7a76c016d62f39a

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Fri, 03 Apr 2020 07:47:19 GMT
server: AmazonS3
age: 54136
etag: W/"6070135b0880a0cca74ba0fc1221e24f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 c126163fdc452c400ffe65744c8b6612.cloudfront.net (CloudFront)
date: Sun, 18 Apr 2021 05:43:35 GMT
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: a2eg-02L4a7CSW7xaHZx6P-w6TNZgKYyrzAFwXEULsOz-MyQUJievQ==
x-amz-meta-s3b-last-modified: 20200403T073750Z

GET
H2 200 moatcontent.js Show response
z.moatads.com/gmanmicontent461752070830/ 178 KB
58 KB 168ms
107ms Script
application/x-javascript 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/gmanmicontent461752070830/moatcontent.js
Requested by: Host: images.gmanetwork.com
URL: https://images.gmanetwork.com/res/dist/js/third_party/moat_content_tag.gz.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 5b3b78542673c46b4299265778cc870a3fe7d4bffc70cb1cac9c0e5199432c79

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:29 GMT
content-encoding: gzip
last-modified: Mon, 24 Aug 2020 16:48:35 GMT
server: AmazonS3
x-amz-request-id: 5CC3EC10A312AFB2
etag: "5d09d15e235e777027a70f856982a114"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=42849
accept-ranges: bytes
content-length: 58484
x-amz-id-2: 6FZcnEPZAblt7OgTuHldZhfIYmg3MvrvMr8xWF11Sh4ubqx4bGAsL/4/1w0T/7EbqivKMMOQTPQ=

GET
H/1.1 200
OK atrk.js Show response
d31qbv1cthcecs.cloudfront.net/ 4 KB
2 KB 128ms
39ms Script
application/javascript 13.33.139.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by: Host: images.gmanetwork.com
URL: https://images.gmanetwork.com/res/dist/js/third_party/alexa.gz.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.139.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-139-96.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 57d87f4202b259833def537015880ebd3733bb40d19c95df1da49ba126c3b397

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 31 Mar 2021 18:06:02 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Wed, 31 Mar 2021 18:01:58 GMT
Server: AmazonS3
Age: 1556248
ETag: W/"22e062f70826be118ae2cae04b9fa227"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 66fb345923f3acbd40f99fbda8e88694.cloudfront.net (CloudFront)
Cache-Control: max-age=26920000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: CPH50-C2
X-Amz-Cf-Id: 6RnZ1cXHmgmtFY3VKuNxX32gLN7t3WA1t7HdLBF0V1h3XY1x9gPCeQ==

GET
H2 200 FG65A-Y848M-3TACG-B2LGY-Y72BW Show response
s.go-mpulse.net/boomerang/ Frame 468B 202 KB
49 KB 26ms
8ms Script
application/javascript 2a02:26f0:7100:199::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/FG65A-Y848M-3TACG-B2LGY-Y72BW
Requested by: Host: images.gmanetwork.com
URL: https://images.gmanetwork.com/res/dist/js/third_party/akamai.gz.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:7100:199::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 9fb974b84a129972abbd1e2e5cfdf685cab5f6f22d881adf3845bc73b43eb4ad

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:29 GMT
content-encoding: br
last-modified: Tue, 16 Feb 2021 11:39:37 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 50141

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 8ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: images.gmanetwork.com
URL: https://images.gmanetwork.com/res/dist/js/third_party/facebook_sdk.gz.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7747ea5ee2b970e18bf72e361a8d062e69451374d41d63bfea73febc637ebcd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: pnE86l5Vh2G56ntuVmT70g==
cross-origin-resource-policy: cross-origin
expires: Sun, 18 Apr 2021 18:26:50 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1779
x-fb-rlafr: 0
x-fb-debug: fCI1/FgpyC51Q/PDaX/rIFs3t5bowA/2tTz5Di0I4uHxCT6QWNUG+vxXGYiUrioKNv1qQTnlNu0cpvD5ASybog==
x-fb-trip-id: 917726464
x-fb-content-md5: 31e3b238b84dcbd8c48a1a0311c4ffac
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sun, 18 Apr 2021 18:23:29 GMT
x-frame-options: DENY
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "eed09cdb350466948cf25465c588d8e2"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 92 KB
24 KB 9ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: images.gmanetwork.com
URL: https://images.gmanetwork.com/res/dist/js/third_party/facebook_pixel.gz.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

98e6165f4ca935ed2cd034d3f71ed277bfa1b20b684fb180a7935d2c4b853bf4

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23963
x-fb-rlafr: 0
pragma: public
x-fb-debug: kFtmX0DEOnG7MSpIHMt+b9YF5B+uYq9oukBdd6KQFdkkyXYY4EQchZcyKdXLyxtDqvJ8Nwz3GK5AUmWdmxCUGQ==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sun, 18 Apr 2021 18:23:29 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 124 KB
47 KB 28ms
27ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TQZBRMKGV4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-242242-2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e65d0a24b75f34788ddfcf6f568d4b0144bf3969a3c95521ee0d37d758c4c806

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:29 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48589
x-xss-protection: 0
expires: Sun, 18 Apr 2021 18:23:29 GMT

GET
H2 200 54.gz Show response
data.gmanetwork.com/gno/embeds/ 113 B
625 B 392ms
251ms XHR
text/plain 13.224.119.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data.gmanetwork.com/gno/embeds/54.gz?id=54&container=body
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-119-77.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 38cc8429547f36e861f3dfae167ebde8d9142230888415f764142fcbdc095feb

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:30 GMT
content-encoding: gzip
x-amz-cf-pop: MAD50-C1
x-cache: RefreshHit from cloudfront
content-length: 121
access-control-allow-origin: https://www.gmanetwork.com
last-modified: Thu, 17 Sep 2020 09:23:24 GMT
server: AmazonS3
etag: "af0e7de81f47c8c31450378fcb992f9e"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: text/plain
via: 1.1 3a5cd718bb9eb50d9c931e1f7586b5a8.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
access-control-allow-credentials: true
x-amz-cf-id: Lsj04jrRZCl9ic5PLTF2AFH3s1ycwTkYY3da_wL4mhL_sprulLC3MA==

GET
H3-29 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 16 KB
16 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.gmanetwork.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:32 GMT
server: sffe
age: 29991
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15948
x-xss-protection: 0
expires: Mon, 18 Apr 2022 10:03:38 GMT

GET
H2 200 home.gz Show response
data.gmanetwork.com/gno/widgets/at_a_glance_lists/ 17 KB
5 KB 349ms
253ms XHR
application/json 13.224.119.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data.gmanetwork.com/gno/widgets/at_a_glance_lists/home.gz
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-119-77.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 60075ca51b64fab49b932d7cda20bf25238aeda02bac47569aeb802461fe35bb

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:30 GMT
content-encoding: gzip
x-amz-cf-pop: MAD50-C1
x-cache: RefreshHit from cloudfront
content-length: 4447
access-control-allow-origin: https://www.gmanetwork.com
last-modified: Sun, 18 Apr 2021 17:06:29 GMT
server: AmazonS3
etag: "2f82f3c32371e7d931f4f8944dd6c84b"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: application/json
via: 1.1 3a5cd718bb9eb50d9c931e1f7586b5a8.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
access-control-allow-credentials: true
x-amz-cf-id: 9HT17OXcMXZN2odC8ydGqhz6czL6g80yQX3FIEee6VznY9JFuGZr9Q==

GET
H2 200 authors.gz Show response
data.gmanetwork.com/gno/authors/ 24 KB
4 KB 131ms
49ms XHR
text/plain 13.224.119.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data.gmanetwork.com/gno/authors/authors.gz
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-119-77.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4fad05a1473de195f4e634fc8b9111126e6272002e22c03ae54cf8a8e127e345

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:22:56 GMT
content-encoding: gzip
age: 52
x-cache: Hit from cloudfront
content-length: 3777
access-control-allow-origin: https://www.gmanetwork.com
last-modified: Thu, 07 Nov 2019 09:29:02 GMT
server: AmazonS3
etag: "0f22b49eb29debd969aa3cceee175a83"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: text/plain
via: 1.1 3a5cd718bb9eb50d9c931e1f7586b5a8.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
cache-control: max-age=120
access-control-allow-credentials: true
x-amz-cf-pop: MAD50-C1
x-amz-cf-id: MEhdYBIwwlx_cC2y08MXceIw5aJWAzoS9qqqFfUgoB5aQ7DOhO1ffA==

GET
H/1.1 200
OK Script Show response
zdwidget3-bs.sphereup.com/zoomd/SearchUi/ 43 KB
16 KB 139ms
22ms Script
application/x-javascript 104.40.187.26
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=84092033&_=1618770208763
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.40.187.26 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f5daaf2ac11d08a55cb61c41d789f3936ed028fa3d50785e2480ec7ab638d504

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Apr 2021 18:23:29 GMT
Content-Encoding: gzip
X-AspNetMvc-Version: 5.2
Last-Modified: Sun, 18 Apr 2021 18:23:29 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: public, max-age=3600
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 16161
Expires: Sun, 18 Apr 2021 19:23:29 GMT

GET
DATA 200
OK truncated
/ 120 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0275ec366f3cf18830eb5708a3f72ea10baf05a2f946c541e30691fa60ba4b54

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 btb-logo-200px.svg
images.gmanetwork.com/res/img/ 10 KB
4 KB 48ms
48ms Image
image/svg+xml 13.224.119.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.gmanetwork.com/res/img/btb-logo-200px.svg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.119.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-119-58.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c2260a0c10c2fa8903fab19e7b218e5727e4e2ab04b5a68fec7fa9a2a0753a77

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 19:26:06 GMT
content-encoding: gzip
last-modified: Fri, 20 Dec 2019 04:01:32 GMT
server: AmazonS3
age: 428244
etag: W/"c79fa6a925bb4a37a11558abba1f8a5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 546db6834bf5885f55b5457c969e7ad6.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: MAD50-C1
x-amz-cf-id: 44LGe5teEDsNS8yD_mtftESGTvsdtTM8jGMOUnlHbAIMCmWom7QiYA==

GET
H2 200 placement_invocation Show response
ob.cheqzone.com/ 49 KB
20 KB 41ms
9ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: 4e9117f00b958920d6a594588c82bb74e5cf045d786c548b15b91ae65d11cc0f

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:29 GMT
content-encoding: br
cdn-edgestorageid: 481
cdn-cachedat: 2021-04-17 15:47:56
cdn-pullzone: 62714
cheq_headers_order: Content-Type Cache-Control Expires Etag Date Connection Content-Length
server: BunnyCDN-DE1-481
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cdn-cache: HIT
cdn-uid: 2642aeaf-0ebf-4c43-9f87-c153981605b2
cache-control: public, max-age=43200
cdn-requestid: 956667390ca98394bbcc04db833f5748
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 fontello.woff2
aphrodite.gmanetwork.com/assets/revamp/fonts/icons/ 14 KB
15 KB 124ms
53ms Font
binary/octet-stream 2600:9000:2021:9c00:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/fonts/icons/fontello.woff2
Requested by: Host: aphrodite.gmanetwork.com
URL: https://aphrodite.gmanetwork.com/assets/revamp/css/build/widgets/header_style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2021:9c00:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 10906b8c7ee290918a54bb5510854a38d276b9419e7f91d3781b7af6aeeaebfb

Request headers

Origin: https://www.gmanetwork.com
Referer: https://aphrodite.gmanetwork.com/assets/revamp/css/build/widgets/header_style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 3b78d7f6f4659eac59b9364313823247.cloudfront.net (CloudFront)
etag: "f7d914c20b6df8faac5c74ee903a3f9b"
x-amz-cf-pop: CPH50-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 14692
last-modified: Thu, 10 Oct 2019 12:34:10 GMT
server: AmazonS3
date: Sun, 18 Apr 2021 18:23:29 GMT
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: binary/octet-stream
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=120,public
x-amz-cf-id: cw9oZNebDTN3scMOgHLumFR9TVlfnRqzRxCTQed8JsboaVl8a3ffiQ==

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ 216 KB
64 KB 15ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=f60a4c959acd4984da9de9bd284b3bbd&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d3a8d1292d6249499f7729eb37b8bd23b5e40de7602353e01516f2aeb6ce79e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://www.gmanetwork.com
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: U3h2NSox7jBwsS3i48AErw==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 65488
x-fb-rlafr: 0
x-fb-debug: 2C/QKCcNK/M1IOZbBteaLzBgH14rcDK7jrxs5gl9+hUmog8/wMIkUTNDBU8OnYj8vcd4/L1bMx4F5YlFpR0b8w==
x-fb-content-md5: c5cd88df0f34837347b387d48bdc0c47
x-frame-options: DENY
date: Sun, 18 Apr 2021 18:23:29 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "6054302422b25f32171e462eb5133f3d"
timing-allow-origin: *
priority: u=3,i
expires: Mon, 18 Apr 2022 16:55:09 GMT

GET
H3-29 200 388790207987812 Show response
connect.facebook.net/signals/config/ 247 KB
71 KB 11ms
11ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/388790207987812?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c9ebef02058f5009b9cd0a4f3a422ab26f5c9f39439e1a9eb97ef9fffcc695ba

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 72388
x-fb-rlafr: 0
pragma: public
x-fb-debug: 2gjyFzMxKwFOF8IDcKpKAjsE26PkFdUin3ro+GvGhP56Yipz3CL8KNzCZXYd8kUNbfDEOGbqU0FH7oaOlc0IPw==
x-frame-options: DENY
date: Sun, 18 Apr 2021 18:23:29 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
174 B 13ms
13ms Ping
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-TQZBRMKGV4&gtm=2oe472&_p=1039767470&sr=1600x1200&ul=en-us&cid=662868343.1618770210&_s=1&dl=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fscitech%2Ftechnology%2F283585%2Fwarning-out-vs-new-cross-platform-malware%2Fstory%2F&dt=Warning%20out%20vs%20new%20cross-platform%20malware&sid=1618770209&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TQZBRMKGV4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 18 Apr 2021 18:23:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gmanetwork.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 283585.gz Show response
data.gmanetwork.com/585/gno/story/ 551 B
982 B 465ms
465ms XHR
text/html 13.224.119.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data.gmanetwork.com/585/gno/story/283585.gz
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-119-77.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ecc9d83cde16db61ae3dea4b675b408c84e35fe5b63171aca0f33003aaa345f1

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:29 GMT
via: 1.1 3a5cd718bb9eb50d9c931e1f7586b5a8.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: MAD50-C1
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.gmanetwork.com
access-control-expose-headers: ETag
access-control-allow-credentials: true
x-cache: Error from cloudfront
content-length: 551
x-amz-cf-id: 4qmnADP1zkc3GpynKdPq0wbByz8mQnNigQuYGS-1Iyc6kmUYdpv_sw==

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
552 B 115ms
37ms Image
image/gif 13.33.139.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Warning%20out%20vs%20new%20cross-platform%20malware&time=1618770209848&time_zone_offset=-120&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fscitech%2Ftechnology%2F283585%2Fwarning-out-vs-new-cross-platform-malware%2Fstory%2F&random_number=4573213155&sess_cookie=5617bc9b178e6392c3745af2eee&sess_cookie_flag=1&user_cookie=5617bc9b178e6392c3745af2eee&user_cookie_flag=1&dynamic=true&domain=gmanetwork.com&account=LssQl1aE+GW1O7&jsv=20130128&user_lang=en-US
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.139.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-139-128.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Apr 2021 02:20:45 GMT
Via: 1.1 169057b8db0fb379ccba5daa74680acd.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 57765
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: CPH50-C2
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: yZ6Sfxy-IWeT5FxKi0se_cbbtvp3hBcamQxzvxstB-Vs2kIP5BreMg==

GET
H2 200 test.html Show response
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame CF4D 610 B
992 B 53ms
52ms Document
text/html 104.108.145.107
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.107 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-107.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /nanoWidget/externals/cookie/test.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: thirdparty=yes
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html

Response headers

accept-ranges: bytes
content-type: text/html
etag: "48053d50141031b1511dbd30f9a31288:1618744636.717048"
last-modified: Sun, 18 Apr 2021 11:01:42 GMT
server: AkamaiNetStorage
content-length: 610
cache-control: max-age=345600
date: Sun, 18 Apr 2021 18:23:29 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
set-cookie: akacd_widgets_routing=1618770209~rv=85~id=970b4ab8bd962e9db6ab8ebea771702b; path=/; Expires=Sun, 18 Apr 2021 18:23:29 GMT; Secure; SameSite=None

