www.zdnet.com Open in urlscan Pro
23.210.249.64 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
Submission: On September 17 via manual (September 17th 2019, 6:39:05 pm UTC) from US

Summary HTTP 438 Redirects Links 46 Behaviour Indicators

Summary

This website contacted 78 IPs in 6 countries across 61 domains to perform 438 HTTP transactions. The main IP is 23.210.249.64, located in Netherlands and belongs to AKAMAI-AS - Akamai Technologies, Inc., US. The main domain is www.zdnet.com.
TLS certificate: Issued by GeoTrust RSA CA 2018 on April 23rd 2019. Valid for: a year.

This is the only time www.zdnet.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	23.210.249.64 23.210.249.64	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
47	2a04:4e42:1b:... 2a04:4e42:1b::444	54113 (FASTLY) (FASTLY - Fastly)
1	23.45.108.200 23.45.108.200	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
16	2a04:4e42:3::444 2a04:4e42:3::444	54113 (FASTLY) (FASTLY - Fastly)
3	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
4	104.108.48.32 104.108.48.32	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
31	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
8	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
2	143.204.214.33 143.204.214.33	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	35.168.89.158 35.168.89.158	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1 7	172.217.21.198 172.217.21.198	15169 (GOOGLE) (GOOGLE - Google LLC)
1	35.190.38.167 35.190.38.167	15169 (GOOGLE) (GOOGLE - Google LLC)
1 6	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
17	216.58.206.2 216.58.206.2	15169 (GOOGLE) (GOOGLE - Google LLC)
14	152.199.23.241 152.199.23.241	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
2 3	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER - Twitter Inc.)
11	2606:2800:134... 2606:2800:134:1a0d:1429:742:782:b6	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
5	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1	151.101.114.133 151.101.114.133	54113 (FASTLY) (FASTLY - Fastly)
1	2600:9000:205... 2600:9000:2057:b000:18:1fcd:349:ca21	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	54.86.174.228 54.86.174.228	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba1b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2606:4700::68... 2606:4700::6810:a10d	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
8	2606:4700::68... 2606:4700::6810:50a5	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3	184.31.90.90 184.31.90.90	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2606:4700:20:... 2606:4700:20::6819:a222	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
4 16	34.247.144.106 34.247.144.106	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
5	64.30.230.22 64.30.230.22	6623 (CBSI-1) (CBSI-1 - CBS Interactive Inc.)
1	52.215.98.88 52.215.98.88	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	35.175.13.58 35.175.13.58	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
2 2	104.108.34.58 104.108.34.58	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
4 4	35.190.72.21 35.190.72.21	15169 (GOOGLE) (GOOGLE - Google LLC)
4 4	23.210.249.113 23.210.249.113	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
4 4	52.210.181.210 52.210.181.210	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
4 6	18.195.52.121 18.195.52.121	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 4	52.208.194.131 52.208.194.131	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	23.38.58.249 23.38.58.249	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.99.128.52 23.99.128.52	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
1	2606:4700::68... 2606:4700::6810:4ea5	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
4	52.49.176.73 52.49.176.73	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	52.31.175.110 52.31.175.110	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
4	52.0.145.219 52.0.145.219	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	151.101.14.110 151.101.14.110	54113 (FASTLY) (FASTLY - Fastly)
5	185.33.223.203 185.33.223.203	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1 4	66.117.28.68 66.117.28.68	15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.)
1	162.247.242.19 162.247.242.19	23467 (NEWRELIC-...) (NEWRELIC-AS-1 - New Relic)
35	151.101.114.2 151.101.114.2	54113 (FASTLY) (FASTLY - Fastly)
2 7	2.19.43.224 2.19.43.224	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.17.209.240 104.17.209.240	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 2	34.254.217.168 34.254.217.168	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	2600:9000:205... 2600:9000:2057:4a00:1d:8c8c:47c0:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 2	66.117.28.86 66.117.28.86	15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.)
2 6	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE - Google LLC)
1	35.227.208.151 35.227.208.151	15169 (GOOGLE) (GOOGLE - Google LLC)
4	151.101.13.181 151.101.13.181	54113 (FASTLY) (FASTLY - Fastly)
1 1	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:4001:81c::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	217.12.15.83 217.12.15.83	34010 (YAHOO-IRD) (YAHOO-IRD)
2	151.101.112.134 151.101.112.134	54113 (FASTLY) (FASTLY - Fastly)
1	52.29.17.61 52.29.17.61	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
10	2a00:1450:400... 2a00:1450:4001:825::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
2	2a00:1450:400... 2a00:1450:4001:825::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
26	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	2.19.38.84 2.19.38.84	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2.18.233.143 2.18.233.143	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
5	18.130.64.138 18.130.64.138	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	69.173.144.141 69.173.144.141	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
7	2a00:1450:400... 2a00:1450:4001:809::2006	15169 (GOOGLE) (GOOGLE - Google LLC)
40	23.58.219.40 23.58.219.40	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
3	52.30.7.139 52.30.7.139	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	13.32.218.95 13.32.218.95	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	3.120.6.212 3.120.6.212	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
4	3.223.151.89 3.223.151.89	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	3.9.25.189 3.9.25.189	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
7	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	69.173.144.153 69.173.144.153	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
1	104.109.78.125 104.109.78.125	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a04:4e42:1b:... 2a04:4e42:1b::720	54113 (FASTLY) (FASTLY - Fastly)
1	2a00:1450:400... 2a00:1450:4001:81a::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY - Fastly)
1	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
438	78

11 23.210.249.64 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-210-249-64.deploy.static.akamaitechnologies.com

www.zdnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 2a04:4e42:1b::444 (Ascension Island)

ASN54113 (FASTLY - Fastly, US)

zdnet1.cbsistatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zdnet2.cbsistatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zdnet3.cbsistatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.45.108.200 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-45-108-200.deploy.static.akamaitechnologies.com

c.evidon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a04:4e42:3::444 (Ascension Island)

ASN54113 (FASTLY - Fastly, US)

zdnet4.cbsistatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.234.21 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.108.48.32 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-108-48-32.deploy.static.akamaitechnologies.com

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
686eb704.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.214.33 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-214-33.fra53.r.cloudfront.net

native.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.168.89.158 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-35-168-89-158.compute-1.amazonaws.com

l.betrad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.21.198 (United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s12-in-f198.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.38.167 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 167.38.190.35.bc.googleusercontent.com

urs.zdnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 216.58.206.2 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s20-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 152.199.23.241 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.244.42.136 (United States) 2 redirects

ASN13414 (TWITTER - Twitter Inc., US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

abs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

vidtech.cbsinteractive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:b000:18:1fcd:349:ca21 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.86.174.228 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-86-174-228.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba1b (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

iicbsi-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:a10d (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6810:50a5 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.lightboxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.31.90.90 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a184-31-90-90.deploy.static.akamaitechnologies.com

www.everestjs.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::6819:a222 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

tru.am	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
beacon.tru.am	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 34.247.144.106 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-247-144-106.eu-west-1.compute.amazonaws.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 64.30.230.22 (Fremont, United States)

ASN6623 (CBSI-1 - CBS Interactive Inc., US)
PTR: phx2-dw-cbsi-xw-ext-lb.cnet.com

dw.cbsi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.215.98.88 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-215-98-88.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.175.13.58 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-35-175-13-58.compute-1.amazonaws.com

in.ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.108.34.58 (Netherlands) 2 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-108-34-58.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.72.21 (Mountain View, United States) 4 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 21.72.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.210.249.113 (Netherlands) 4 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-210-249-113.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.210.181.210 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-210-181-210.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.195.52.121 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-195-52-121.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.208.194.131 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-208-194-131.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.38.58.249 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-38-58-249.deploy.static.akamaitechnologies.com

5f651e72.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.99.128.52 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
PTR: waws-prod-dm1-001.cloudapp.net

lightboxapi2.azurewebsites.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4ea5 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

api1.lightboxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.49.176.73 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-49-176-73.eu-west-1.compute.amazonaws.com

api.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.31.175.110 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-31-175-110.eu-west-1.compute.amazonaws.com

cbsi.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.0.145.219 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-0-145-219.compute-1.amazonaws.com

saa.cbsi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.33.223.203 (Netherlands)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 317.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 66.117.28.68 (United States) 1 redirects

ASN15224 (OMNITURE - Adobe Systems Inc., US)

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.242.19 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1 - New Relic, US)
PTR: bam-7.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 151.101.114.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.19.43.224 (Ascension Island) 2 redirects