GET
H2 200 show_pla Show response
obs.cheqzone.com/ 3 KB
2 KB 283ms
96ms Script
text/javascript 2600:1f18:e8a:cd02:882c:d916:bae1:7722
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.cheqzone.com/show_pla?id=65349&url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fscitech%2Ftechnology%2F283585%2Fwarning-out-vs-new-cross-platform-malware%2Fstory%2F&sf=0&k=&idx=0&ch=&ext=&np=linux%20x86_64&nv=google%20inc.&rand=842082967136580129225179417911858421818105515526915053089082098520&nc=0&tsf=0&tsfmi=&pv=0&cb=1618770210065&ref=&pit=1&hl=2&op=0&fs=1600x1200&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=2826626440&at=&bid=e30%3D&di=W1siZWYiLDQ4MTVdLFsxMiwie1wiZVwiOjAsXCJ3Z2xcIjoxfSJdLFstMSwiLSJdLFstMiwiMTQs%0D%0AWEh4ZzFqMHpFbEFRd0oxUUVja3Z6b3ZiY0FJWlNFRWpBaEpJUVFCd2dsOUY0Q0JBZ1FXZ2lkMExI%0D%0AQkJlT0dqYnZYM3FZeU02Lyt2enZTN0dvWEd3aC8rYk1samJUeWFvN09QZiJdLFstMywiW10iXSxb%0D%0ALTQsIi0iXSxbLTUsIi0iXSxbLTYsIntcIndcIjpbXCIwXCIsXCIkXCIsXCJqUXVlcnlcIixcImFf%0D%0AdFwiLFwibV90XCIsXCJoX3RcIixcInNfdFwiLFwiblwiLFwiZG9tYWluX25hbWVcIixcImJhc2Vf%0D%0AdXJsXCIsXCJCQVNFX1VSTFwiLFwiYXNzZXRzX3VybFwiLFwiYXNzZXRzX2RvbWFpblwiLFwianNf%0D%0AdXJsXCIsXCJjc3NfdXJsXCIsXCJkYXRhX3VybFwiLFwiZGlzdF91cmxcIixcInJlc291cmNlc19l%0D%0AbnZfdXJsXCIsXCJzdGF0aWNfc2VydmVyXCIsXCJhcHBzX3VybFwiLFwiZGVmYXVsdF96b25lX2lk%0D%0AXCIsXCJ6b25lX2lkXCIsXCJpc19sb2NhbFwiLFwiaXNfZGV2XCIsXCJpc190ZXN0MDAxXCIsXCJp%0D%0Ac190ZXN0XCIsXCJpc19saXZlXCIsXCJpc19kdXBsaWNhdGVcIixcImlzX2FkX3Rlc3RpbmdcIixc%0D%0AImRlYmF0ZV9mb2xkZXJcIixcImduZXdzX2FwcHVybFwiLFwiaXNfYXdzZGV2XCIsXCJpc1VzZXJB%0D%0AZ2VudE1vYmlsZVwiLFwibG9hZEhvbWVGdWxsXCIsXCJzM19pbWFnZXNfdXJsXCIsXCJ0aW1lc3Rh%0D%0AbXBcIixcIndpbmRvd193aWR0aFwiLFwiZGF0YV9leHRcIixcInJvdXRlclwiLFwibW9kdWxlXCIs%0D%0AXCJjb3VudGRvd25fdmlld1wiLFwiY291bnRyeUJ5cGFzc1wiLFwicHJlVVJMUmVzdHJ1Y3RBcnRp%0D%0AY2xlXCIsXCJwcmVVUkxSZXN0cnVjdFBob3RvXCIsXCJwcmVVUkxSZXN0cnVjdFZpZGVvXCIsXCJw%0D%0AcmVVUkxSZXN0cnVjdEFuYWx5dGljc1wiLFwiZXJfZGF0YV91cmxcIixcImUxOV9kYXRhX3VybFwi%0D%0ALFwiZTE5X2JhdGNoX2RhdGFcIixcInNtYXJ0X3NlYXJjaF9hcGlcIl0sXCJuXCI6W10sXCJkXCI6%0D%0AW119Il0sWy03LCItIl0sWy04LCItIl0sWy05LCItIl0sWy0xMCwiLSJdLFstMTEsIntcInRcIjpc%0D%0AIlwiLFwibVwiOltcInR3aXR0ZXI6dGl0bGVcIixcInR3aXR0ZXI6ZGVzY3JpcHRpb25cIixcIm9n%0D%0AOnRpdGxlXCIsXCJvZzpkZXNjcmlwdGlvblwiLFwiZGVzY3JpcHRpb25cIixcImtleXdvcmRzXCIs%0D%0AXCJuZXdzX2tleXdvcmRzXCJdfSJdLFstMTIsIm51bGwiXSxbLTEzLCItIl0sWy0xNCwie1wib1wi%0D%0AOjB9Il0sWy0xNSwiLSJdLFstMTYsIjAiXSxbLTE3LCIxNiJdLFstMTgsIlswLDAsMCwxXSJdLFst%0D%0AMTksIlswLDAsMCwwLDAsMCwxLDI0LDI0LFwiLVwiLDE2MDAsMTIwMCwxNjAwLDEyMDAsMTYwMCwx%0D%0AMjAwLDE2MDAsMTIwMCwwLDAsMCwwLFwiLVwiLFwiLVwiXSJdLFstMjAsIjY2Mjg2ODM0My4xNjE4%0D%0ANzcwMjEwIl0sWy0yMSwiaHRkeFJ2U3EiXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0yMywiKyJd%0D%0ALFstMjQsIltdIl0sWy0yNSwiLSJdLFstMjYsIntcInRqaHNcIjoxMDAwMDAwMCxcInVqaHNcIjox%0D%0AMDAwMDAwMCxcImpoc2xcIjozNzYwMDAwMDAwfSJdLFstMjcsIlswLDEwLDAsXCI0Z1wiLG51bGxd%0D%0AIl0sWy0yOCwiZW4tVVMiXSxbLTI5LCJ7XCJ2XCI6WzIsMiwyLDIsMCwwLDAsMiwwLDIsMCwyLDAs%0D%0AMCwyLDIsMiwyLDBdfSJdLFstMzAsIltcInZcIiwwXSJdLFstMzEsInRydWUiXSxbLTMyLCIyIl0s%0D%0AWy0zMywiLSJdLFstMzQsIi0iXSxbLTM1LCJbMTYxODc3MDIwOTk0MSwtMl0iXSxbLTM2LCJbXCI0%0D%0ALzNcIixcIjQvM1wiXSJdLFstMzcsIi0iXSxbLTM4LCJpLC0xLC0xLDAsMCwxLDAsNjYsNzcsNzE1%0D%0ALDUxMSwwLDEzNDEuMzEsMTM0MS4zMSwyMDYwLDIwNjEiXSxbLTM5LCJbXCIyMDAzMDEwN1wiLDAs%0D%0AXCJHZWNrb1wiLFwiTmV0c2NhcGVcIixcIk1vemlsbGFcIixudWxsLG51bGwsdHJ1ZSw4LGZhbHNl%0D%0ALG51bGwsMF0iXSxbLTQwLCIzMyJdLFstNDEsIi0iXSxbLTQyLCIxNzI0Mjk3NjUzIl0sWy00Mywi%0D%0AMDAwMDAwMDEwMDAwMDAwMDAwMTExMDExMDAiXSxbLTQ0LCIwLDAsMCw1Il0sWy00NSwiNjIwLDAs%0D%0AMCwwLDAsMCw3NjIsMCw2NDgsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCww%0D%0ALDAsMCwwIl0sWy00NiwiMCJdLFstNDcsIkV1cm9wZS9CZXJsaW4sZW4tVVMsbGF0bixncmVnb3J5%0D%0AIl0sWy00OCwiMCwwIl0sWy00OSwiLSJdLFsiYm5jaCIsMTcwXV0%3D&tsfu=&fst=1600x1200&dep=0&cpos=%5B%7B%22x%22%3A0%2C%22y%22%3A0%2C%22w%22%3A1600%2C%22h%22%3A1970%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=6k5XB5WDRv&sdd=%7B%7D&pto=2186
Requested by: Host: ob.cheqzone.com
URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2600:1f18:e8a:cd02:882c:d916:bae1:7722 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 07364fa4cf43aefe3a2fd502443768a227e45feeff1fd6bb8958257fc6955f9f

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Apr 2021 18:23:30 GMT
content-encoding: gzip
content-type: text/javascript
cache-control: no-cache, no-store, must-revalidate
cheq_headers_order: Set-Cookie Content-Type Cache-Control Pragma Expires Content-Length Content-Encoding Date Connection
content-length: 1618
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 zd_w_s_loading.css
60a6ae725fca.bitsngo.net/content/ 907 B
574 B 35ms
9ms Stylesheet
text/css 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net/content/zd_w_s_loading.css?ver=4.0.v20210412065811.73000
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=84092033&_=1618770208763
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F97) / ASP.NET
Resource Hash: df2f130ebaf879966d5e5e8e8623f57a217befe98549db88445fea1e2e1a5797

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:30 GMT
content-encoding: gzip
etag: "07992ef341d71:0"
last-modified: Fri, 12 Feb 2021 11:48:10 GMT
server: ECAcc (frc/8F97)
age: 557593
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 470

GET
H2 200 jquery.tap.min.js Show response
60a6ae725fca.bitsngo.net/common-scripts/ 2 KB
1 KB 33ms
7ms Script
application/x-javascript 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net/common-scripts/jquery.tap.min.js
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=84092033&_=1618770208763
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FFE) / ASP.NET
Resource Hash: 3d9b4c1e21f076d905f1b85a541dda587ee989d1516f1465c6c6ded005cb99a8

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:30 GMT
content-encoding: gzip
etag: "04c61ee341d71:0"
last-modified: Fri, 12 Feb 2021 11:48:08 GMT
server: ECAcc (frc/8FFE)
age: 357919
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 1130

GET
H2 200 zoomd.widget.loader.min.js Show response
60a6ae725fca.bitsngo.net/widget-scripts/ 37 KB
13 KB 43ms
17ms Script
application/x-javascript 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net/widget-scripts/zoomd.widget.loader.min.js?ver=4.0.v20210412065811.73000
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=84092033&_=1618770208763
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8EA7) / ASP.NET
Resource Hash: 6ceb80df4a2a09a64c6506bea46609e055f2043c2960b72a82e5e2388e016a86

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:30 GMT
content-encoding: gzip
etag: "0d5453c692fd71:0"
last-modified: Mon, 12 Apr 2021 06:58:26 GMT
server: ECAcc (frc/8EA7)
age: 557593
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 12755

GET
H2 200 hdiaz_0418_2021_04_18_20_01_51.png
images.gmanews.tv/webpics/2021/04/ 907 KB
908 KB 55ms
54ms Image
image/png 13.224.119.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.gmanews.tv/webpics/2021/04/hdiaz_0418_2021_04_18_20_01_51.png
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.119.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-119-14.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2de70d545d91c842631a733af6f75efbfe68aa24e65e80f5e82cc57802ab4432

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 12:08:02 GMT
via: 1.1 06bb36c6f8415e5c64e03df316bffb5b.cloudfront.net (CloudFront)
last-modified: Sun, 18 Apr 2021 12:01:54 GMT
server: AmazonS3
age: 22529
etag: "5009380dbeffec24de93f5eb4ad807e6"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: MAD50-C1
content-length: 928391
x-amz-cf-id: zNcNIzuh4zFpL6aKRe2VMjyGhwlvIbvKh73wSfBBW3fL-CHXbJ6LyA==

GET
H2 200 e-gilas_041821_2021_04_18_19_23_52.jpeg
images.gmanews.tv/webpics/2021/04/ 110 KB
110 KB 55ms
54ms Image
image/jpeg 13.224.119.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.gmanews.tv/webpics/2021/04/e-gilas_041821_2021_04_18_19_23_52.jpeg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.119.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-119-14.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 301654503be07e8f5b0f408a1a3f1aba25f511e3c0534241cb3b6b59641d6a15

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 11:36:39 GMT
via: 1.1 06bb36c6f8415e5c64e03df316bffb5b.cloudfront.net (CloudFront)
last-modified: Sun, 18 Apr 2021 11:23:54 GMT
server: AmazonS3
age: 24412
etag: "28c695dd0613c80c7e25996348a4c440"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: MAD50-C1
content-length: 112617
x-amz-cf-id: x_jNJHXTUgEN6QSDqZ5bOYNoiUxS5l1RrLlr1IdDnKoZ4YPhtlYSOA==

GET
H2 200 vismin_super_cup_logo_2021_04_15_01_18_59.jpg
images.gmanews.tv/webpics/2021/04/ 89 KB
89 KB 55ms
54ms Image
image/jpeg 13.224.119.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.gmanews.tv/webpics/2021/04/vismin_super_cup_logo_2021_04_15_01_18_59.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.119.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-119-14.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8c1bd701277d5bdc4d3aa28c9c1caf158c62fa001dad747653e3d24b42aeabcf

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 17:23:42 GMT
via: 1.1 06bb36c6f8415e5c64e03df316bffb5b.cloudfront.net (CloudFront)
last-modified: Wed, 14 Apr 2021 17:19:01 GMT
server: AmazonS3
age: 349189
etag: "8455617d38f5da8d2ce8a76af55100ad"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: MAD50-C1
content-length: 90646
x-amz-cf-id: ipxgygFe8o-kq_rQhOaAXzm6ywIQ6al5_41Npwk0FgvOmtj1ummJIg==

GET
H2 200 161682554_284547896368856_228047772108735377_n_2021_04_18_17_22_47.jpg
images.gmanews.tv/webpics/2021/04/ 144 KB
144 KB 163ms
162ms Image
image/jpeg 13.224.119.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.gmanews.tv/webpics/2021/04/161682554_284547896368856_228047772108735377_n_2021_04_18_17_22_47.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.119.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-119-14.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3af77a420c7be2872948338e4664e0fbe9c5c60360232f20773f782b64a389d8

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 09:44:55 GMT
via: 1.1 06bb36c6f8415e5c64e03df316bffb5b.cloudfront.net (CloudFront)
last-modified: Sun, 18 Apr 2021 09:22:49 GMT
server: AmazonS3
age: 31115
etag: "d429878031d2ccc6896d4c3132724300"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: MAD50-C1
content-length: 147289
x-amz-cf-id: kwaWGpu2b_rKFoRUYA10iFFLuVtfnf20Gz8gESwOxdRDTBCqp-JdCg==

GET
H2 200 bts_2021_04_18_15_44_28.jpeg
images.gmanews.tv/webpics/2021/04/ 51 KB
52 KB 171ms
167ms Image
image/jpeg 13.224.119.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.gmanews.tv/webpics/2021/04/bts_2021_04_18_15_44_28.jpeg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.119.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-119-14.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a9850441e45bba116934753d0330c5748c6615fb4cb772cfaa7983a54c322324

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 07:56:42 GMT
via: 1.1 06bb36c6f8415e5c64e03df316bffb5b.cloudfront.net (CloudFront)
last-modified: Sun, 18 Apr 2021 07:44:30 GMT
server: AmazonS3
age: 37609
etag: "5d424794f089b6ab6289787cb8dfc53b"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: MAD50-C1
content-length: 52731
x-amz-cf-id: nX8F7jOIeoa0donydzIZY9xYUi9_74hRM_yn2TF-oTAXpgwUn2dO-w==

GET
H2 200 2021-04-17T162849Z_1182174399_RC2SXM9811KR_RTRMADP_3_BRITAIN-ROYALS-PHILIP_2021_04_18_10_32_31.JPG
images.gmanews.tv/webpics/2021/04/ 131 KB
131 KB 171ms
167ms Image
image/jpeg 13.224.119.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.gmanews.tv/webpics/2021/04/2021-04-17T162849Z_1182174399_RC2SXM9811KR_RTRMADP_3_BRITAIN-ROYALS-PHILIP_2021_04_18_10_32_31.JPG
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.119.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-119-14.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e766a239e78553d6646a014edd1b2a5a8a98843339ff4990b630ca478bcfe287

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 03:05:56 GMT
via: 1.1 06bb36c6f8415e5c64e03df316bffb5b.cloudfront.net (CloudFront)
last-modified: Sun, 18 Apr 2021 02:32:33 GMT
server: AmazonS3
age: 55055
etag: "3f69de4bd96ac08cc6f4c87f8219db61"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: MAD50-C1
content-length: 133747
x-amz-cf-id: Wo084scuFpt4F-XrExBM5DKE8tJD5lPDxyQhru8Wt3HgIk_kZpfcOg==

GET
H2 200 deliveraw.nmi Show response
ads.allaccess.com.ph/ 0
0 570ms
185ms Script
text/plain 175.41.191.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.allaccess.com.ph/deliveraw.nmi?zoneid=8115&sid=0012&_=1618770208764
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 175.41.191.212 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-175-41-191-212.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 deliveraw.nmi Show response
ads.allaccess.com.ph/ 0
0 576ms
192ms Script
text/plain 175.41.191.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.allaccess.com.ph/deliveraw.nmi?zoneid=8215&sid=0012&_=1618770208765
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 175.41.191.212 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-175-41-191-212.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 deliveraw.nmi Show response
ads.allaccess.com.ph/ 0
0 570ms
186ms Script
text/plain 175.41.191.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.allaccess.com.ph/deliveraw.nmi?zoneid=8315&sid=0012&_=1618770208766
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 175.41.191.212 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-175-41-191-212.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 /
www.facebook.com/tr/ 44 B
260 B 8ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=388790207987812&ev=PageView&dl=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fscitech%2Ftechnology%2F283585%2Fwarning-out-vs-new-cross-platform-malware%2Fstory%2F&rl=&if=false&ts=1618770210216&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&it=1618770209811&coo=false&rqm=GET

Requested by

Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:30 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sun, 18 Apr 2021 18:23:30 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
214 B 9ms
8ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=388790207987812&ev=ViewContent&dl=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fscitech%2Ftechnology%2F283585%2Fwarning-out-vs-new-cross-platform-malware%2Fstory%2F&rl=&if=false&ts=1618770210218&sw=1600&sh=1200&v=2.9.39&r=stable&ec=1&o=30&it=1618770209811&coo=false&rqm=GET

Requested by

Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:30 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sun, 18 Apr 2021 18:23:30 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
214 B 8ms
8ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=388790207987812&ev=Search&dl=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fscitech%2Ftechnology%2F283585%2Fwarning-out-vs-new-cross-platform-malware%2Fstory%2F&rl=&if=false&ts=1618770210219&sw=1600&sh=1200&v=2.9.39&r=stable&ec=2&o=30&it=1618770209811&coo=false&rqm=GET

Requested by

Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:30 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sun, 18 Apr 2021 18:23:30 GMT

GET
H3-29 200 status
www.facebook.com/x/oauth/ 0
0 53ms
52ms Fetch
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=255951164473730&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fscitech%2Ftechnology%2F283585%2Fwarning-out-vs-new-cross-platform-malware%2Fstory%2F&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=f60a4c959acd4984da9de9bd284b3bbd&ua=modern_es6

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: R2XE/iAAMcd+ivB0PHS5m7Yb5nERtn9ibUTAfLDB6aKfYQBDpQ06lhDmpwHz1eI2WvakgdO0WvQaHfXjzCsDEA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 18 Apr 2021 18:23:30 GMT
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gmanetwork.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 364ms
89ms XHR
application/json 64.202.112.159
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1618770210244&sessionId=81c9b156-276b-cc7c-7aad-1e3aed8133fe&url=www.gmanetwork.com&cheqSource=1&cheqEvent=0&exitReason=3
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 18 Apr 2021 18:23:30 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 41697b160192c49b4f432f9895042ba5
Content-Length: 4
Expires: 0

GET
H2 200 uuid.min.js Show response
cdnjs.cloudflare.com/ajax/libs/node-uuid/1.4.8/ 2 KB
1 KB 24ms
23ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/node-uuid/1.4.8/uuid.min.js

Requested by

Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=84092033&_=1618770208763

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87b3e2271b71b1fefe56400637a37ef3fd2a66b84aee860973fa60b839d8262e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1468603
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1095
cf-request-id: 0987d245cf00004ee0658ca000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:13:31 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f2b-966"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ryi%2BtZ1%2BHp56pqNaP2RmNoe0kTC4nw8YOHAZVDIwB%2BfhXdb2%2Bkk6%2F%2F8gh0G0nqVl%2FuWIOeQW3FNV300C07A60ObteAuRUIvMtWkyL4Kf8pRZnZIr7iU4ix6fkAt1sf3LIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 641fecb61b104ee0-FRA
expires: Fri, 08 Apr 2022 18:23:30 GMT

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ Frame 468B 3 KB
1 KB 59ms
38ms XHR
application/json 2a02:26f0:6c00:1b8::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=FG65A-Y848M-3TACG-B2LGY-Y72BW&d=www.gmanetwork.com&t=5395901&v=1.667.0&if=&sl=0&si=e4zf9o28ain-qrrv34&plugins=ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,LOGN&acao=
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/FG65A-Y848M-3TACG-B2LGY-Y72BW
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:1b8::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 36e085e8ccbc1bc0b3bbe4bae133b37404da97e552557f0db91b80cfd054371e

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Apr 2021 18:23:30 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 1012

GET
H2 200 zoomd.widget.logger.min.js Show response
60a6ae725fca.bitsngo.net/widget-scripts/ 9 KB
4 KB 10ms
9ms Script
application/x-javascript 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net/widget-scripts/zoomd.widget.logger.min.js?ver=4.0.v20210412065811.73000
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=84092033&_=1618770208763
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F04) / ASP.NET
Resource Hash: c75f65c26c8627f92d561c1574e598ce07ccfae2f3f19cb24b59437f95658259

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:30 GMT
content-encoding: gzip
etag: "02773d692fd71:0"
last-modified: Mon, 12 Apr 2021 06:58:28 GMT
server: ECAcc (frc/8F04)
age: 557592
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 4104

POST
H/1.1 200
OK GetToken Show response
zdwidget3-bs.sphereup.com/zoomd/SearchUi/ 230 B
956 B 96ms
22ms XHR
application/json 104.40.187.26
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/GetToken
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.40.187.26 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 9410b966a900044927dbd2f9ea9c1e1b4887a9fb093dc54e129fa43541bfee7b

Request headers

Accept: */*
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Sun, 18 Apr 2021 18:23:30 GMT
Content-Encoding: gzip
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: private
Content-Type: application/json; charset=utf-8
Content-Length: 327

GET
H2 200 jquery.dfp.min.js Show response
60a6ae725fca.bitsngo.net/widget-scripts/extra_content/ 289 B
424 B 12ms
11ms Script
application/x-javascript 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net/widget-scripts/extra_content/jquery.dfp.min.js?ver=4.0.v20210412065811.73000
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=84092033&_=1618770208763
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F1E) / ASP.NET
Resource Hash: 823686237069918cffd8537c4a5a77c27cd84451bef4b07624f44d7e5456c226

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:30 GMT
content-encoding: gzip
etag: "0a74773326d71:0"
last-modified: Wed, 31 Mar 2021 13:40:52 GMT
server: ECAcc (frc/8F1E)
age: 557592
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 327

GET
H3-29 200 css
fonts.googleapis.com/ 2 KB
546 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=84092033&_=1618770208763

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c340f2fc9103b3a383daf2262c4c58829e4acd29f2e18e02675a823f89eef33b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 18 Apr 2021 18:18:51 GMT
server: ESF
date: Sun, 18 Apr 2021 18:23:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 18 Apr 2021 18:23:30 GMT

GET
H3-29 200 icon
fonts.googleapis.com/ 568 B
365 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=84092033&_=1618770208763

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

011f65213dcc2dc9464f07a61c75125c3ef8061f37ca3921c4b6771421b4235b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 18 Apr 2021 18:23:30 GMT
server: ESF
date: Sun, 18 Apr 2021 18:23:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 18 Apr 2021 18:23:30 GMT

GET
H2 200 masonry.pkgd.min.js Show response
60a6ae725fca.bitsngo.net/widget-scripts/ 25 KB
10 KB 9ms
8ms Script
application/x-javascript 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net/widget-scripts/masonry.pkgd.min.js?v=4.0.v201807040945
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=84092033&_=1618770208763
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FDC) / ASP.NET
Resource Hash: b4ab3afc167a24f795563b7a51fae8dfbe6efc232ccb2e2add52dacc59cec3e3

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:30 GMT
content-encoding: gzip
etag: "07992ef341d71:0"
last-modified: Fri, 12 Feb 2021 11:48:10 GMT
server: ECAcc (frc/8FDC)
age: 357918
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 10202

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 23 KB
5 KB 17ms
16ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css

Requested by

Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723, 617, 617
age: 3365758
cdn-cachedat: 2021-03-10 20:26:28
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0987d2460200004e8c3d984000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: dbc1afb9a84d639148de495f557e96e6
cf-ray: 641fecb66b674e8c-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H3-29 200 core.min.js Show response
cdnjs.cloudflare.com/ajax/libs/core-js/2.5.1/ 86 KB
26 KB 60ms
42ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/core-js/2.5.1/core.min.js

Requested by

Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=84092033&_=1618770208763

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c062e44ef26a7b57ee5e158af4af360561ed6f3d18d96e4c1faa9b69097add0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 644891
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25572
cf-request-id: 0987d2462100000601443d1000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-156f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cJ9JgHOF%2BgUMeWws8%2FEtuJN7TFcE1RcnHPJY1abPmxRkQhY1e3l81ITkzIXy%2BHbwI4%2FgZDwSUdvASVu%2BF1CbfSWYL3pIFyNs1gjwMbEA1sNRNHfdIIQu3mNsqxHnOh3tBQ%3D%3D"}],"group":"cf-nel"}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 641fecb69d7f0601-FRA
expires: Fri, 08 Apr 2022 18:23:30 GMT

GET
H2 200 283585 Show response
data.gmanetwork.com/585/gno/story/ 7 KB
3 KB 288ms
280ms XHR
text/plain 13.224.119.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data.gmanetwork.com/585/gno/story/283585
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-119-77.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6275ff30af094191e3a1c5a2d8cb61d6e82e0e42ff1268748b0b5487ce41f06e

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:31 GMT
content-encoding: gzip
x-amz-cf-pop: MAD50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: https://www.gmanetwork.com
last-modified: Tue, 15 Sep 2015 08:07:48 GMT
server: AmazonS3
etag: W/"7978b4ed7606ad84bb477b25ea310ef1"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: text/plain
via: 1.1 3a5cd718bb9eb50d9c931e1f7586b5a8.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
cache-control: max-age=120
access-control-allow-credentials: true
x-amz-cf-id: v5iBqECzFLBQrLDCB7uzcyNl5SBnZmGZBrxnNafPJvxKY_fNpByGDg==

GET
H2 200 zoomd.widget.externalcontent.loader.min.js Show response
60a6ae725fca.bitsngo.net/widget-scripts/extra_content/ 15 KB
6 KB 9ms
9ms Script
application/x-javascript 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net/widget-scripts/extra_content/zoomd.widget.externalcontent.loader.min.js?ver=4.0.v20210412065811.73000
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=84092033&_=1618770208763
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FE3) / ASP.NET
Resource Hash: 34d2701c293a921dbbaf7b206c1f4ffb541a7223c1ab3c5c6ff2b1fa011a85a0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:30 GMT
content-encoding: gzip
etag: "089a41692fd71:0"
last-modified: Mon, 12 Apr 2021 06:58:34 GMT
server: ECAcc (frc/8FE3)
age: 557592
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 6259

POST
H/1.1 201
Created messages Show response
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ 0
313 B 323ms
111ms XHR
application/xml 40.79.44.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages

Requested by

Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sourcesenderId: 3
Authorization: SharedAccessSignature sr=http%3A%2F%2Fprod-sb-appanalytics-us1.servicebus.windows.net%2F&sig=%2B66qIPIfse%2Fw8t%2FMjP2JX81YcoOwKEgAFleqxLzh8Yc%3D&se=1618771172&skn=all
Content-Type: application/atom+xml;type=entry;charset=UTF-8
Accept: */*
action: pageView
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
clientId: "84092033"

Response headers

Access-Control-Allow-Origin: https://www.gmanetwork.com
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Credentials: true
Server: Microsoft-HTTPAPI/2.0
Date: Sun, 18 Apr 2021 18:23:31 GMT
Transfer-Encoding: chunked
Content-Type: application/xml; charset=utf-8

OPTIONS
H/1.1 200
OK messages
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ Frame 0
0 456ms
104ms Preflight 40.79.44.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages

Protocol

HTTP/1.1

Server

40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: action,authorization,clientid,content-type,sourcesenderid
Origin: https://www.gmanetwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Length: 0
Server: Microsoft-HTTPAPI/2.0
Access-Control-Allow-Origin: https://www.gmanetwork.com
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: POST
Access-Control-Allow-Headers: action,authorization,clientid,content-type,sourcesenderid
Strict-Transport-Security: max-age=31536000
Date: Sun, 18 Apr 2021 18:23:30 GMT

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 103ms
91ms XHR
application/json 64.202.112.159
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1618770210572&sessionId=81c9b156-276b-cc7c-7aad-1e3aed8133fe&url=www.gmanetwork.com&cheqSource=1&cheqEvent=2&responseTime=843
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 18 Apr 2021 18:23:30 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: cdc7828afd812e1116cde8035f07f5b3
Content-Length: 4
Expires: 0

GET
H2 200 imp.gif
obs.cheqzone.com/tracker/ 43 B
135 B 95ms
94ms Image
image/gif 2600:1f18:e8a:cd02:882c:d916:bae1:7722
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obs.cheqzone.com/tracker/imp.gif?e=37dfbd8ee84e00136be6c032ea458b9d9225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163312714593d60632fd78afe7dfe1474ab9488bbd39e821da61c45085052aae2d05f91e46042cc95b32b49affa125be2ab8589801f95c0c2cf38e6b256a655c9b6599857ea95a61a7d4f232331e32d786302080903b477442750c1bef8828796d76e4ba152cebfea755c9a444771e2bb5a5a384800cc6b9a326f746c0016537dd9fcfe6ad6b89cc9133d56c5384e6c1250616e9656ca0990a63ecc89825d957bd1fad811bc551c8c96dd82a77c3d835d277c281bef187eee61b2aa57ae3b2ab205234b58266c1b044e5401254850b58d7d4c38681eb923bce6a88deb1882cbb292f34d6287dc7cec54d23d1e821ac50e0924bc771fa29154b57cd65ff439cd0be71f8df78d209f2c3d9d464825e5278f04e1d1f7f44718aa064a15499dd862fb39964f7dd3add83e3f27081bde2442b2ed2b8091e8cfa1c5912f8e7ee31b965dfae41a9a333ec29e72cc6118b5794b57c9b4b63b2f1d03b2262315f6d5a1e42b5a2c833904ba85752517dada645de840a4eabe99ce5e27ec8eef8eec4a4bdfb204c20f84783aa5a6e8a5f6619d17f40776cf067ac771adef6c7638a7cca238baa30d0be0d9d6712222602600e9ac0e6b6206906881257e1a6cba7a298410f9facaf38c7dd797fc4c051692bbfc49b257ef279c106c14df135df509e9d0feaf972f091889f&cb=1618770210572&cri=6k5XB5WDRv
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2600:1f18:e8a:cd02:882c:d916:bae1:7722 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Apr 2021 18:23:30 GMT
cache-control: no-cache, no-store, must-revalidate
cheq_headers_order: Cache-Control Pragma Expires Content-Type Date Connection Content-Length
content-type: image/gif
content-length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runtime.js Show response
60a6ae725fca.bitsngo.net/content/4.0/js/ 3 KB
2 KB 8ms
8ms Script
application/x-javascript 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net/content/4.0/js/runtime.js?v=4.0.v20210412065811.73000
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=84092033&_=1618770208763
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F22) / ASP.NET
Resource Hash: 341b452ea238e1335d40629bba580839ada6fd9e227b89ba4f3a7a9b1413861b

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:30 GMT
content-encoding: gzip
etag: "0b668736a2fd71:0"
last-modified: Mon, 12 Apr 2021 07:07:08 GMT
server: ECAcc (frc/8F22)
age: 557592
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 1992

GET
H2 200 jquery.dfp.min.js Show response
60a6ae725fca.bitsngo.net//common-scripts/ 7 KB
3 KB 9ms
8ms Script
application/x-javascript 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net//common-scripts/jquery.dfp.min.js?v=4.0.v201807040945
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=84092033&_=1618770208763
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8E93) / ASP.NET
Resource Hash: 9d566d5a66973cf49495579c828f81361d994a2b2e42690b5824ef1fd7803227

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:30 GMT
content-encoding: gzip
etag: "0b63b42692fd71:0"
last-modified: Mon, 12 Apr 2021 06:58:36 GMT
server: ECAcc (frc/8E93)
age: 357961
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 3225

GET
H2 200 zd_top.searches.css
60a6ae725fca.bitsngo.net/Content/3.0/widget-css/ 16 KB
3 KB 8ms
7ms Stylesheet
text/css 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net/Content/3.0/widget-css/zd_top.searches.css?ver=4.0.v20210412065811.73000
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=84092033&_=1618770208763
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8EA7) / ASP.NET
Resource Hash: 176f3ca1ee7b655aa9f2c16e71c09dc548d315c9b77ff39d637eebb931d70d81

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:30 GMT
content-encoding: gzip
etag: "04c61ee341d71:0"
last-modified: Fri, 12 Feb 2021 11:48:08 GMT
server: ECAcc (frc/8EA7)
age: 557592
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 2799

GET
H2 200 zd_top.searches.min.js Show response
60a6ae725fca.bitsngo.net/widget-scripts/extra_content/ 17 KB
7 KB 11ms
11ms Script
application/x-javascript 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net/widget-scripts/extra_content/zd_top.searches.min.js?ver=4.0.v20210412065811.73000
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=84092033&_=1618770208763
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FAA) / ASP.NET
Resource Hash: 1426c56748e464a4c9a1dae580dc73acf291663684aa701711537d8709329014

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:30 GMT
content-encoding: gzip
etag: "05cd93f692fd71:0"
last-modified: Mon, 12 Apr 2021 06:58:32 GMT
server: ECAcc (frc/8FAA)
age: 557592
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 6909

GET
H/1.1 200
OK loader.js Show response
player.ivideosmart.com/ivsplayer/v4/dist/js/ 8 KB
3 KB 52ms
13ms Script
application/javascript 2a02:26f0:7100::1720:ee33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/loader.js?dynamic=1&_=1618770208767
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:ee33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: adbd2d20a9543ad40a5a66a187209902d1013e67b569fbee9bac3f7d9dafc474

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Apr 2021 18:23:30 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Amz-Cf-Pop: LHR62-C1
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1125181
Content-Length: 2923
AMP-Access-Control-Allow-Source-Origin: *
Last-Modified: Thu, 15 Apr 2021 04:39:48 GMT
Server: AmazonS3
ETag: W/"a13aa5b57d25ceda2ed7ea95f92c6a80"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=7200
Access-Control-Allow-Credentials: true
X-Amz-Cf-Id: othAGjs-vjJipLSj02wum5nuBJj0bErK-spEr3nVJRXa_FfycQIyNQ==

GET
H3-29 200 like.php Show response
www.facebook.com/v2.5/plugins/ Frame 3B5D 35 KB
13 KB 71ms
70ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.5/plugins/like.php?action=like&app_id=255951164473730&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df749897d06ca2%26domain%3Dwww.gmanetwork.com%26origin%3Dhttps%253A%252F%252Fwww.gmanetwork.com%252Ff1275bb104bc25%26relation%3Dparent.parent&container_width=734&href=https%3A%2F%2Fwww.facebook.com%2FGMANews&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=large&width=720

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=f60a4c959acd4984da9de9bd284b3bbd&ua=modern_es6

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a2ff7489b70c409a5d8bdc6e24fc7390df445cab7b0c483620785f41bcc9c2ce

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v2.5/plugins/like.php?action=like&app_id=255951164473730&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df749897d06ca2%26domain%3Dwww.gmanetwork.com%26origin%3Dhttps%253A%252F%252Fwww.gmanetwork.com%252Ff1275bb104bc25%26relation%3Dparent.parent&container_width=734&href=https%3A%2F%2Fwww.facebook.com%2FGMANews&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=large&width=720
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gmanetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: fr=0UT2w7KhbShq23CZ7..BgfHki...1.0.BgfHki.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gmanetwork.com/