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-19-43-224.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.209.240 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

zn_3xebfjduss0srw5-cbs.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.254.217.168 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-254-217-168.eu-west-1.compute.amazonaws.com

secure-us.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:4a00:1d:8c8c:47c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

cdn-magiclinks.trackonomics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.117.28.86 (United States) 2 redirects

ASN15224 (OMNITURE - Adobe Systems Inc., US)

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.16.130 (United States) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s46-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.208.151 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 151.208.227.35.bc.googleusercontent.com

web-sdk.urbanairship.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.13.181 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

widget.perfectmarket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.194 (United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s08-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.12.15.83 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
PTR: mpr1.ngd.vip.ir2.yahoo.com

ad.yieldmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.112.134 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

zdnet-1.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.17.61 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-29-17-61.eu-central-1.compute.amazonaws.com

www.summerhamster.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:825::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2.18.235.40 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.38.84 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-19-38-84.deploy.static.akamaitechnologies.com

ads.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.143 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-233-143.deploy.static.akamaitechnologies.com

rev.cbsi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.130.64.138 (London, United Kingdom)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-130-64-138.eu-west-2.compute.amazonaws.com

geo.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

optimized-by.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:809::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 23.58.219.40 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-58-219-40.deploy.static.akamaitechnologies.com

cbsdfp5832910442.s.moatpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
essenceukeedcmdisplay403072119649.s.moatpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.30.7.139 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-30-7-139.eu-west-1.compute.amazonaws.com

eecouk.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.218.95 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-218-95.fra56.r.cloudfront.net

platform-cdn.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.6.212 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-3-120-6-212.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.223.151.89 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-3-223-151-89.compute-1.amazonaws.com

b.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.9.25.189 (London, United Kingdom)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-3-9-25-189.eu-west-2.compute.amazonaws.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.153 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

beacon-eu2.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.109.78.125 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::720 (Ascension Island)

ASN54113 (FASTLY - Fastly, US)