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-encoding: br
facebook-api-version: v3.2
x-content-type-options: nosniff
vary: Accept-Encoding
pragma: no-cache
x-fb-rlafr: 0
content-type: text/html; charset="utf-8"
x-fb-debug: flSnuaVNMWEiB5hkgDe/WOBoydbfOEYGlBPU5t9NdIcc6gl70tzdDpOmtxwzdJYpZmYdoAfZ8TdcgLlPsIWZmg==
date: Sun, 18 Apr 2021 18:23:30 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H2 200 / Show response
trinitymedia.ai/player/trinity/2900001771/ 4 KB
2 KB 365ms
121ms Script
application/javascript 52.200.218.179
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trinitymedia.ai/player/trinity/2900001771/?pageURL=$$PAGE_URL$$&GDPR=$$GDPR_MACRO$$&GDPR_CONSENT=$$GDPR_CONSENT_MACRO$$&textSelector=I3N0b3J5MSAuc3RvcnlfdGl0bGUgLnN0b3J5X2xpbmtzLCAjc3RvcnkxIC5zdG9yeV9tYWlu
Requested by: Host: images.gmanetwork.com
URL: https://images.gmanetwork.com/res/dist/js/consolidated/hash/story.cec1622ae1cc309f4ef917cbc03f2a63.gz.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.200.218.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-200-218-179.compute-1.amazonaws.com
Software: Apache /
Resource Hash: c1a4b1006d5cad5088da612f035049ea281ba330a162d6253f3f32f024d6ae6f

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:30 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-store
content-length: 1597

GET
H2 200 buttons.js Show response
ws.sharethis.com/button/ 59 KB
17 KB 44ms
11ms Script
application/javascript 2600:9000:20eb:8600:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sharethis.com/button/buttons.js?_=1618770208768
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:8600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 101952754cb8c2ae6e1b8b8cba16dc2a9b47e6e808bd563a8b87d0561daf7d85

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 00:27:25 GMT
content-encoding: gzip
server: nginx/1.16.1
age: 237365
etag: W/"60256fd0-eabe"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b03.cloudfront.net (CloudFront)
cache-control: max-age=259200
x-amz-cf-pop: FRA2-C1
x-robots-tag: noindex, nofollow
content-length: 16639
x-amz-cf-id: lrAnSHIdZURhu1Z3azJg-vwoFuKqanhadns0NhjY6T-dq6ES8CufuA==
expires: Mon, 19 Apr 2021 00:27:25 GMT

GET
H/1.1 403
Forbidden 283585.json Show response
related.gmanews.tv/12/articleTag/585/ 243 B
788 B 614ms
414ms XHR
application/xml 13.224.119.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://related.gmanews.tv/12/articleTag/585/283585.json
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.119.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-119-12.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9e1ce93486baea7da33fe1803cdbeef546b6f940917f462401d586086e970178

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Apr 2021 18:23:30 GMT
Via: 1.1 e5774f09cc2ae0875c0445786827ad1b.cloudfront.net (CloudFront)
Server: AmazonS3
X-Amz-Cf-Pop: MAD50-C1
Vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1200
Transfer-Encoding: chunked
X-Cache: Error from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: 6dXniUVYkm64oNYum1skn67VT9a63IL94OFFLudvpV1-mSyP2xduCA==

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-242242-2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
age: 1628
date: Sun, 18 Apr 2021 17:56:22 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19463
expires: Sun, 18 Apr 2021 19:56:22 GMT

GET
H/1.1 200
OK tagr_lib_learn_ph_v3.js Show response
static-tagr.gd1.mookie1.com/s1/ 4 KB
1 KB 84ms
23ms Script
application/javascript 104.117.192.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tagr.gd1.mookie1.com/s1/tagr_lib_learn_ph_v3.js?tagid=V2_153300&id=GMA
Requested by: Host: images.gmanetwork.com
URL: https://images.gmanetwork.com/res/dist/js/custom_analytics.gz.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.117.192.218 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-192-218.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 5ddadabbf40d5ed6cc3b3735f87451e0a5ec1782cec93f338005566ad060fbc6

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Apr 2021 18:23:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Jul 2016 05:35:34 GMT
Server: nginx
ETag: "579999a6-1153"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1217

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 39ms
26ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=34&ud=false&qa=1600&qb=1200&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qi=1600&qj=1200&ql=&qo=0&qm=-120&qn=6OZw%3DoHB%2CEF%3FKC1I%3Cq.bWoCSV2W0Su*TDXlCfX2iR2%25(GyHN%3DI(%2C%3Ba15lK1t!9ZpAH..4iwM%25z4mc4djG%3D_11%5Dz(m3%7CuK9~P%5DDohjO%7BcEKHD%40%404KrD(KA.E%24C%23I%3BC%2FVKw(%24Y4%5D%2B)%60K%3A%3A%2FAwJ_%5B%259%5BHhUKF%5Eh%3B%3BG%24%2509QAk%7Ci%3E3%24.ekO2m%2F%26u~q%60RP%3CG.FT0J%5D%5B(v%7CQM%3CJ.Vo!Ge%23D3lBuoytIDNmGupI%5B%5B%26u5k72kF0beMQ2%26(rX%3BU4%22s%40_Qx!%40D4%2BFTJKZ%5ESCeSztOJ5p6CGuk%3Fy6lAet66%3CBl%3F%24b%3AameaUc%5EKu%3BUDXp%2B3W%60R2zp%2FTjqU%7B(8fYqbB%7B0%60%23ym7D%5DD7gwb%5DG8F%25uHb%5DQ%22_5.eaL57IM%3C%7D)XLKX2fc%2Cie8!iwGFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.yB%3AU!%2FpwvWUuaU%24(9N%2CNJJ)%2CW%2FKo7FY&qp=00000&qq=000000000000&qr=0&gz=0&hh=0&hn=0&qt=0&i=GMANMI_CONTENT1&hp=1&pl=1&zMoatIS=1&kq=1&dnt=0&bq=0&f=0&o=3&t=1618770209560&de=849546460232&m=0&ar=e687a89-clean&q=0&cb=0&cu=1618770209870&ll=2&ln=0&em=0&en=0&d=www.gmanetwork.com%2Fnews%3AWarning%20out%20vs%20new%20cross-platform%20malware%3A__page__%3A-&qs=1&gu=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fscitech%2Ftechnology%2F283585%2Fwarning-out-vs-new-cross-platform-malware%2Fstory%2F&vc=2&gw=gmanmicontent461752070830&fd=1&ac=1&it=500&fs=99042&na=1393439036&cs=0
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Apr 2021 18:23:30 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 18 Apr 2021 18:23:30 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 19ms
17ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.gmanetwork.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 18 Apr 2021 18:23:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 16ms
16ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.gmanetwork.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 18 Apr 2021 18:23:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 4 KB
400 B 211ms
210ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=963482835637193&correlator=1802342440935364&output=ldjh&impl=fifs&eid=31060789%2C31060411%2C31060708%2C44733567&vrg=2021041301&ptt=17&sc=1&sfv=1-0-38&ecs=20210418&iu_parts=344684475%2CGNO_Scitech_Article_Mrec_1%2CGNO_Scitech_Article_Leaderboard_1%2CGNO_Scitech_Desktop_Outstream%2CGNO_Scitech_Mrec_1%2CGNO_Scitech_Desktop_Pushdown%2CGNO_Scitech_Article_Leaderboard_2%2CGNO_Scitech_Desktop_Interstitial%2CGNO_Scitech_Desktop_Skinning&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8&prev_iu_szs=300x250%7C336x280%7C250x250%2C728x90%2C1x1%2C300x250%7C336x280%7C250x250%7C300x600%2C1x1%2C728x90%2C1x1%2C1x1&ists=43&prev_scp=keyword%3Dmalware%2Cinternet%2Ctrendmicro%2Ccybersecurity%26ad_pt%3DScitech_Article_Inside_Page%26ad_pos%3DGNO_Scitech_Article_Mrec_1_1%26site_id%3DGMA_News_Online%7Ckeyword%3Dmalware%2Cinternet%2Ctrendmicro%2Ccybersecurity%26ad_pt%3DScitech_Article_Inside_Page%26ad_pos%3DGNO_Scitech_Article_Leaderboard_1_1%26site_id%3DGMA_News_Online%7Cad_pt%3DScitech_Article_Inside_Page%26ad_pos%3DGNO_Scitech_Desktop_Outstream_1%26site_id%3DGMA_News_Online%7Ckeyword%3Dmalware%2Cinternet%2Ctrendmicro%2Ccybersecurity%26ad_pt%3DScitech_Article_Inside_Page%26ad_pos%3DGNO_Scitech_Mrec_1_1%26site_id%3DGMA_News_Online%7Ckeyword%3Dmalware%2Cinternet%2Ctrendmicro%2Ccybersecurity%26ad_pt%3DScitech_Article_Inside_Page%26ad_pos%3DGNO_Scitech_Desktop_Pushdown_1%26site_id%3DGMA_News_Online%7Ckeyword%3Dmalware%2Cinternet%2Ctrendmicro%2Ccybersecurity%26ad_pt%3DScitech_Article_Inside_Page%26ad_pos%3DGNO_Scitech_Article_Leaderboard_2_1%26site_id%3DGMA_News_Online%7Ckeyword%3Dmalware%2Cinternet%2Ctrendmicro%2Ccybersecurity%26ad_pt%3DScitech_Article_Inside_Page%26ad_pos%3DGNO_Scitech_Desktop_Interstitial_1%26site_id%3DGMA_News_Online%7Ckeyword%3Dmalware%2Cinternet%2Ctrendmicro%2Ccybersecurity%26ad_pt%3DScitech_Article_Inside_Page%26ad_pos%3DGNO_Scitech_Desktop_Skinning_1%26site_id%3DGMA_News_Online&cookie_enabled=1&bc=31&abxe=1&lmt=1618770210&dt=1618770210774&dlt=1618770208595&idt=1194&frm=20&biw=1600&bih=1200&oid=3&adxs=710%2C269%2C276%2C1057%2C-9%2C276%2C0%2C0&adys=590%2C184%2C1213%2C187%2C-9%2C1855%2C165%2C166&adks=2127449765%2C2666319397%2C2874047352%2C3907459153%2C1099768448%2C1063451533%2C1083221779%2C651794928&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fscitech%2Ftechnology%2F283585%2Fwarning-out-vs-new-cross-platform-malware%2Fstory%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250%7C760x90%7C733x1%7C300x-1%7C0x-1%7C760x95%7C1600x1%7C1600x1&msz=300x250%7C760x90%7C733x1%7C300x-1%7C0x-1%7C760x90%7C1600x1%7C1600x1&ga_vid=662868343.1618770210&ga_sid=1618770211&ga_hid=1039767470&ga_fc=false&fws=0%2C0%2C0%2C4%2C2%2C0%2C0%2C0&ohw=0%2C0%2C0%2C349%2C0%2C0%2C0%2C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

67c735c0aa847a003bd9d8ca63f96df07a4a5739694f4641785bb6aff2b251f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 370
x-xss-protection: 0
google-lineitem-id: -2,-2,-2,-2,-2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2,-2,-2,-2,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gmanetwork.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
8f6fbfdbbcb5c2f6072e34d1168958c1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 174ms
73ms Other
text/html 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://8f6fbfdbbcb5c2f6072e34d1168958c1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041301.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 0
0 6ms
5ms Other
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041301.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 7ms
6ms Ping
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryBvnMPI4W4hlB7BVp

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Sun, 18 Apr 2021 18:23:30 GMT
content-type: text/plain
access-control-allow-origin: https://www.gmanetwork.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 32ms
31ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&kq=1&lo=0&qs=1&ak=https%3A%2F%2Fwww.gmanetwork.com%2F%2Fnews%2Fscitech%2Ftechnology%2F283585%2Fwarning-out-vs-new-cross-platform-malware%2Fstory%2F-&i=GMANMI_CONTENT1&ud=false&qm=-120&qn=6OZw%3DoHB%2CEF%3FKC1I%3Cq.bWoCSV2W0Su*TDXlCfX2iR2%25(GyHN%3DI(%2C%3Ba15lK1t!9ZpAH..4iwM%25z4mc4djG%3D_11%5Dz(m3%7CuK9~P%5DDohjO%7BcEKHD%40%404KrD(KA.E%24C%23I%3BC%2FVKw(%24Y4%5D%2B)%60K%3A%3A%2FAwJ_%5B%259%5BHhUKF%5Eh%3B%3BG%24%2509QAk%7Ci%3E3%24.ekO2m%2F%26u~q%60RP%3CG.FT0J%5D%5B(v%7CQM%3CJ.Vo!Ge%23D3lBuoytIDNmGupI%5B%5B%26u5k72kF0beMQ2%26(rX%3BU4%22s%40_Qx!%40D4%2BFTJKZ%5ESCeSztOJ5p6CGuk%3Fy6lAet66%3CBl%3F%24b%3AameaUc%5EKu%3BUDXp%2B3W%60R2zp%2FTjqU%7B(8fYqbB%7B0%60%23ym7D%5DD7gwb%5DG8F%25uHb%5DQ%22_5.eaL57IM%3C%7D)XLKX2fc%2Cie8!iwGFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.yB%3AU!%2FpwvWUuaU%24(9N%2CNJJ)%2CW%2FKo7FY&qp=00000&qq=000000000000&qr=0&gz=0&hh=0&hn=0&qt=0&bq=0&g=0&vc=2&pl=1&zMoatIS=1&zMoatISOrder=0&j=&pc=0&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&md=0&mc=0&lb=4703&la=0&ld=0&lc=0&cw=-1&cx=-1&sh=undefined&xa=0&xb=0&xc=0&h=4&w=4&dnt=0&gu=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fscitech%2Ftechnology%2F283585%2Fwarning-out-vs-new-cross-platform-malware%2Fstory%2F&f=0&o=3&t=1618770209560&de=849546460232&cu=1618770209870&m=1135&ar=e687a89-clean&cb=0&ll=2&ln=0&gh=1&qa=1600&qb=1200&qi=1600&qj=1200&qf=1600&qe=1200&qh=1600&qg=1200&lk=undefined&le=1&gm=1&io=1&ch=0&as=0&ag=0&an=0&gf=0&gg=0&pg=0&pf=0&cc=0&bw=0&bx=0&em=0&en=0&bu=1&cd=0&ah=1&am=0&re=0&wb=1&cl=0&at=0&d=www.gmanetwork.com%2Fnews%3AWarning%20out%20vs%20new%20cross-platform%20malware%3A__page__%3A-&gw=gmanmicontent461752070830&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&fs=99042&na=1095499926&cs=0
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Apr 2021 18:23:30 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 18 Apr 2021 18:23:30 GMT

GET
H2 200 vendor.js Show response
60a6ae725fca.bitsngo.net/content/4.0/js/ 451 KB
154 KB 7ms
7ms Script
application/x-javascript 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net/content/4.0/js/vendor.js?v=4.0.v20210412065811.73000
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=84092033&_=1618770208763
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8EA0) / ASP.NET
Resource Hash: 43a3180bf543501f3c010d886d652d3da0997798bd88b071de838fa876560c8d

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:30 GMT
content-encoding: gzip
etag: "0b668736a2fd71:0"
last-modified: Mon, 12 Apr 2021 07:07:08 GMT
server: ECAcc (frc/8EA0)
age: 557592
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 157759

OPTIONS
H/1.1 200
OK messages
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ Frame 0
0 113ms
102ms Preflight 40.79.44.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages

Protocol

HTTP/1.1

Server

40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: action,authorization,clientid,content-type,sourcesenderid
Origin: https://www.gmanetwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Length: 0
Server: Microsoft-HTTPAPI/2.0
Access-Control-Allow-Origin: https://www.gmanetwork.com
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: POST
Access-Control-Allow-Headers: action,authorization,clientid,content-type,sourcesenderid
Strict-Transport-Security: max-age=31536000
Date: Sun, 18 Apr 2021 18:23:30 GMT

POST
H/1.1 201
Created messages Show response
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ 0
313 B 316ms
117ms XHR
application/xml 40.79.44.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages

Requested by

Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sourcesenderId: 3
Authorization: SharedAccessSignature sr=http%3A%2F%2Fprod-sb-appanalytics-us1.servicebus.windows.net%2F&sig=%2B66qIPIfse%2Fw8t%2FMjP2JX81YcoOwKEgAFleqxLzh8Yc%3D&se=1618771172&skn=all
Content-Type: application/atom+xml;type=entry;charset=UTF-8
Accept: */*
action: DFPLoaded
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
clientId: "84092033"

Response headers

Access-Control-Allow-Origin: https://www.gmanetwork.com
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Credentials: true
Server: Microsoft-HTTPAPI/2.0
Date: Sun, 18 Apr 2021 18:23:30 GMT
Transfer-Encoding: chunked
Content-Type: application/xml; charset=utf-8

GET
H/1.1 200
OK MultipleTopSearch Show response
zdwidget3-bs.sphereup.com/ 493 B
687 B 60ms
60ms Script
text/javascript 104.40.187.26
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://zdwidget3-bs.sphereup.com/MultipleTopSearch?callback=jQuery11110012661874561747277_1618770208769&clientId=84092033&url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fscitech%2Ftechnology%2F283585%2Fwarning-out-vs-new-cross-platform-malware%2Fstory%2F&query=&title=&loader=false&containerType=SR1&overrideActions=true&targetUrl=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fscitech%2Ftechnology%2F283585%2Fwarning-out-vs-new-cross-platform-malware%2Fstory%2F&_=1618770208770
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.40.187.26 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c7a36decf6430084836f47894c84210f02a45635048fc9ff546b55f5e652679a

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 18 Apr 2021 18:23:30 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache
Content-Type: text/javascript; charset=utf-8
Content-Length: 305
Expires: -1

POST
H/1.1 201
Created messages Show response
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ 0
313 B 222ms
109ms XHR
application/xml 40.79.44.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages

Requested by

Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sourcesenderId: 3
Authorization: SharedAccessSignature sr=http%3A%2F%2Fprod-sb-appanalytics-us1.servicebus.windows.net%2F&sig=%2B66qIPIfse%2Fw8t%2FMjP2JX81YcoOwKEgAFleqxLzh8Yc%3D&se=1618771172&skn=all
Content-Type: application/atom+xml;type=entry;charset=UTF-8
Accept: */*
action: TSrequested
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
clientId: "84092033"