str-assets.imgix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY - Fastly, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
63	cbsistatic.com zdnet1.cbsistatic.com zdnet2.cbsistatic.com zdnet3.cbsistatic.com zdnet4.cbsistatic.com	967 KB
40	moatpixel.com cbsdfp5832910442.s.moatpixel.com essenceukeedcmdisplay403072119649.s.moatpixel.com	16 KB
35	taboola.com cdn.taboola.com trc.taboola.com images.taboola.com	500 KB
33	doubleclick.net 4 redirects ad.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net googleads.g.doubleclick.net googleads4.g.doubleclick.net	234 KB
32	moatads.com z.moatads.com geo.moatads.com mb.moatads.com px.moatads.com	1 MB
28	googletagservices.com www.googletagservices.com	580 KB
18	ml314.com 4 redirects ml314.com in.ml314.com	32 KB
17	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com ade.googlesyndication.com Failed	246 KB
16	twimg.com cdn.syndication.twimg.com abs.twimg.com pbs.twimg.com	252 KB
14	tiqcdn.com tags.tiqcdn.com	89 KB
12	zdnet.com www.zdnet.com urs.zdnet.com	279 KB
11	twitter.com 2 redirects platform.twitter.com syndication.twitter.com	107 KB
10	cbsi.com dw.cbsi.com saa.cbsi.com rev.cbsi.com	15 KB
10	viglink.com cdn.viglink.com api.viglink.com	113 KB
9	demdex.net 1 redirects dpm.demdex.net cbsi.demdex.net eecouk.demdex.net	6 KB
9	lightboxcdn.com www.lightboxcdn.com api1.lightboxcdn.com	160 KB
8	sharethrough.com native.sharethrough.com platform-cdn.sharethrough.com btlr.sharethrough.com b.sharethrough.com	131 KB
7	2mdn.net s0.2mdn.net	213 KB
7	scorecardresearch.com 2 redirects sb.scorecardresearch.com	5 KB
6	everesttech.net 3 redirects pixel.everesttech.net cm.everesttech.net	3 KB
6	eyeota.net 4 redirects ps.eyeota.net	3 KB
5	adnxs.com secure.adnxs.com	3 KB
4	rubiconproject.com ads.rubiconproject.com optimized-by.rubiconproject.com beacon-eu2.rubiconproject.com eus.rubiconproject.com	9 KB
4	perfectmarket.com widget.perfectmarket.com	94 KB
4	crwdcntrl.net 4 redirects sync.crwdcntrl.net	3 KB
4	mathtag.com 4 redirects pixel.mathtag.com	3 KB
4	rlcdn.com 4 redirects idsync.rlcdn.com	1 KB
4	google.com 1 redirects adservice.google.com www.google.com	712 B
4	google.de adservice.google.de www.google.de	623 B
3	facebook.net connect.facebook.net	119 KB
3	tru.am tru.am beacon.tru.am	14 KB
3	everestjs.net www.everestjs.net	8 KB
3	go-mpulse.net c.go-mpulse.net	57 KB
2	google-analytics.com www.google-analytics.com	18 KB
2	facebook.com www.facebook.com	250 B
2	disqus.com zdnet-1.disqus.com	2 KB
2	imrworldwide.com 1 redirects secure-us.imrworldwide.com	832 B
2	casalemedia.com as-sec.casalemedia.com	1 KB
2	akstat.io 5f651e72.akstat.io 686eb704.akstat.io	708 B
2	bluekai.com 2 redirects tags.bluekai.com	2 KB
2	betrad.com l.betrad.com	240 B
1	gstatic.com fonts.gstatic.com	13 KB
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	googleapis.com fonts.googleapis.com	440 B
1	imgix.net str-assets.imgix.net	6 KB
1	summerhamster.com www.summerhamster.com	181 B
1	yieldmanager.com ad.yieldmanager.com	341 B
1	googleadservices.com 1 redirects www.googleadservices.com	251 B
1	urbanairship.com web-sdk.urbanairship.com	17 KB
1	trackonomics.net cdn-magiclinks.trackonomics.net	18 KB
1	qualtrics.com zn_3xebfjduss0srw5-cbs.siteintercept.qualtrics.com	15 KB
1	nr-data.net bam.nr-data.net	261 B
1	newrelic.com js-agent.newrelic.com	10 KB
1	azurewebsites.net lightboxapi2.azurewebsites.net	572 B
1	adsrvr.org match.adsrvr.org	536 B
1	akamaihd.net iicbsi-a.akamaihd.net	272 B
1	chartbeat.net ping.chartbeat.net	168 B
1	chartbeat.com static.chartbeat.com	14 KB
1	cbsinteractive.com vidtech.cbsinteractive.com	281 KB
1	indexww.com js-sec.indexww.com	26 KB
1	evidon.com c.evidon.com	434 B
438	61

	Domain	Requested by
28	www.googletagservices.com	www.zdnet.com securepubads.g.doubleclick.net www.googletagservices.com ad.doubleclick.net rev.cbsi.com s0.2mdn.net pagead2.googlesyndication.com
24	images.taboola.com	z.moatads.com www.googletagservices.com cdn.taboola.com
21	cbsdfp5832910442.s.moatpixel.com
19	essenceukeedcmdisplay403072119649.s.moatpixel.com
19	zdnet2.cbsistatic.com	www.zdnet.com zdnet2.cbsistatic.com zdnet3.cbsistatic.com
17	securepubads.g.doubleclick.net	www.googletagservices.com www.zdnet.com securepubads.g.doubleclick.net
16	ml314.com	4 redirects tags.tiqcdn.com ml314.com www.zdnet.com z.moatads.com
16	zdnet4.cbsistatic.com	www.zdnet.com zdnet2.cbsistatic.com
15	z.moatads.com	securepubads.g.doubleclick.net s0.2mdn.net native.sharethrough.com
14	tags.tiqcdn.com	zdnet2.cbsistatic.com tags.tiqcdn.com
14	zdnet3.cbsistatic.com	www.zdnet.com zdnet2.cbsistatic.com zdnet3.cbsistatic.com
14	zdnet1.cbsistatic.com	www.zdnet.com zdnet2.cbsistatic.com zdnet3.cbsistatic.com
11	px.moatads.com
11	www.zdnet.com	www.zdnet.com native.sharethrough.com
10	tpc.googlesyndication.com	securepubads.g.doubleclick.net ad.doubleclick.net www.zdnet.com tpc.googlesyndication.com
10	pbs.twimg.com	www.zdnet.com
8	www.lightboxcdn.com	www.zdnet.com www.lightboxcdn.com
8	platform.twitter.com	www.zdnet.com platform.twitter.com
7	pagead2.googlesyndication.com	optimized-by.rubiconproject.com pagead2.googlesyndication.com
7	trc.taboola.com	cdn.taboola.com www.zdnet.com
7	s0.2mdn.net	www.zdnet.com s0.2mdn.net
7	sb.scorecardresearch.com	2 redirects tags.tiqcdn.com cdn.taboola.com widget.perfectmarket.com
7	ad.doubleclick.net	1 redirects www.zdnet.com www.googletagservices.com
6	ps.eyeota.net	4 redirects www.zdnet.com
6	cdn.viglink.com	tags.tiqcdn.com www.zdnet.com
5	geo.moatads.com	z.moatads.com
5	secure.adnxs.com	www.zdnet.com
5	dw.cbsi.com	tags.tiqcdn.com www.zdnet.com
5	abs.twimg.com	www.zdnet.com
4	b.sharethrough.com
4	googleads4.g.doubleclick.net	www.zdnet.com
4	widget.perfectmarket.com	cdn.taboola.com widget.perfectmarket.com
4	cdn.taboola.com	zdnet2.cbsistatic.com cdn.taboola.com
4	pixel.everesttech.net	1 redirects
4	saa.cbsi.com	www.zdnet.com tags.tiqcdn.com
4	api.viglink.com	www.zdnet.com
4	dpm.demdex.net	1 redirects www.zdnet.com
4	sync.crwdcntrl.net	4 redirects
4	pixel.mathtag.com	4 redirects
4	idsync.rlcdn.com	4 redirects
3	eecouk.demdex.net	s0.2mdn.net
3	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com
3	connect.facebook.net	tags.tiqcdn.com connect.facebook.net
3	www.everestjs.net	tags.tiqcdn.com www.everestjs.net
3	syndication.twitter.com	2 redirects www.zdnet.com
3	adservice.google.com	www.googletagservices.com pagead2.googlesyndication.com
3	adservice.google.de	www.googletagservices.com pagead2.googlesyndication.com
3	c.go-mpulse.net	www.zdnet.com c.go-mpulse.net
2	www.google-analytics.com	widget.perfectmarket.com
2	www.facebook.com	connect.facebook.net
2	zdnet-1.disqus.com	zdnet2.cbsistatic.com zdnet-1.disqus.com
2	cm.g.doubleclick.net	2 redirects
2	cm.everesttech.net	2 redirects
2	secure-us.imrworldwide.com	1 redirects
2	as-sec.casalemedia.com	www.zdnet.com
2	cbsi.demdex.net	tags.tiqcdn.com
2	tags.bluekai.com	2 redirects
2	in.ml314.com	ml314.com
2	tru.am	tags.tiqcdn.com tru.am
2	l.betrad.com	www.zdnet.com
2	native.sharethrough.com	www.zdnet.com
1	fonts.gstatic.com	www.lightboxcdn.com
1	cdn.jsdelivr.net	www.lightboxcdn.com
1	fonts.googleapis.com	www.lightboxcdn.com
1	str-assets.imgix.net	native.sharethrough.com
1	eus.rubiconproject.com	www.zdnet.com
1	beacon-eu2.rubiconproject.com	www.zdnet.com
1	mb.moatads.com	z.moatads.com
1	btlr.sharethrough.com	www.zdnet.com
1	platform-cdn.sharethrough.com	www.zdnet.com
1	optimized-by.rubiconproject.com	ads.rubiconproject.com
1	rev.cbsi.com	www.zdnet.com
1	ads.rubiconproject.com	www.zdnet.com
1	www.summerhamster.com
1	686eb704.akstat.io	c.go-mpulse.net
1	ad.yieldmanager.com
1	www.google.de
1	www.google.com	1 redirects
1	www.googleadservices.com	1 redirects
1	web-sdk.urbanairship.com	zdnet3.cbsistatic.com
1	cdn-magiclinks.trackonomics.net	tags.tiqcdn.com
1	zn_3xebfjduss0srw5-cbs.siteintercept.qualtrics.com	tags.tiqcdn.com
1	bam.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	www.zdnet.com
1	beacon.tru.am	tru.am
1	api1.lightboxcdn.com	www.zdnet.com
1	lightboxapi2.azurewebsites.net	www.lightboxcdn.com
1	5f651e72.akstat.io	www.zdnet.com
1	match.adsrvr.org	www.zdnet.com
1	iicbsi-a.akamaihd.net	tags.tiqcdn.com
1	ping.chartbeat.net	www.zdnet.com
1	static.chartbeat.com	zdnet2.cbsistatic.com
1	vidtech.cbsinteractive.com	zdnet2.cbsistatic.com
1	cdn.syndication.twimg.com	platform.twitter.com
1	urs.zdnet.com	zdnet2.cbsistatic.com
1	js-sec.indexww.com	www.zdnet.com
1	c.evidon.com	www.zdnet.com
0	ade.googlesyndication.com Failed
438	98