Response headers

Access-Control-Allow-Origin: https://www.gmanetwork.com
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Credentials: true
Server: Microsoft-HTTPAPI/2.0
Date: Sun, 18 Apr 2021 18:23:30 GMT
Transfer-Encoding: chunked
Content-Type: application/xml; charset=utf-8

GET
H/1.1 200
OK bundle.js Show response
player.ivideosmart.com/ivsplayer/v4/dist/js/ 198 KB
49 KB 14ms
11ms Script
application/javascript 2a02:26f0:7100::1720:ee33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js?dynamic=1&_=1618770208767
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/loader.js?dynamic=1&_=1618770208767
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:ee33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c724febe7204aafcc7f70c174e89d475e7d85f5d9b027026ff280c22ba50da76

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Apr 2021 18:23:30 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Amz-Cf-Pop: LHR62-C3
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1125181
Content-Length: 49049
AMP-Access-Control-Allow-Source-Origin: *
Last-Modified: Thu, 15 Apr 2021 04:39:48 GMT
Server: AmazonS3
ETag: W/"4000633a488b17a6ac60f0c8b100bf32"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=7200
Access-Control-Allow-Credentials: true
X-Amz-Cf-Id: sVPBVomnLXHYIIDPL5wcJ_sS9WrKGu_MkzdKKhdpK8gwLi_358DfCw==

OPTIONS
H/1.1 200
OK messages
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ Frame 0
0 207ms
102ms Preflight 40.79.44.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages

Protocol

HTTP/1.1

Server

40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: action,authorization,clientid,content-type,sourcesenderid
Origin: https://www.gmanetwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Length: 0
Server: Microsoft-HTTPAPI/2.0
Access-Control-Allow-Origin: https://www.gmanetwork.com
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: POST
Access-Control-Allow-Headers: action,authorization,clientid,content-type,sourcesenderid
Strict-Transport-Security: max-age=31536000
Date: Sun, 18 Apr 2021 18:23:31 GMT

GET
H2 200 async-buttons.js Show response
ws.sharethis.com/button/ 89 KB
19 KB 10ms
7ms Script
application/javascript 2600:9000:20eb:8600:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sharethis.com/button/async-buttons.js
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/buttons.js?_=1618770208768
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:8600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: f3bc548fe0ec38e954e193e2048fcd89948a61e9b321e69476b807cfb530215b

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 10:25:05 GMT
content-encoding: gzip
server: nginx/1.16.1
age: 201505
etag: W/"60257011-16245"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b03.cloudfront.net (CloudFront)
cache-control: max-age=259200
x-amz-cf-pop: FRA2-C1
x-robots-tag: noindex, nofollow
content-length: 18815
x-amz-cf-id: HZnXMcPjvconEUGvZ4uhNcYAl5-flZRCasa1Jo-iUuVGqJjfT2ygXA==
expires: Mon, 19 Apr 2021 10:25:05 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 17ms
16ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j89&a=1039767470&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fscitech%2Ftechnology%2F283585%2Fwarning-out-vs-new-cross-platform-malware%2Fstory%2F&dp=%2Fnews%2Fscitech%2Ftechnology%2F283585%2Fwarning-out-vs-new-cross-platform-malware%2Fstory%2F&ul=en-us&de=UTF-8&dt=Warning%20out%20vs%20new%20cross-platform%20malware%20%7C%20SciTech%20%7C%20&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAUABAAAAAC~&jid=90581684&gjid=168007376&cid=662868343.1618770210&tid=UA-242242-2&_gid=1748593220.1618770211&_r=1&cd6=&cd8=Technology%2C%20Gadgets%20and%20Gaming&cd9=Technology&cd10=&cd11=November%2023%2C%202012&cd12=cybersecurity%2C%20Internet%2C%20malware%2C%20trendmicro&gtm=2ou472&z=657425890

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 18 Apr 2021 18:23:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gmanetwork.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 learn
ph-gmtdmp.mookie1.com/t/v2/ 43 B
608 B 344ms
272ms Image
image/gif 35.227.202.26
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ph-gmtdmp.mookie1.com/t/v2/learn?tagid=V2_153300&src.domain=www.gmanetwork.com&src.url=%252Fnews%252Fscitech%252Ftechnology%252F283585%252Fwarning-out-vs-new-cross-platform-malware%252Fstory%252F&src.id=GMA&src.rand=7604913372
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.202.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 26.202.227.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Apr 2021 18:23:31 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 OqOE21UvWe3.png
static.xx.fbcdn.net/rsrc.php/v3/y5/r/ Frame 3B5D 400 B
643 B 8ms
6ms Image
image/png 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y5/r/OqOE21UvWe3.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v2.5/plugins/like.php?action=like&app_id=255951164473730&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df749897d06ca2%26domain%3Dwww.gmanetwork.com%26origin%3Dhttps%253A%252F%252Fwww.gmanetwork.com%252Ff1275bb104bc25%26relation%3Dparent.parent&container_width=734&href=https%3A%2F%2Fwww.facebook.com%2FGMANews&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=large&width=720

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: WYmiIDTmjlQg8mhp/sNR2V34SjOBWaDHIQhWiwPRjrHn525NbtLRSw/uk7n12GpMu8z2qRGJ10oy7He5V92HOQ==
x-fb-trip-id: 917726464
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: uF0RL4E+h23ClLQmPOTTMw==
date: Sun, 18 Apr 2021 18:23:30 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 400
x-fb-rlafr: 0
expires: Fri, 08 Apr 2022 21:17:01 GMT

GET
H2 200 18_Jf4ZwCu4.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yl/l/en_US/ Frame 3B5D 481 KB
125 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yl/l/en_US/18_Jf4ZwCu4.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dc5ddc93ea153c05202bb974dbd591cf30ce83474d1d24aa30d5740e20955c8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:30 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: CtARvuHzcGTLtMIE4muLag==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 127361
x-fb-rlafr: 0
x-fb-debug: RevKejTtJryWvZmRCS+X3TluIBKn+G6z6mBCNOyFDjEjIfMjLpsE23watkMJH3W16zogTLJJSy2aMWW+7gFaig==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 16 Apr 2022 18:20:13 GMT

GET
H2 200 portal-v2.html Show response
c.sharethis.mgr.consensu.org/ Frame 9E77 2 KB
1 KB 48ms
7ms Document
text/html 2600:9000:206f:f000:c:a9b7:ddc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.sharethis.mgr.consensu.org/portal-v2.html
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/buttons.js?_=1618770208768
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:f000:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ac84513c4c5ea7e4458e91c46e33ba71b56e19fabf93cc079ffcb01a975c2e3d

Request headers

:method: GET
:authority: c.sharethis.mgr.consensu.org
:scheme: https
:path: /portal-v2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gmanetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gmanetwork.com/

Response headers

content-type: text/html; charset=utf-8
content-encoding: gzip
date: Sun, 18 Apr 2021 18:00:14 GMT
cache-control: max-age=3600, public
etag: W/"83a-K1Ex0xzH2LCxSyRnDnyZEg18N68"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: e-QQfVdZsLFtAG8ytBENfKDcLEXFvJtmPwxW_pVlK_MkhsyjAQB9Nw==
age: 1397

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
91 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-242242-2&cid=662868343.1618770210&jid=90581684&gjid=168007376&_gid=1748593220.1618770211&_u=IADAAUAAAAAAAC~&z=1681833174

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 18 Apr 2021 18:23:30 GMT
content-type: text/plain
access-control-allow-origin: https://www.gmanetwork.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 buttons-secure.css
ws.sharethis.com/button/css/ 23 KB
4 KB 13ms
13ms Stylesheet
text/css 2600:9000:20eb:8600:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sharethis.com/button/css/buttons-secure.css
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:8600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:08:22 GMT
content-encoding: gzip
last-modified: Thu, 11 Feb 2021 17:57:38 GMT
server: nginx/1.16.1
age: 909
etag: W/"60257012-5a76"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b03.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-robots-tag: noindex, nofollow
content-length: 3851
x-amz-cf-id: qa3FRkIrmiDPbN8vy4vf_bUmr-hsWgIOyCa_rhETpHK1I2Roc8P6rQ==

GET
H/1.1 200
OK get_counts Show response
count-server.sharethis.com/v2.0/ 170 B
416 B 428ms
120ms Script
text/javascript 35.174.194.37
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://count-server.sharethis.com/v2.0/get_counts?url=http%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fstory%2F283585%2Fscitechtechnology%2Fwarning-out-vs-new-cross-platform-malware%2F&cb=stButtons.processCB&wd=true
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.174.194.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-174-194-37.compute-1.amazonaws.com
Software: / Express
Resource Hash: 315e2608344f1191438f99ce959acb85e21594cacaa05030166f09ac4543ab09

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Apr 2021 18:23:31 GMT
Cache-Control: public, max-age=900
ETag: b67a313eb21faf5cb1c8069803f4b046
Connection: keep-alive
X-Powered-By: Express
Content-Length: 170
Content-Type: text/javascript; charset=utf-8

GET
H2 200 main.js Show response
60a6ae725fca.bitsngo.net/content/4.0/js/ 78 KB
25 KB 13ms
9ms Script
application/x-javascript 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net/content/4.0/js/main.js?v=4.0.v20210412065811.73000
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=84092033&_=1618770208763
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F14) / ASP.NET
Resource Hash: aa643aca8d5fa444b863a9ddb8ab5b4451637ee4cab23b668455e2ad4530b02a

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:31 GMT
content-encoding: gzip
etag: "0b668736a2fd71:0"
last-modified: Mon, 12 Apr 2021 07:07:08 GMT
server: ECAcc (frc/8F14)
age: 557593
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 25517

GET
H/1.1 200
OK bugsnag.min.js Show response
d2wy8f7a9ursnm.cloudfront.net/v6/ 40 KB
13 KB 120ms
42ms Script
application/javascript 143.204.237.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2wy8f7a9ursnm.cloudfront.net/v6/bugsnag.min.js
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js?dynamic=1&_=1618770208767
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.237.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-64.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4ee4197ae3e7bac4347e8443d7e264781c7d154e24d27da0eec14b9d4bfc1d61

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 01 Mar 2021 18:06:24 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Wed, 05 Feb 2020 15:23:02 GMT
Server: AmazonS3
Age: 4148228
ETag: W/"e63788b8657ac52b3cdbb970e551c2a4"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript; charset=UTF-8
Via: 1.1 551f31cb488dd469e1bc714539d352b3.cloudfront.net (CloudFront)
Cache-Control: public, max-age=315360000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: CPH50-C1
X-Amz-Cf-Id: a4h3qyV_Evy5g4sOfpheoIDgcVmSLPRi1Hp2-dkQv8tAlDmpd-k4Aw==

POST
H/1.1 201
Created messages Show response
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ 0
313 B 111ms
110ms XHR
application/xml 40.79.44.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages

Requested by

Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sourcesenderId: 3
Authorization: SharedAccessSignature sr=http%3A%2F%2Fprod-sb-appanalytics-us1.servicebus.windows.net%2F&sig=%2B66qIPIfse%2Fw8t%2FMjP2JX81YcoOwKEgAFleqxLzh8Yc%3D&se=1618771172&skn=all
Content-Type: application/atom+xml;type=entry;charset=UTF-8
Accept: */*
action: TopSearchesPath-not-found-on-page
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
clientId: "84092033"

Response headers

Access-Control-Allow-Origin: https://www.gmanetwork.com
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Credentials: true
Server: Microsoft-HTTPAPI/2.0
Date: Sun, 18 Apr 2021 18:23:30 GMT
Transfer-Encoding: chunked
Content-Type: application/xml; charset=utf-8

OPTIONS
H/1.1 200
OK messages
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ Frame 0
0 262ms
102ms Preflight 40.79.44.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages

Protocol

HTTP/1.1

Server

40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: action,authorization,clientid,content-type,sourcesenderid
Origin: https://www.gmanetwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Length: 0
Server: Microsoft-HTTPAPI/2.0
Access-Control-Allow-Origin: https://www.gmanetwork.com
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: POST
Access-Control-Allow-Headers: action,authorization,clientid,content-type,sourcesenderid
Strict-Transport-Security: max-age=31536000
Date: Sun, 18 Apr 2021 18:23:30 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 31ms
31ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-242242-2&cid=662868343.1618770210&jid=90581684&_u=IADAAUAAAAAAAC~&z=1590253153

Requested by

Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Apr 2021 18:23:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 30ms
30ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-242242-2&cid=662868343.1618770210&jid=90581684&_u=IADAAUAAAAAAAC~&z=1590253153

Requested by

Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Apr 2021 18:23:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 cavalry_endpoint.php
www.facebook.com/common/ Frame 3B5D 67 B
97 B 46ms
41ms Image
image/png 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1618770210969&t_start=1618770210969&t_domcontent=1618770210991&t_layout=1618770211100&t_onload=1618770211100&t_paint=1618770211100&t_creport=1618770211100&t_tti=1618770210991&lid=6952565111752893072-0

Requested by

Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com data: blob: 'self';script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: attachment.fbsbx.com blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v2.5/plugins/like.php?action=like&app_id=255951164473730&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df749897d06ca2%26domain%3Dwww.gmanetwork.com%26origin%3Dhttps%253A%252F%252Fwww.gmanetwork.com%252Ff1275bb104bc25%26relation%3Dparent.parent&container_width=734&href=https%3A%2F%2Fwww.facebook.com%2FGMANews&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=large&width=720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: br
x-content-type-options: nosniff
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: mu9fyNqsytuG5AnHaVzRzz/9nhLHoviC4hvr6qBIGdiYp/6TWWBXVy6J0iYY/bLDs6xi/51f28Ufna/YiJZYKg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 18 Apr 2021 18:23:31 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/png
vary: Accept-Encoding
cache-control: private, no-store, no-cache, must-revalidate
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 trinity-injector-script.js Show response
vd.trinitymedia.ai/trinity-player/tts-player/20210416_36c76a966e6901ff7f161a943dc6dcb19643b0af/ 301 KB
47 KB 112ms
50ms Script
application/javascript 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20210416_36c76a966e6901ff7f161a943dc6dcb19643b0af/trinity-injector-script.js
Requested by: Host: trinitymedia.ai
URL: https://trinitymedia.ai/player/trinity/2900001771/?pageURL=$$PAGE_URL$$&GDPR=$$GDPR_MACRO$$&GDPR_CONSENT=$$GDPR_CONSENT_MACRO$$&textSelector=I3N0b3J5MSAuc3RvcnlfdGl0bGUgLnN0b3J5X2xpbmtzLCAjc3RvcnkxIC5zdG9yeV9tYWlu
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: AmazonS3 /
Resource Hash: aa0a4e5cd6b2bb419f6c5b9f684618c1ba399686eda1b5ef8c66ad13c1b2891b

Request headers

Origin: https://www.gmanetwork.com
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:31 GMT
content-encoding: gzip
last-modified: Fri, 16 Apr 2021 08:56:49 GMT
server: AmazonS3
x-amz-request-id: B4A6B9362AZP80N0
etag: "ed65f5789e7a2c2b778f065372f5ef79"
x-hw: 1618770211.dop007.lo4.t,1618770211.cds203.lo4.hn,1618770211.cds070.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 48031
x-amz-id-2: ZAI/AfOyfQIgGP4sbIQYQlBaSSguUudXa+tu7xzEJtICbVBTmMZi8UN8/IalbhagGvVUL2x6kZs=

GET
H3-29 200 zone.min.js Show response
cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/ 43 KB
13 KB 12ms
12ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js

Requested by

Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=84092033&_=1618770208763

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

937fdab3409538bd4f6164b79c2caf886f7bb6170fcc37d9bb2fa3c9c010940f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2074284
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12870
cf-request-id: 0987d2494d00000601f6b15000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:18:12 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04044-ac73"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ozIe%2FE6o0Z7xnWCAHFJlxk09TbSJAcSSzWxhO16AUxuqZRBRRIG3i7lA3vuAVVLPACLolYZAYhYmXKDZOKrsHix0nUttelob1n2jvqMGf3z%2FQl1%2FLL3zVOJQBnb1W3ep7w%3D%3D"}],"group":"cf-nel"}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 641fecbbaa100601-FRA
expires: Fri, 08 Apr 2022 18:23:31 GMT

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
340 B 96ms
23ms XHR
text/plain 52.29.155.194
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1618770210896.40720&hostname=www.gmanetwork.com&location=%2Fnews%2Fscitech%2Ftechnology%2F283585%2Fwarning-out-vs-new-cross-platform-malware%2Fstory%2F&product=widget&fcmp=false&fcmpv2=false&publisher=2fe2f580-75f9-45bd-ad56-972d8c36a727&bsamesite=true&consent_cookie_duration=251&consent_duration=251&gdpr_domain=.consensu.org&gdpr_method=cookie&url=http%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fstory%2F283585%2Fscitechtechnology%2Fwarning-out-vs-new-cross-platform-malware%2F&title=Warning%20out%20vs%20new%20cross-platform%20malware&sop=false&description=Security%20vendors%20warned%20computer%20users%20over%20the%20weekend%20against%20a%20new%20malware%20that%20can%20potentially%20affect%20various%20platforms%20that%20support%20Java.
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/buttons.js?_=1618770208768
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.155.194 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Apr 2021 18:23:31 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://www.gmanetwork.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H/1.1 204
No Content pview
l.sharethis.com/ 0
315 B 29ms
24ms Image
text/plain 52.29.155.194
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1618770210896.40720&hostname=www.gmanetwork.com&location=%2Fnews%2Fscitech%2Ftechnology%2F283585%2Fwarning-out-vs-new-cross-platform-malware%2Fstory%2F&product=widget&fcmp=false&fcmpv2=false&publisher=2fe2f580-75f9-45bd-ad56-972d8c36a727&bsamesite=true&consent_cookie_duration=251&consent_duration=251&gdpr_domain=.consensu.org&gdpr_method=cookie&url=http%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fstory%2F283585%2Fscitechtechnology%2Fwarning-out-vs-new-cross-platform-malware%2F&title=Warning%20out%20vs%20new%20cross-platform%20malware&sop=false&description=Security%20vendors%20warned%20computer%20users%20over%20the%20weekend%20against%20a%20new%20malware%20that%20can%20potentially%20affect%20various%20platforms%20that%20support%20Java.&gdpr_domain=.consensu.org&gdpr_method=cookie&description=Security%20vendors%20warned%20computer%20users%20over%20the%20weekend%20against%20a%20new%20malware%20that%20can%20potentially%20affect%20various%20platforms%20that%20support%20Java.&img_pview=true
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.155.194 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Apr 2021 18:23:31 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