This site contains links to these domains. Also see Links.

Domain
www.zdnet.com.cn
www.zdnet.fr
www.zdnet.de
www.zdnet.co.kr
japan.zdnet.com
www.techrepublic.com
downloads.zdnet.com
twitter.com
www.youtube.com
www.cnet.com
popup.taboola.com
responsiblelife.co.uk
clickster.io
mackeeper.com
www.directexpose.com
ad.doubleclick.net
www.nch.com.au
rfvtgb.articlesvally.com
www.top10bestdatingsites.co.uk
cbsi.force.com
www.cbsinteractive.com
cbsi.secure.force.com
cbslnk.cbsileads.com
www.facebook.com
www.linkedin.com
legalterms.cbsinteractive.com
narratives.zdnet.com
academy.zdnet.com

Subject Issuer	Validity	Valid
www.cbs.com GeoTrust RSA CA 2018	`2019-04-23` - `2020-07-22`	a year	crt.sh
*.cbsistatic.com DigiCert SHA2 High Assurance Server CA	`2019-02-22` - `2021-02-26`	2 years	crt.sh
*.evidon.com DigiCert ECC Secure Server CA	`2019-02-01` - `2020-05-02`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2019-07-17` - `2020-03-09`	8 months	crt.sh
akstat.io DigiCert SHA2 Secure Server CA	`2019-04-16` - `2020-06-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2018-11-19` - `2019-11-27`	a year	crt.sh
*.sharethrough.com Go Daddy Secure Certificate Authority - G2	`2018-09-18` - `2019-11-17`	a year	crt.sh
l.betrad.com Go Daddy Secure Certificate Authority - G2	`2019-04-25` - `2021-06-24`	2 years	crt.sh
*.doubleclick.net GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months	crt.sh
*.zdnet.com DigiCert SHA2 High Assurance Server CA	`2017-12-12` - `2020-12-15`	3 years	crt.sh
*.google.com GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2017-10-25` - `2020-05-13`	3 years	crt.sh
syndication.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-01-24` - `2020-01-24`	a year	crt.sh
vidtech.cbsinteractive.com DigiCert SHA2 High Assurance Server CA	`2018-12-13` - `2020-12-17`	2 years	crt.sh
*.chartbeat.com Gandi Standard SSL CA 2	`2019-04-10` - `2020-04-10`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2018-12-20` - `2020-01-01`	a year	crt.sh
a248.e.akamai.net DigiCert ECC Secure Server CA	`2018-10-18` - `2019-10-18`	a year	crt.sh
ssl418259.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-08-10` - `2020-02-16`	6 months	crt.sh
ssl516460.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-08-24` - `2020-03-01`	6 months	crt.sh
www.everestjs.net DigiCert SHA2 Secure Server CA	`2018-10-15` - `2020-10-15`	2 years	crt.sh
ssl389962.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-09-11` - `2020-03-19`	6 months	crt.sh
*.ml314.com Amazon	`2019-03-16` - `2020-04-16`	a year	crt.sh
*.cbsi.com DigiCert SHA2 High Assurance Server CA	`2017-11-07` - `2021-02-04`	3 years	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
*.eyeota.net Let's Encrypt Authority X3	`2019-07-11` - `2019-10-09`	3 months	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
*.azurewebsites.net DigiCert SHA2 Secure Server CA	`2019-07-22` - `2021-07-22`	2 years	crt.sh
viglink.com Amazon	`2019-02-09` - `2020-03-09`	a year	crt.sh
saa.cbsi.com DigiCert SHA2 High Assurance Server CA	`2019-06-23` - `2020-09-25`	a year	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-04-10` - `2020-03-21`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.nr-data.net GeoTrust RSA CA 2018	`2018-01-11` - `2020-03-17`	2 years	crt.sh
f2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-07-30` - `2020-07-25`	a year	crt.sh
*.scorecardresearch.com COMODO RSA Organization Validation Secure Server CA	`2018-11-28` - `2019-12-26`	a year	crt.sh
*.qualtrics.com DigiCert SHA2 Secure Server CA	`2018-10-08` - `2021-01-06`	2 years	crt.sh
*.imrworldwide.com DigiCert SHA2 Secure Server CA	`2019-02-25` - `2020-02-25`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-08-24` - `2019-10-19`	2 months	crt.sh
*.trackonomics.net Go Daddy Secure Certificate Authority - G2	`2018-12-22` - `2020-02-20`	a year	crt.sh
*.everesttech.net DigiCert SHA2 Secure Server CA	`2017-04-13` - `2020-04-17`	3 years	crt.sh
*.urbanairship.com DigiCert ECC Secure Server CA	`2018-06-20` - `2020-06-24`	2 years	crt.sh
p.ssl.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-09-03` - `2021-02-22`	a year	crt.sh
www.google.de GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months	crt.sh
*.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2019-06-27` - `2019-12-24`	6 months	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2018-03-28` - `2020-04-27`	2 years	crt.sh
*.summerhamster.com Let's Encrypt Authority X3	`2019-07-23` - `2019-10-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months	crt.sh
moatads.com DigiCert ECC Secure Server CA	`2018-11-10` - `2020-02-09`	a year	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-02-13` - `2021-02-17`	2 years	crt.sh
*.moatads.com DigiCert SHA2 Secure Server CA	`2019-03-12` - `2021-06-10`	2 years	crt.sh
imgix.map.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-08-20` - `2020-08-20`	a year	crt.sh
*.googleapis.com GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-05-29` - `2020-04-23`	a year	crt.sh

This page contains 36 frames:

Primary Page: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
Frame ID: BD52F28DF28900E7E7C125AC83ED54A9
Requests: 320 HTTP requests in this frame

Frame: https://c.go-mpulse.net/boomerang/YZ2TK-PC7PJ-K64DL-L53CR-P2G4E
Frame ID: 67607EFDF980A092FFD024D8F25504D3
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.d6364fae9340b0be5f13818370141fd0.html?origin=https%3A%2F%2Fwww.zdnet.com
Frame ID: A2F48C49D50223A7051EBAAE1BD3530E
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: 6E6DA2D844743C27369E9405182DDE39
Requests: 1 HTTP requests in this frame

Frame: https://www.lightboxcdn.com/vendor/a1583f50-579b-41d0-8c4e-1cd1790d945c/lightbox.js?cb=1568745527593&lv=1
Frame ID: 8B4AD1BB0CA307EDDA44582886B61A89
Requests: 2 HTTP requests in this frame

Frame: https://www.lightboxcdn.com/lclst/a1583f50-579b-41d0-8c4e-1cd1790d945c/ls.html?purl=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life%2F&vid=a1583f50-579b-41d0-8c4e-1cd1790d945c&se=0&prev=0&cb=637040096056673955
Frame ID: AAF5AEF8997A9B81F97B1E9A6606AD12
Requests: 1 HTTP requests in this frame

Frame: https://cbsi.demdex.net/dest5.html?d_nsid=undefined
Frame ID: F8F48D244D964623A9FABF09AB2B0F05
Requests: 1 HTTP requests in this frame

Frame: https://www.everestjs.net/static/pixel_details.html
Frame ID: 8325AC7B035FEA3BA3F7E561328D40D0
Requests: 1 HTTP requests in this frame

Frame: https://cbsi.demdex.net/dest5.html?d_nsid=0
Frame ID: F0D532296E17661F49AC0A73D937060A
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: F5E4C0F1514BCCE5C002389CDD61659B
Requests: 1 HTTP requests in this frame

Frame: https://widget.perfectmarket.com/opt/tboptevent.html?v=2&a=u&d=%7B%22stp%22%3A%7B%22a%22%3A1%7D%7D
Frame ID: 7A90594AF42397F65104974EEB85E4A8
Requests: 1 HTTP requests in this frame