POST
H2 200 collect
depart.trinitymedia.ai/api/ 0
0 86ms
23ms Fetch 18.194.64.207
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://depart.trinitymedia.ai/api/collect?t=audio
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.64.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 18 Apr 2021 18:23:31 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization
content-length: 0
access-control-allow-methods: GET, POST, OPTIONS

GET
H/1.1 200
OK 283585.json Show response
related.gmanews.tv/12/585/ 1 KB
1 KB 459ms
458ms XHR
application/json 13.224.119.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://related.gmanews.tv/12/585/283585.json
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.119.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-119-12.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a88306a37d83f5fd13b12c48be8c5fe64207f2c3da7ae881cffc022b2b9747dc

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Apr 2021 18:23:32 GMT
Content-Encoding: gzip
Vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
X-Amz-Cf-Pop: MAD50-C1
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Fri, 12 Feb 2016 09:30:10 GMT
Server: AmazonS3
ETag: W/"d92fa2abedf43330ac663c79f3ef8b8b"
Access-Control-Max-Age: 1200
Access-Control-Allow-Methods: GET
Content-Type: application/json
Via: 1.1 e5774f09cc2ae0875c0445786827ad1b.cloudfront.net (CloudFront)
X-Amz-Cf-Id: WwBDqijgW-E5lgulakpnCedC5uqI2bHEMC0HBd_Sp6WF6Pq_BnzxLQ==

POST
H2 200 audio.php Show response
trinitymedia.ai/player/ Frame B430 15 KB
8 KB 153ms
152ms Document
text/html 52.200.218.179
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trinitymedia.ai/player/audio.php?pageURL=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fscitech%2Ftechnology%2F283585%2Fwarning-out-vs-new-cross-platform-malware%2Fstory%2F&GDPR=%24%24GDPR_MACRO%24%24&GDPR_CONSENT=%24%24GDPR_CONSENT_MACRO%24%24&textSelector=I3N0b3J5MSAuc3RvcnlfdGl0bGUgLnN0b3J5X2xpbmtzLCAjc3RvcnkxIC5zdG9yeV9tYWlu&sCampaignID=2900001771&FAB=true&backgroundColor=rgb%28255%2C+255%2C+255%29&playerId=ceeca9954a2777ad72bb18bba6143c92&isLegacyBrowser=false&version=20210416_36c76a966e6901ff7f161a943dc6dcb19643b0af&useCFCDN=0&ts=1618770211103&tsServer=1618770210985&FABOnly=0
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.200.218.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-200-218-179.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 90bd413bb57450eb35ec9196a1683fb0b8496498226a58c589fda16a61da972b

Request headers

:method: POST
:authority: trinitymedia.ai
:scheme: https
:path: /player/audio.php?pageURL=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fscitech%2Ftechnology%2F283585%2Fwarning-out-vs-new-cross-platform-malware%2Fstory%2F&GDPR=%24%24GDPR_MACRO%24%24&GDPR_CONSENT=%24%24GDPR_CONSENT_MACRO%24%24&textSelector=I3N0b3J5MSAuc3RvcnlfdGl0bGUgLnN0b3J5X2xpbmtzLCAjc3RvcnkxIC5zdG9yeV9tYWlu&sCampaignID=2900001771&FAB=true&backgroundColor=rgb%28255%2C+255%2C+255%29&playerId=ceeca9954a2777ad72bb18bba6143c92&isLegacyBrowser=false&version=20210416_36c76a966e6901ff7f161a943dc6dcb19643b0af&useCFCDN=0&ts=1618770211103&tsServer=1618770210985&FABOnly=0
content-length: 3257
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://www.gmanetwork.com
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gmanetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: AWSALBCORS=bTNXInER4lW7yvPiPKwO6O/BOpFwrhWLujDT3DvzJ4CG/0m8ugth0QrVuvagfWMh33S2ijpAtXq6ARPIWRRlfWUfEfHtLUmvAFUoxH1T/7NuQxk05WOI/sV3hBCi
Upgrade-Insecure-Requests: 1
Origin: https://www.gmanetwork.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gmanetwork.com/

Response headers

date: Sun, 18 Apr 2021 18:23:31 GMT
content-type: text/html; charset=UTF-8
content-length: 7393
set-cookie: AWSALB=zpyDISz2zrCI++dxGKbH3Ip8gPmqU/hlrZEWOZz1RxT2+Taaepo8SNU4dDEhgg2Z/d14MzFnjY0tVNUMb4M07T9L9LFjNt5JNoiV7eZudwkdNkOoBdKBiLQlXDVM; Expires=Sun, 25 Apr 2021 18:23:31 GMT; Path=/ AWSALBCORS=zpyDISz2zrCI++dxGKbH3Ip8gPmqU/hlrZEWOZz1RxT2+Taaepo8SNU4dDEhgg2Z/d14MzFnjY0tVNUMb4M07T9L9LFjNt5JNoiV7eZudwkdNkOoBdKBiLQlXDVM; Expires=Sun, 25 Apr 2021 18:23:31 GMT; Path=/; SameSite=None; Secure AUID=0028b280-6996-4715-9dc9-c144660c1229; expires=Mon, 18-Apr-2022 18:23:31 GMT; Max-Age=31536000; path=/; domain=trinitymedia.ai; secure; SameSite=None
server: Apache
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *

GET
H2 200 bubble_arrow_below.png
ws.sharethis.com/secure/images/ 969 B
1 KB 12ms
11ms Image
image/png 2600:9000:20eb:8600:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws.sharethis.com/secure/images/bubble_arrow_below.png
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/css/buttons-secure.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:8600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 10ad65fee3c7f0fc6a2122915ac606daf88347db9f6173aa67e3457598665677

Request headers

Referer: https://ws.sharethis.com/button/css/buttons-secure.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 19:07:06 GMT
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b03.cloudfront.net (CloudFront)
server: nginx/1.16.1
age: 5699785
etag: "60257011-3c9"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 969
x-amz-cf-id: IImhT9bJJPXMGYjVofskzJVkG3GxQ1m3tJn90bLFw6vF4D81jhxXHg==
expires: Fri, 11 Feb 2022 19:07:06 GMT

GET
H2 200 trinity-player.js Show response
vd.trinitymedia.ai/trinity-player/tts-player/20210416_36c76a966e6901ff7f161a943dc6dcb19643b0af/ Frame B430 1 MB
230 KB 25ms
23ms Script
application/javascript 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20210416_36c76a966e6901ff7f161a943dc6dcb19643b0af/trinity-player.js
Requested by: Host: trinitymedia.ai
URL: https://trinitymedia.ai/player/audio.php?pageURL=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fscitech%2Ftechnology%2F283585%2Fwarning-out-vs-new-cross-platform-malware%2Fstory%2F&GDPR=%24%24GDPR_MACRO%24%24&GDPR_CONSENT=%24%24GDPR_CONSENT_MACRO%24%24&textSelector=I3N0b3J5MSAuc3RvcnlfdGl0bGUgLnN0b3J5X2xpbmtzLCAjc3RvcnkxIC5zdG9yeV9tYWlu&sCampaignID=2900001771&FAB=true&backgroundColor=rgb%28255%2C+255%2C+255%29&playerId=ceeca9954a2777ad72bb18bba6143c92&isLegacyBrowser=false&version=20210416_36c76a966e6901ff7f161a943dc6dcb19643b0af&useCFCDN=0&ts=1618770211103&tsServer=1618770210985&FABOnly=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: AmazonS3 /
Resource Hash: 52b7e013c9078751b11b900c2a2f30fd576a77b108e9453b699b1aa447bfb760

Request headers

Origin: https://trinitymedia.ai
Referer: https://trinitymedia.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:31 GMT
content-encoding: gzip
last-modified: Fri, 16 Apr 2021 08:56:49 GMT
server: AmazonS3
x-amz-request-id: XEKE2RS3VKE88D34
etag: "f51fdc9beeb56e563bf1bc0a89a19413"
x-hw: 1618770211.dop007.lo4.t,1618770211.cds203.lo4.hn,1618770211.cds001.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 235660
x-amz-id-2: k8YY4eKcbheCE07r3LBNLPi9BqYoVFanHAczk9Sx6CJJWpWn9MaNh4U4eQZ2p3iRtUP9K8633QE=

POST
H2 200 collect
depart.trinitymedia.ai/api/ Frame B430 0
0 24ms
24ms Fetch 18.194.64.207
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://depart.trinitymedia.ai/api/collect?t=audio
Requested by: Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20210416_36c76a966e6901ff7f161a943dc6dcb19643b0af/trinity-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.64.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://trinitymedia.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 18 Apr 2021 18:23:31 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization
content-length: 0
access-control-allow-methods: GET, POST, OPTIONS

POST
H2 200 collect
depart.trinitymedia.ai/api/ Frame B430 0
0 23ms
23ms Fetch 18.194.64.207
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://depart.trinitymedia.ai/api/collect?t=audio
Requested by: Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20210416_36c76a966e6901ff7f161a943dc6dcb19643b0af/trinity-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.64.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://trinitymedia.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 18 Apr 2021 18:23:31 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization
content-length: 0
access-control-allow-methods: GET, POST, OPTIONS

GET
H3-29 200 like.php Show response
www.facebook.com/v2.5/plugins/ Frame 66DB 35 KB
13 KB 71ms
71ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.5/plugins/like.php?action=like&app_id=255951164473730&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df220f26011bbfa%26domain%3Dwww.gmanetwork.com%26origin%3Dhttps%253A%252F%252Fwww.gmanetwork.com%252Ff1275bb104bc25%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2FGMANews&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=large&width=720

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=f60a4c959acd4984da9de9bd284b3bbd&ua=modern_es6

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6970bff311f63d1ff36884f8689317414cf0628bdb05e4df7f0e58f921fc3c80

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v2.5/plugins/like.php?action=like&app_id=255951164473730&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df220f26011bbfa%26domain%3Dwww.gmanetwork.com%26origin%3Dhttps%253A%252F%252Fwww.gmanetwork.com%252Ff1275bb104bc25%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2FGMANews&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=large&width=720
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gmanetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: fr=0UT2w7KhbShq23CZ7..BgfHki...1.0.BgfHki.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gmanetwork.com/

Response headers

x-fb-rlafr: 0
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-xss-protection: 0
content-encoding: br
strict-transport-security: max-age=15552000; preload
facebook-api-version: v3.2
x-content-type-options: nosniff
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}
vary: Accept-Encoding
pragma: no-cache
content-type: text/html; charset="utf-8"
x-fb-debug: rYxtU5KhAfaTdwCVNp1rzwpZg/9zcWloH6xppQoQIY9HeRxGyeIK2DSun2Dlabp9U0BD44HzWWVe79qH8t+mIQ==
date: Sun, 18 Apr 2021 18:23:31 GMT
priority: u=3,i
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 28ms
28ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021041301&st=env

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f2669b1d44978dd1cfafdc27cc4f473172c50a689ca722b55e0d6ddf7e9daf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 18 Apr 2021 18:23:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7086
x-xss-protection: 0

GET
H2 200 deliveraw.nmi Show response
ads.allaccess.com.ph/ 0
0 184ms
184ms Script
text/plain 175.41.191.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.allaccess.com.ph/deliveraw.nmi?zoneid=8070&sid=0012&_=1618770208771
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/scitech/technology/283585/warning-out-vs-new-cross-platform-malware/story/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 175.41.191.212 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-175-41-191-212.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 92ms
92ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&kq=1&lo=0&qs=1&ak=-&i=GMANMI_CONTENT1&ud=false&qm=-120&qn=6OZw%3DoHB%2CEF%3FKC1I%3Cq.bWoCSV2W0Su*TDXlCfX2iR2%25(GyHN%3DI(%2C%3Ba15lK1t!9ZpAH..4iwM%25z4mc4djG%3D_11%5Dz(m3%7CuK9~P%5DDohjO%7BcEKHD%40%404KrD(KA.E%24C%23I%3BC%2FVKw(%24Y4%5D%2B)%60K%3A%3A%2FAwJ_%5B%259%5BHhUKF%5Eh%3B%3BG%24%2509QAk%7Ci%3E3%24.ekO2m%2F%26u~q%60RP%3CG.FT0J%5D%5B(v%7CQM%3CJ.Vo!Ge%23D3lBuoytIDNmGupI%5B%5B%26u5k72kF0beMQ2%26(rX%3BU4%22s%40_Qx!%40D4%2BFTJKZ%5ESCeSztOJ5p6CGuk%3Fy6lAet66%3CBl%3F%24b%3AameaUc%5EKu%3BUDXp%2B3W%60R2zp%2FTjqU%7B(8fYqbB%7B0%60%23ym7D%5DD7gwb%5DG8F%25uHb%5DQ%22_5.eaL57IM%3C%7D)XLKX2fc%2Cie8!iwGFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.yB%3AU!%2FpwvWUuaU%24(9N%2CNJJ)%2CW%2FKo7FY&qp=00000&qq=000000000000&qr=0&gz=0&hh=0&hn=0&qt=0&bq=0&g=1&vc=2&pl=1&zMoatIS=1&zMoatISOrder=0&j=&pc=0&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&md=0&mc=0&lb=4705&la=0&ld=0&lc=0&cw=-1&cx=-1&sh=undefined&xa=0&xb=0&xc=0&h=4&w=4&dnt=0&fy=268.8125&gp=279&gu=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fscitech%2Ftechnology%2F283585%2Fwarning-out-vs-new-cross-platform-malware%2Fstory%2F&f=0&o=3&t=1618770209560&de=849546460232&cu=1618770209870&m=2404&ar=e687a89-clean&cb=0&ll=2&ln=0&gh=1&qa=1600&qb=1200&qi=1600&qj=1200&qf=1600&qe=1200&qh=1600&qg=1200&lk=279&le=1&gm=1&io=1&ch=0&as=1&ag=1361&an=0&gf=0&gg=0&ez=1&ck=1361&kw=1273&aj=1&pg=55&pf=0&ib=0&cc=1&bw=1361&bx=0&undefined=1&ci=1361&jz=1273&dj=1&aa=1&ad=1054&cn=0&gk=0&gl=0&co=1054&cp=1273&cq=1&em=0&en=0&bu=1273&cd=1&ah=1273&am=1&re=0&wb=1&cl=0&at=0&d=www.gmanetwork.com%2Fnews%3AWarning%20out%20vs%20new%20cross-platform%20malware%3A__page__%3A-&gw=gmanmicontent461752070830&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&fs=99042&na=1475793511&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Apr 2021 18:23:32 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 18 Apr 2021 18:23:32 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sun, 18 Apr 2021 18:23:31 GMT

POST
H2 200 collect
depart.trinitymedia.ai/api/ Frame B430 0
0 24ms
24ms Fetch 18.194.64.207
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://depart.trinitymedia.ai/api/collect?t=audio
Requested by: Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20210416_36c76a966e6901ff7f161a943dc6dcb19643b0af/trinity-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.64.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://trinitymedia.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 18 Apr 2021 18:23:31 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization
content-length: 0
access-control-allow-methods: GET, POST, OPTIONS

POST
H3-29 200 collect
www.google-analytics.com/ Frame B430 35 B
55 B 15ms
15ms Ping
image/gif 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20210416_36c76a966e6901ff7f161a943dc6dcb19643b0af/trinity-player.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://trinitymedia.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 18 Apr 2021 18:23:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://trinitymedia.ai
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 0065 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gmanetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sun, 18 Apr 2021 18:11:38 GMT
expires: Mon, 18 Apr 2022 18:11:38 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 713
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 OqOE21UvWe3.png
static.xx.fbcdn.net/rsrc.php/v3/y5/r/ Frame 66DB 400 B
450 B 6ms
6ms Image
image/png 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y5/r/OqOE21UvWe3.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v2.5/plugins/like.php?action=like&app_id=255951164473730&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df220f26011bbfa%26domain%3Dwww.gmanetwork.com%26origin%3Dhttps%253A%252F%252Fwww.gmanetwork.com%252Ff1275bb104bc25%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2FGMANews&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=large&width=720

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: WYmiIDTmjlQg8mhp/sNR2V34SjOBWaDHIQhWiwPRjrHn525NbtLRSw/uk7n12GpMu8z2qRGJ10oy7He5V92HOQ==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: uF0RL4E+h23ClLQmPOTTMw==
date: Sun, 18 Apr 2021 18:23:32 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
content-length: 400
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
x-fb-rlafr: 0
expires: Fri, 08 Apr 2022 21:17:01 GMT

GET
H3-29 200 18_Jf4ZwCu4.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yl/l/en_US/ Frame 66DB 481 KB
124 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yl/l/en_US/18_Jf4ZwCu4.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v2.5/plugins/like.php?action=like&app_id=255951164473730&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df220f26011bbfa%26domain%3Dwww.gmanetwork.com%26origin%3Dhttps%253A%252F%252Fwww.gmanetwork.com%252Ff1275bb104bc25%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2FGMANews&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=large&width=720

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dc5ddc93ea153c05202bb974dbd591cf30ce83474d1d24aa30d5740e20955c8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:23:32 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: CtARvuHzcGTLtMIE4muLag==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 127361
x-fb-rlafr: 0
x-fb-debug: RevKejTtJryWvZmRCS+X3TluIBKn+G6z6mBCNOyFDjEjIfMjLpsE23watkMJH3W16zogTLJJSy2aMWW+7gFaig==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 16 Apr 2022 18:20:13 GMT

GET
H3-29 200 aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js Show response
pagead2.googlesyndication.com/bg/ Frame 0065 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

693a39255f808f38ae64d4daf12a78de32d51bca970b01fb398534e81fb641b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 15:49:30 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 9242
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5682
x-xss-protection: 0
expires: Mon, 18 Apr 2022 15:49:30 GMT

GET
H3-29 200 cavalry_endpoint.php
www.facebook.com/common/ Frame 66DB 67 B
97 B 40ms
40ms Image
image/png 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1618770212001&t_start=1618770212001&t_domcontent=1618770212006&t_layout=1618770212049&t_onload=1618770212049&t_paint=1618770212049&t_creport=1618770212049&t_tti=1618770212006&lid=6952565117529280730-0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com data: blob: 'self';script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: attachment.fbsbx.com blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v2.5/plugins/like.php?action=like&app_id=255951164473730&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df220f26011bbfa%26domain%3Dwww.gmanetwork.com%26origin%3Dhttps%253A%252F%252Fwww.gmanetwork.com%252Ff1275bb104bc25%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2FGMANews&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=large&width=720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: br
x-content-type-options: nosniff
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: bDupbJw0mEHrQIE7SCaH23xOr03t+MWQsbTtrP1Ne4kNJDK3/0Uu3D3MGIjgnCcTb9fs59mgWzoA+Tj8tU+4JA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 18 Apr 2021 18:23:32 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/png
vary: Accept-Encoding
cache-control: private, no-store, no-cache, must-revalidate
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

results.txt Show response
xhkkxwaccbvzqyd4pesa-p7f81n-2d3f08604-clientnsv4-s.akamaihd.net/eum/ Frame 468B
Redirect Chain

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=p7f81nfwy
https://xhkkxwaccbvzqyd4pesa-p7f81n-2d3f08604-clientnsv4-s.akamaihd.net/eum/results.txt

8 B
312 B

179ms
22ms

XHR
text/plain

184.86.251.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://xhkkxwaccbvzqyd4pesa-p7f81n-2d3f08604-clientnsv4-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 184.86.251.212 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-251-212.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Apr 2021 18:23:32 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://xhkkxwaccbvzqyd4pesa-p7f81n-2d3f08604-clientnsv4-s.akamaihd.net/eum/results.txt
Date: Sun, 18 Apr 2021 18:23:32 GMT
Server: AkamaiGHost
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 0

GET
H/1.1

200
OK

results.txt Show response
fiaqj6absjkbikqce3ygyaaaabqhy6je-p7f81n-f530fde3d-clienttons-s.akamaihd.net/eum/ Frame 468B
Redirect Chain

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=p7f81nfwy
https://fiaqj6absjkbikqce3ygyaaaabqhy6je-p7f81n-f530fde3d-clienttons-s.akamaihd.net/eum/results.txt

8 B
312 B

138ms
6ms

XHR
text/plain

2a02:26f0:6c00::210:ba33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://fiaqj6absjkbikqce3ygyaaaabqhy6je-p7f81n-f530fde3d-clienttons-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:6c00::210:ba33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Apr 2021 18:23:32 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://fiaqj6absjkbikqce3ygyaaaabqhy6je-p7f81n-f530fde3d-clienttons-s.akamaihd.net/eum/results.txt
Date: Sun, 18 Apr 2021 18:23:32 GMT
Server: AkamaiGHost
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 0

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 16ms
15ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021041301&jk=963482835637193&bg=!bW6lbirNAAZUuIlwVLg7ACkAdvg8WsK-ovRybXKVbsWjRKsqOiZ5U5eQDdz7Xy0qpuG6jyzKXbqrdgIAAACXUgAAABBoAQcKABIOScEAEw64P5VufBjCdIbEbXKZAinT8l1bLZrqJ72ZhHihK8dXL0i6w7XIKE18d_BdIlbZAqFh-VYnoHV-nET37pR_Bws94ZfffSyGXsm8clCngtzheVyhkSJzH0iCg9RdO-XI_tjCHt1ZbrQD5O-iCrpF8x74Xxlzp1YSFAmhNbjCrIFREYehQOT6XHj_E0ExBV1pVk-3pwhgRjnM-Oh-uAELUt1H6khHxLcu3A-k2OqfEmFCfK451c3LW1n2pvMxfz8h-U9VGRGv0dfKgcyTeQf0O4H7eI4vpeDKoGTT6eOz1w7J0aC3C4J4_ZZ1QfVyyk2Kw5KYP4pZX6MPUK7IlRoJv38p8FGhlxgLOx28Kj9B8NlIYn-t74P7FYxs362MLi4xKRFdcqHBs7YuBzqri_6RWYbJsloFyqiTESF7tmZZMvnCmcKXRAP6fSgSOE7ZrQomESiU0Ahw9rqCy6zsqubeRytH3Z_StiFw97ao_cIotrphIBw7yit48afgx7geJUZzn6-IVWR9vq2E2dzN7Z7WbxXnN3fgq7Jlsyoni6WttEQ9PDYItr-BV5y54uVv77yZY-HZn_gjxVJexU0rwBYz0Wwfen-7NTy9CkVV92uWRBYmPLyZxilFRDxrTsQ6pP51k1DagvF5SWklBASxNnW4433Ls98plE5cMO6wYdAApijFyDhvZ_fXnFdAZ30ALmB7arBzkHj76zZw1wGYur9-Ixj64EDIr77vIKeZQxX8nzH2OoxAABiJh3xQ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Apr 2021 18:23:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 /
684dd30b.akstat.io/ 0
205 B 90ms
83ms Ping
image/gif 2a02:26f0:7100:199::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://684dd30b.akstat.io/

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/FG65A-Y848M-3TACG-B2LGY-Y72BW

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:7100:199::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sun, 18 Apr 2021 18:23:32 GMT
content-type: image/gif
access-control-allow-origin: https://www.gmanetwork.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 0
expires: Sun, 18 Apr 2021 18:23:32 GMT

GET
H2 200 index.html Show response
ws.sharethis.com/secure/ Frame CEF0 7 KB
2 KB 8ms
7ms Document
text/html 2600:9000:20eb:8600:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sharethis.com/secure/index.html
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:8600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 3917548928197150addc288f30af88f2ab034ab333aea4b5d99ae97465563720

Request headers

:method: GET
:authority: ws.sharethis.com
:scheme: https
:path: /secure/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gmanetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gmanetwork.com/

Response headers

content-type: text/html
content-length: 2089
content-encoding: gzip
last-modified: Thu, 11 Feb 2021 17:57:38 GMT
server: nginx/1.16.1
x-robots-tag: noindex, nofollow
date: Sun, 18 Apr 2021 17:46:53 GMT
etag: W/"60257012-1ade"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b03.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: pIdaE39U5WhCrEI2APE55MTNDPiBGtI7hAK3kIhkQgDN1dZXd_0JsA==
age: 2199

GET
H2 200 st.a9c2f47cfbd1f141fb724cef861110d7.js Show response
ws.sharethis.com/secure/js/ Frame CEF0 88 KB
23 KB 7ms
6ms Script
application/javascript 2600:9000:20eb:8600:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sharethis.com/secure/js/st.a9c2f47cfbd1f141fb724cef861110d7.js
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/secure/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:8600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 85a0afc2f45cecec31d8ccd1498cd8bfe428b3d79018efb1bf4da2cb3050b847

Request headers

Referer: https://ws.sharethis.com/secure/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 19:07:06 GMT
content-encoding: gzip
server: nginx/1.16.1
age: 5699786
etag: W/"60257012-15e0f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b03.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
x-robots-tag: noindex, nofollow
content-length: 23428
x-amz-cf-id: ANPJ7t5-K9PrdsFFzwIl62ZyzqxqOCLlrlL24Pm6x7Mo_PRefBwkjw==
expires: Fri, 11 Feb 2022 19:07:06 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 33ms
33ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&kq=1&lo=0&qs=1&ak=-&i=GMANMI_CONTENT1&ud=false&qm=-120&qn=6OZw%3DoHB%2CEF%3FKC1I%3Cq.bWoCSV2W0Su*TDXlCfX2iR2%25(GyHN%3DI(%2C%3Ba15lK1t!9ZpAH..4iwM%25z4mc4djG%3D_11%5Dz(m3%7CuK9~P%5DDohjO%7BcEKHD%40%404KrD(KA.E%24C%23I%3BC%2FVKw(%24Y4%5D%2B)%60K%3A%3A%2FAwJ_%5B%259%5BHhUKF%5Eh%3B%3BG%24%2509QAk%7Ci%3E3%24.ekO2m%2F%26u~q%60RP%3CG.FT0J%5D%5B(v%7CQM%3CJ.Vo!Ge%23D3lBuoytIDNmGupI%5B%5B%26u5k72kF0beMQ2%26(rX%3BU4%22s%40_Qx!%40D4%2BFTJKZ%5ESCeSztOJ5p6CGuk%3Fy6lAet66%3CBl%3F%24b%3AameaUc%5EKu%3BUDXp%2B3W%60R2zp%2FTjqU%7B(8fYqbB%7B0%60%23ym7D%5DD7gwb%5DG8F%25uHb%5DQ%22_5.eaL57IM%3C%7D)XLKX2fc%2Cie8!iwGFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.yB%3AU!%2FpwvWUuaU%24(9N%2CNJJ)%2CW%2FKo7FY&qp=00000&qq=000000000000&qr=0&gz=0&hh=0&hn=0&qt=0&bq=0&g=2&vc=2&pl=1&zMoatIS=1&zMoatISOrder=0&j=&pc=0&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&md=0&mc=0&lb=4705&la=0&ld=0&lc=0&cw=-1&cx=-1&sh=undefined&xa=0&xb=0&xc=0&h=4&w=4&dnt=0&fy=268.8125&gp=279&gu=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fscitech%2Ftechnology%2F283585%2Fwarning-out-vs-new-cross-platform-malware%2Fstory%2F&f=0&o=3&t=1618770209560&de=849546460232&cu=1618770209870&m=6119&ar=e687a89-clean&cb=0&ll=2&ln=0&gh=1&qa=1600&qb=1200&qi=1600&qj=1200&qf=1600&qe=1200&qh=1600&qg=1200&lk=279&le=1&gm=1&io=1&ch=0&as=1&ag=5075&an=1361&gf=0&gg=0&ez=1&ck=1361&kw=1273&aj=1&pg=55&pf=55&ib=0&cc=1&bw=5075&bx=1361&undefined=1&ci=1361&jz=1273&dj=1&aa=1&ad=1112&cn=1054&gk=0&gl=0&co=1054&cp=1273&cq=1&em=0&en=0&bu=4987&cd=1273&ah=4987&am=1273&re=0&wb=1&cl=0&at=0&d=www.gmanetwork.com%2Fnews%3AWarning%20out%20vs%20new%20cross-platform%20malware%3A__page__%3A-&gw=gmanmicontent461752070830&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&fs=99042&na=1835320880&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Apr 2021 18:23:35 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 18 Apr 2021 18:23:35 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 30ms
29ms Image
image/gif 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&kq=1&lo=0&qs=1&ak=-&i=GMANMI_CONTENT1&ud=false&qm=-120&qn=6OZw%3DoHB%2CEF%3FKC1I%3Cq.bWoCSV2W0Su*TDXlCfX2iR2%25(GyHN%3DI(%2C%3Ba15lK1t!9ZpAH..4iwM%25z4mc4djG%3D_11%5Dz(m3%7CuK9~P%5DDohjO%7BcEKHD%40%404KrD(KA.E%24C%23I%3BC%2FVKw(%24Y4%5D%2B)%60K%3A%3A%2FAwJ_%5B%259%5BHhUKF%5Eh%3B%3BG%24%2509QAk%7Ci%3E3%24.ekO2m%2F%26u~q%60RP%3CG.FT0J%5D%5B(v%7CQM%3CJ.Vo!Ge%23D3lBuoytIDNmGupI%5B%5B%26u5k72kF0beMQ2%26(rX%3BU4%22s%40_Qx!%40D4%2BFTJKZ%5ESCeSztOJ5p6CGuk%3Fy6lAet66%3CBl%3F%24b%3AameaUc%5EKu%3BUDXp%2B3W%60R2zp%2FTjqU%7B(8fYqbB%7B0%60%23ym7D%5DD7gwb%5DG8F%25uHb%5DQ%22_5.eaL57IM%3C%7D)XLKX2fc%2Cie8!iwGFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.yB%3AU!%2FpwvWUuaU%24(9N%2CNJJ)%2CW%2FKo7FY&qp=00000&qq=000000000000&qr=0&gz=0&hh=0&hn=0&qt=0&bq=0&g=3&vc=2&pl=1&zMoatIS=1&zMoatISOrder=0&j=&pc=0&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&md=0&mc=0&lb=4705&la=0&ld=0&lc=0&cw=-1&cx=-1&sh=undefined&xa=0&xb=0&xc=0&h=4&w=4&dnt=0&fy=268.8125&gp=279&gu=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fscitech%2Ftechnology%2F283585%2Fwarning-out-vs-new-cross-platform-malware%2Fstory%2F&f=0&o=3&t=1618770209560&de=849546460232&cu=1618770209870&m=11119&ar=e687a89-clean&cb=0&ll=2&ln=0&gh=1&qa=1600&qb=1200&qi=1600&qj=1200&qf=1600&qe=1200&qh=1600&qg=1200&lk=279&le=1&gm=1&io=1&ch=0&as=1&ag=10075&an=5075&gf=0&gg=0&ez=1&ck=1361&kw=1273&aj=1&pg=55&pf=55&ib=0&cc=1&bw=10075&bx=5075&undefined=1&ci=1361&jz=1273&dj=1&aa=1&ad=1112&cn=1112&gk=0&gl=0&co=1054&cp=1273&cq=1&em=0&en=0&bu=9987&cd=4987&ah=9987&am=4987&re=0&wb=1&cl=0&at=0&d=www.gmanetwork.com%2Fnews%3AWarning%20out%20vs%20new%20cross-platform%20malware%3A__page__%3A-&gw=gmanmicontent461752070830&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&fs=99042&na=117449161&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Apr 2021 18:23:40 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 18 Apr 2021 18:23:40 GMT

Verdicts & Comments Add Verdict or Comment

581 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.facebook.com/	1970-01-19 19:49:06	Name: fr Value: 0UT2w7KhbShq23CZ7..BgfHki...1.0.BgfHki.
.gmanetwork.com/	1970-01-19 17:49:35	Name: RT Value: "z=1&dm=gmanetwork.com&si=a1aa92fd-e07f-40ed-ab60-08504ffe637f&ss=knnhzibt&sl=1&tt=34i&bcn=%2F%2F684dd30b.akstat.io%2F&ld=34r"
www.gmanetwork.com/	1970-01-20 02:25:06	Name: TRINITY_USER_ID Value: 0028b280-6996-4715-9dc9-c144660c1229
.trinitymedia.ai/	1970-01-20 02:25:06	Name: AUID Value: 0028b280-6996-4715-9dc9-c144660c1229
.gmanetwork.com/	1970-01-19 17:40:56	Name: _gid Value: GA1.2.1748593220.1618770211
www.gmanetwork.com/	1970-01-20 02:25:06	Name: TRINITY_USER_DATA Value: eyJ1c2VySWRUUyI6MTYxODc3MDIxMTM2OX0=
trinitymedia.ai/	1970-01-19 17:49:35	Name: AWSALBCORS Value: zpyDISz2zrCI++dxGKbH3Ip8gPmqU/hlrZEWOZz1RxT2+Taaepo8SNU4dDEhgg2Z/d14MzFnjY0tVNUMb4M07T9L9LFjNt5JNoiV7eZudwkdNkOoBdKBiLQlXDVM
.gmanetwork.com/	1970-01-20 11:10:42	Name: _ga Value: GA1.2.662868343.1618770210
www.gmanetwork.com/	1970-01-19 17:39:30	Name: 84092033-ehtoken Value: SharedAccessSignature sr=http%3A%2F%2Fprod-sb-appanalytics-us1.servicebus.windows.net%2F&sig=%2B66qIPIfse%2Fw8t%2FMjP2JX81YcoOwKEgAFleqxLzh8Yc%3D&se=1618771172&skn=all
.gmanetwork.com/	1970-01-19 17:39:30	Name: _gat_gtag_UA_242242_2 Value: 1
.gmanetwork.com/	1970-01-19 17:39:32	Name: __asc Value: 5617bc9b178e6392c3745af2eee
.gmanetwork.com/	1970-01-20 03:01:06	Name: __gads Value: ID=640e92ef4fb42e6f-2250261127bb0037:T=1618770210:S=ALNI_Mb_4dXKTghAKwLi5-DkJNW7HaE2qQ
www.gmanetwork.com/	1970-01-19 17:41:18	Name: zdSessionId_84092033 Value: d14196b7-edca-4d0e-9d0e-b38eec8dcf30
.gmanetwork.com/	1970-01-20 02:26:32	Name: __auc Value: 5617bc9b178e6392c3745af2eee
.gmanetwork.com/	1970-01-20 11:10:42	Name: _ga_TQZBRMKGV4 Value: GS1.1.1618770209.1.0.1618770209.0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://s.go-mpulse.net/boomerang/FG65A-Y848M-3TACG-B2LGY-Y72BW(Line 11) Message: TypeError: Cannot read property 'parentElement' of null
console-api	info	URL: https://images.gmanetwork.com/res/dist/js/consolidated/hash/story.cec1622ae1cc309f4ef917cbc03f2a63.gz.js(Line 8) Message: Trinity Audio player injector script is loaded!

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

60a6ae725fca.bitsngo.net
684dd30b.akstat.io
8f6fbfdbbcb5c2f6072e34d1168958c1.safeframe.googlesyndication.com
ads.allaccess.com.ph
adservice.google.com
adservice.google.de
aphrodite.gmanetwork.com
api.dmcdn.net
c.go-mpulse.net
c.sharethis.mgr.consensu.org
cdn.jsdelivr.net
cdnjs.cloudflare.com
certify.alexametrics.com
connect.facebook.net
count-server.sharethis.com
d2wy8f7a9ursnm.cloudfront.net
d31qbv1cthcecs.cloudfront.net
data.gmanetwork.com
depart.trinitymedia.ai
fiaqj6absjkbikqce3ygyaaaabqhy6je-p7f81n-f530fde3d-clienttons-s.akamaihd.net
fonts.googleapis.com
fonts.gstatic.com
images.gmanetwork.com
images.gmanews.tv
l.sharethis.com
log.outbrainimg.com
maxcdn.bootstrapcdn.com
ob.cheqzone.com
obs.cheqzone.com
pagead2.googlesyndication.com
ph-gmtdmp.mookie1.com
player.ivideosmart.com
prod-sb-appanalytics-us1.servicebus.windows.net
px.moatads.com
related.gmanews.tv
s.go-mpulse.net
securepubads.g.doubleclick.net
static-tagr.gd1.mookie1.com
static.xx.fbcdn.net
stats.g.doubleclick.net
tcheck.outbrainimg.com
tpc.googlesyndication.com
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
trinitymedia.ai
vd.trinitymedia.ai
widget-pixels.outbrain.com
widgets.outbrain.com
ws.sharethis.com
www.facebook.com
www.gmanetwork.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.youtube.com
xhkkxwaccbvzqyd4pesa-p7f81n-2d3f08604-clientnsv4-s.akamaihd.net
z.moatads.com
zdwidget3-bs.sphereup.com
104.108.145.107
104.108.145.172
104.108.145.205
104.117.192.218
104.40.187.26
13.224.119.12
13.224.119.14
13.224.119.58
13.224.119.77
13.33.139.128
13.33.139.96
142.250.185.130
143.204.237.64
143.204.245.119
175.41.191.212
178.79.242.16
18.194.64.207
184.86.251.212
2.16.107.152
205.185.216.10
2600:1f18:e8a:cd02:882c:d916:bae1:7722
2600:9000:2021:9c00:c:3460:340:93a1
2600:9000:206f:f000:c:a9b7:ddc0:93a1
2600:9000:20eb:8600:3:c04e:c780:93a1
2606:2800:233:9de:380:d6:22cb:12e3
2606:4700::6810:125e
2606:4700::6812:bcf
2a00:1450:4001:801::2008
2a00:1450:4001:808::2002
2a00:1450:4001:808::200e
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:811::2001
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:812::200e
2a00:1450:4001:827::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82b::2004
2a00:1450:400c:c0c::9d
2a00:1450:400d:804::2001
2a00:f48:2000:1023::3
2a02:26f0:6c00:1b8::11a6
2a02:26f0:6c00::210:ba33
2a02:26f0:6c00::210:ba43
2a02:26f0:7100:199::11a6
2a02:26f0:7100::1720:ee33
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:1b::621
35.174.194.37
35.227.202.26
40.79.44.59
52.200.218.179
52.29.155.194
64.202.112.159
011f65213dcc2dc9464f07a61c75125c3ef8061f37ca3921c4b6771421b4235b
0275ec366f3cf18830eb5708a3f72ea10baf05a2f946c541e30691fa60ba4b54
05c173701f520cc53fcf2fba4ea74aa600c4daf76ee7d7fc321c1f00c7097603
07364fa4cf43aefe3a2fd502443768a227e45feeff1fd6bb8958257fc6955f9f
0bb2cc51ed094008a0c4720b3086c1c7ddea74192c32aad90439e23c00a64bcc
0e332b922db69ae1554d1d67b6df95e42aa4aef82dceaae9540b613735fd817d
101952754cb8c2ae6e1b8b8cba16dc2a9b47e6e808bd563a8b87d0561daf7d85
10906b8c7ee290918a54bb5510854a38d276b9419e7f91d3781b7af6aeeaebfb
10ad65fee3c7f0fc6a2122915ac606daf88347db9f6173aa67e3457598665677
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12185420516acfdda1713b70ae0b7d4377cfa88a42bb66bd0b928aaa414dcb28
139da75dd27ce3e72eb0511df6e68f3a42e8db2b96effb3750a27e2e3dd3167a
1426c56748e464a4c9a1dae580dc73acf291663684aa701711537d8709329014
1626bb546b447d9ef6b8772bae92b22e6613ef7b65b21444c7efe3437ef48677
162983af27e6105fafd526cb7a509dbf55b8e84f5320e4cc03a9a7fa3651137d
176f3ca1ee7b655aa9f2c16e71c09dc548d315c9b77ff39d637eebb931d70d81
1a83f7708114effe858a7974dfd5b2a877a5bc347e9f1b1d7754a1dd64f842ee
24a54f9f01ce9a671184c9d6e7c8d0f8acaa473d0631911cae13b71e0dae0341
2c905617c98925807a6fdf98d7ead4be0f281661de8de7e061af32bbc328eeab
2de70d545d91c842631a733af6f75efbfe68aa24e65e80f5e82cc57802ab4432
2e9422dcae50c91ac6103d603a3621effc774cf7c3ba15916710963e742282a4
301654503be07e8f5b0f408a1a3f1aba25f511e3c0534241cb3b6b59641d6a15
315e2608344f1191438f99ce959acb85e21594cacaa05030166f09ac4543ab09
31e420b79e7760a7860ed2fb595c4f11b498559791571fed7eb22be20c7fa5e3
341b452ea238e1335d40629bba580839ada6fd9e227b89ba4f3a7a9b1413861b
34d2701c293a921dbbaf7b206c1f4ffb541a7223c1ab3c5c6ff2b1fa011a85a0
359501180b779548ad4e1ca74f38b08474350c38bed64ad69b278837d179e792
36e085e8ccbc1bc0b3bbe4bae133b37404da97e552557f0db91b80cfd054371e
380b47f6ea7d28de20e705c6c8442ae9e5df6be6c8fb729975dfae6228dbc0c8
38cc8429547f36e861f3dfae167ebde8d9142230888415f764142fcbdc095feb
3917548928197150addc288f30af88f2ab034ab333aea4b5d99ae97465563720
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
3af77a420c7be2872948338e4664e0fbe9c5c60360232f20773f782b64a389d8
3bc2947b3cb9aab23eb5ef3b20b4b80aec5d43f4d4c4ef0717d9a09570fdd3ff
3bd5c300f9b36036a0be212fdb9a6184a192b5559d7d362760741e9c98cbd2d3
3d85bf6dc7e193ba6aba1c7f19fa7cff8480f6a424f7511d30dd93c098fac77f
3d9b4c1e21f076d905f1b85a541dda587ee989d1516f1465c6c6ded005cb99a8
3f78cb7ec4796fbf923d1c995bfa6aa339020b7778db02fe0d2089bf057ad1e1
42396341ae3c3d0cc59c90dc48397115f409545f964e955b9deceabe50b9aecf
4265686660c12d10f6954d8dec60884933d680f10dd79a4ff7a76c016d62f39a
43a3180bf543501f3c010d886d652d3da0997798bd88b071de838fa876560c8d
4a85de9065d5a1bdf2f24f8a39125aa86e684c33b86b511d0e43875fc1a12543
4c062e44ef26a7b57ee5e158af4af360561ed6f3d18d96e4c1faa9b69097add0
4e9117f00b958920d6a594588c82bb74e5cf045d786c548b15b91ae65d11cc0f
4ec4816ff01bbeaa8133086cb0a2c6f29259eaef6482897ca0acf131fdc33d8f
4ee4197ae3e7bac4347e8443d7e264781c7d154e24d27da0eec14b9d4bfc1d61
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc
4f4524f7e1a87079bc50a64681f880ccf3e6f5db1ec5fc27949377532a3881da
4f9325b0e50d54922f785cd9797a3d80de8eda2ddd780e823fbc629d0cb17a92
4fad05a1473de195f4e634fc8b9111126e6272002e22c03ae54cf8a8e127e345
51906a46cedc27ed5e349475e3bf0eb36d464f0e642eaad0f3d430f5f89af2bf
52b7e013c9078751b11b900c2a2f30fd576a77b108e9453b699b1aa447bfb760
530e7f85a527a573329c03e2db7b3862913d14025efb3f4aa4b026f9160600ee
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
57d87f4202b259833def537015880ebd3733bb40d19c95df1da49ba126c3b397
58e76bcd9db528d7fe8acd4b6c6762256a84ab7d4d48ff54b4a4d64050323284
5b3b78542673c46b4299265778cc870a3fe7d4bffc70cb1cac9c0e5199432c79
5ddadabbf40d5ed6cc3b3735f87451e0a5ec1782cec93f338005566ad060fbc6
60075ca51b64fab49b932d7cda20bf25238aeda02bac47569aeb802461fe35bb
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474
6275ff30af094191e3a1c5a2d8cb61d6e82e0e42ff1268748b0b5487ce41f06e
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f
67c735c0aa847a003bd9d8ca63f96df07a4a5739694f4641785bb6aff2b251f5
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
688787521ed7834cc36e290802e240d5003d419188c265ad7b50e4e2e9128bd9
693a39255f808f38ae64d4daf12a78de32d51bca970b01fb398534e81fb641b3
6970bff311f63d1ff36884f8689317414cf0628bdb05e4df7f0e58f921fc3c80
6ceb80df4a2a09a64c6506bea46609e055f2043c2960b72a82e5e2388e016a86
6d16ed20b3cddde6e086198fe01669c0e1da6063547a4659094ad89de4d88e45
6f0e7735adfcdf2111bdd4128aeff3912c579c0dd0fb415553327c3da059ab4d
7040f351fa93cddd426c4978c3cd5938173a69efc3365986135fda7da0cb5c67
7747ea5ee2b970e18bf72e361a8d062e69451374d41d63bfea73febc637ebcd8
7cdbfc4262e966041c8dd26a5ba6996cff3991b180fd01f3d24f726ef4f780a1
7df06d0c1d0a5302a37749adbdc40f27d54116c905f87bb1146e812829c251f9
7e373d1ef257fbe7a72515f2d7edb46dde98ae1ef52c663428c81679f49c51db
7f1a21d182b937b569183172ed61bbc084ced8c79e0d1c0cea671f0221cf189b
8095e046d436d9957b442dad9827d0289469e91f12cd94f68ffc90198e3b4f31
80a67a582fed34d5f1c3a3cbd37d3fb1866c6f02cd05d9dac1cec59d97be1d07
81a935f45850ccb6970a821de458801d7ca72b56ac31b5f13607eacbefb794e5
823686237069918cffd8537c4a5a77c27cd84451bef4b07624f44d7e5456c226
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85a0afc2f45cecec31d8ccd1498cd8bfe428b3d79018efb1bf4da2cb3050b847
87b3e2271b71b1fefe56400637a37ef3fd2a66b84aee860973fa60b839d8262e
881c83b3b2713d24d5b5d0c45043c5c67e6b1c21a9fc821cab1b5223f3c654e3
89919930da4c7d0f027496907625bb5d97db45b07ca75582ca850b72cad1a44b
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c1bd701277d5bdc4d3aa28c9c1caf158c62fa001dad747653e3d24b42aeabcf
90bd413bb57450eb35ec9196a1683fb0b8496498226a58c589fda16a61da972b
937fdab3409538bd4f6164b79c2caf886f7bb6170fcc37d9bb2fa3c9c010940f
9410b966a900044927dbd2f9ea9c1e1b4887a9fb093dc54e129fa43541bfee7b
9597860d23d61f092be7543c5714d0e1dbf18eae058a76c76da64285392b8eb8
95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98e6165f4ca935ed2cd034d3f71ed277bfa1b20b684fb180a7935d2c4b853bf4
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9cf97a6958f2ba4a3942a9add3202f4f32dc43fd7f637038968550806b92de56
9d566d5a66973cf49495579c828f81361d994a2b2e42690b5824ef1fd7803227
9e1ce93486baea7da33fe1803cdbeef546b6f940917f462401d586086e970178
9f2669b1d44978dd1cfafdc27cc4f473172c50a689ca722b55e0d6ddf7e9daf4
9fb974b84a129972abbd1e2e5cfdf685cab5f6f22d881adf3845bc73b43eb4ad
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2ff7489b70c409a5d8bdc6e24fc7390df445cab7b0c483620785f41bcc9c2ce
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a88306a37d83f5fd13b12c48be8c5fe64207f2c3da7ae881cffc022b2b9747dc
a9850441e45bba116934753d0330c5748c6615fb4cb772cfaa7983a54c322324
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
aa0a4e5cd6b2bb419f6c5b9f684618c1ba399686eda1b5ef8c66ad13c1b2891b
aa643aca8d5fa444b863a9ddb8ab5b4451637ee4cab23b668455e2ad4530b02a
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac84513c4c5ea7e4458e91c46e33ba71b56e19fabf93cc079ffcb01a975c2e3d
ad09eb4f381f7bdd2df06a98dde61dd1a8d88c01170865914f972ceefcc45037
ad6f29ca8a46fd6ceea1d1ccbd28f0bcf41ae8193ca25369da72d1212bba73b4
adbd2d20a9543ad40a5a66a187209902d1013e67b569fbee9bac3f7d9dafc474
ae1947a2826e5e189f4a57f8d6a2e8cadf74cfc1bc4b529489b2bbfd802bfd14
afbfe8e368a2051af8391ea4c832a3d1e6784c254621e2bedf3e20b241164fe7
b22313fd719ae7c104f6bc4be142ffb0b9d2f5c604ab92163ec18a628927ce99
b4ab3afc167a24f795563b7a51fae8dfbe6efc232ccb2e2add52dacc59cec3e3
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
bee022a4099fdb924d19ba7cdd46c87f30d360ccf955a7fdcb45f8f83ddf4b2b
c1a4b1006d5cad5088da612f035049ea281ba330a162d6253f3f32f024d6ae6f
c2260a0c10c2fa8903fab19e7b218e5727e4e2ab04b5a68fec7fa9a2a0753a77
c340f2fc9103b3a383daf2262c4c58829e4acd29f2e18e02675a823f89eef33b
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c6459f5c8dc1dc1bd6581f0517d67b3d55c143cc419615d4ab772b2b3f24a2c4
c724febe7204aafcc7f70c174e89d475e7d85f5d9b027026ff280c22ba50da76
c75f65c26c8627f92d561c1574e598ce07ccfae2f3f19cb24b59437f95658259
c77f2497c42c0cf38e4ccf810e651391cbceecd15ae2b8f62e17ebf4524086ab
c7a36decf6430084836f47894c84210f02a45635048fc9ff546b55f5e652679a
c9ebef02058f5009b9cd0a4f3a422ab26f5c9f39439e1a9eb97ef9fffcc695ba
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d06ac9d723f8a20b2851b8c90aefda827ef956ed5db057a2a68840f82e691cee
d11b07859fd9c556a2e9382897ff4d5bb2a811327a3f75e95b071f6804d3f52c
d362b60418a5963fe304088ba49ebdc91d1a9279c47ae8a044ddfbee6f52eccd
d3a8d1292d6249499f7729eb37b8bd23b5e40de7602353e01516f2aeb6ce79e1
d3c25479d7c2977020822fb709b73ef277fe1bdf7d18ae1cd15af9f8c097e504
d59c24b766c8088486b920c1c36e1b3576cd415528dc01a486d3d97c776a2c8b
dc5ddc93ea153c05202bb974dbd591cf30ce83474d1d24aa30d5740e20955c8d
dd50088ddee3d663d0a5fa745b9a24a139398fef46685aef75987a881ddf2523
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df2f130ebaf879966d5e5e8e8623f57a217befe98549db88445fea1e2e1a5797
e17ae17f90ae983832f3709e67de0f7902fe1014568410534615235a158d7af0
e362a1e3d92a5cbd936c2ae0460c62af5f231a2edadd05034e13e6b0ee9b1f81
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6017bdf5d16d3357b1bf6848ef88af9389a7cb3b4e54f5a8a276676bb0efb65
e65d0a24b75f34788ddfcf6f568d4b0144bf3969a3c95521ee0d37d758c4c806
e766a239e78553d6646a014edd1b2a5a8a98843339ff4990b630ca478bcfe287
ecc9d83cde16db61ae3dea4b675b408c84e35fe5b63171aca0f33003aaa345f1
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
f3bc548fe0ec38e954e193e2048fcd89948a61e9b321e69476b807cfb530215b
f5daaf2ac11d08a55cb61c41d789f3936ed028fa3d50785e2480ec7ab638d504
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
fcd9b5232e83a460316b49b7ae2c1bd73222f00167bc9b70adda941919c6be1a

www.gmanetwork.com Open in urlscan Pro 143.204.245.119 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

193 Requests

100 %HTTPS

54 %IPv6

37 Domains

60 Subdomains

56 IPs

6 Countries

3834 kBTransfer

9519 kBSize

15 Cookies

14 Outgoing links

Redirected requests

193 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.gmanetwork.com Open in urlscan Pro
143.204.245.119 Public Scan

Screenshot
Live screenshot

Full Image

193
Requests

100 %
HTTPS

54 %
IPv6

37
Domains

60
Subdomains

56
IPs

6
Countries

3834 kB
Transfer

9519 kB
Size

15
Cookies

193 HTTP transactions
1 data transactions