Frame: https://widget.perfectmarket.com/opt/tboptevent.html?v=2&a=u&d=%7B%22stp%22%3A%7B%22v%22%3A1%7D%7D
Frame ID: 88058B84EA4F993042F165F806FBE465
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv8C0GhRsYA899gnY5FgXAejPernj4TR3gII15sKZsj2M6yx8CPGBb9clu7Kh5MORrU0L_g6TcyRb66HazCGGkgmwBYheest_EbpOLH7Ebf66QpVh-LkbMGW6EKGGRjSaRoYHPBoLLX6qrfmIkdsV4wWseuO4IlLW6yW8bUIic0aH3G2cP6yNfY_2QuXlSwi8Qi3ZIX4Ko54eDirugerdNqMPps9BMawTj9kXnjZVARZozFiJs_8osEjqX1OrFcaQUY6EWG2Bx7&sai=AMfl-YQt43LQ0M-2fM5o0vGMmU8M5NaXS1ffejBhzoQppf0iiMYPqdqu5T7iP7QxnPfohdn5c5zQZ32pIi9OGNgBayO5ZlA_vTLh1ViO-cwWRA&sig=Cg0ArKJSzEgkoC1tT1q6EAE&urlfix=1&adurl=
Frame ID: 7C2D4729303BF1DD85D2F0693C0A950F
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstG-NRFSt35kajWgzsW0wbMFYkA12h3wSTECArxrufm1OKWpJRY7kHeAcqq0o9dp-XNeRkM8BlmmCEjcb8zi8uqZqwB4sdfdCD3Q4G-juOENPwkIgnZ6-vYzf-bwr46rWHgbJeow4iAwSNTxZdp0P7EzVnEsF5tYgEzPDlw_hIjtxS1MCoz41ER7jpu-cbpU9gWsllxLH6xtyv8F5LeNL5Ox2ZavjZopsoHd-bd3yAviQgOvg6ZIKJVUYyNafg3hqWh5Mk4O9N7Tw&sai=AMfl-YR2FNPQF2iTuXIgaC3b6c7p6xX4tkf4x6zwy1Nh7sMuxUMquMgHDKF9dL4vAUFmPQmnXIDJxdGsPUNPhI1S5YZCWApFTnU5kop4HxqDUw&sig=Cg0ArKJSzHu2fiGXjR8jEAE&urlfix=1&adurl=
Frame ID: 7C427F7DBBB83F556C0357399B2A89DE
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstDZD80O4i5FzrLe3mPRDsGWge14HaPc5EPVjW76x6E0wvYBERguUwPJWb1aNOfmBmjduLuyFB73w3pExaAmMJnH9befEuvUYF059g9xjuleOB8uiyjLsJk1QFd3qRdeRdtwFr5Udaj1Md-6qcKfr0mNs9vvXvGLN9lzbtUkagvx0dwbb5H3DRUZlmnqLOnCmmSJLmjpmXkG2irv0vZvQiON7gmjWuFZSvV5lgFul4SqINaB4ePomZfP0mSwYmgVS_ClySo&sai=AMfl-YQBYPCEhWBh-_i5SIdgDq2X7v_vSGN-KpGtCd1vK-9vRt2BbBqVSRiol_dLZWmQs5bo-2Zhuw5d5aUzOoBCXMcX8y3vOIqIlAQ6lUvCzQ&sig=Cg0ArKJSzPgrc2_9mxg1EAE&urlfix=1&adurl=
Frame ID: CB9DA4E80602E7478454C7FA34592604
Requests: 16 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsusy035csjQyhakk-z7ZZ6D7oGanaIW38LtZCgJZv2xYHIbMqU6vps_-fub74Y9HusBrkha1mZ2owbbVY32balO1rNTYm2qvX3gWiodIKBqc-re2ZqElAUAZOaqnzZTPqXbSVLqGE4Di1L9EUaxr_udpB1Fb3Rsxdl6NOATYGVcgrrPWMFBbuiGm4kPeE4HFImi5sJW2lCd6TMDxlZFY09GjxN-6Rou4sHoAISMnNQ-s3KG5TFaPA5tuU64oenaHf-dIKgIP7oW3g&sai=AMfl-YSsbcT8PlGaUJ2DPcTbNmKlJ-wksw3RVI4oAirY9iWwPaI6HU4si9jDw9t6bHlsolhfUR5Yx22eJpeAV0L6G40ycA6E9LYnRq6VvbHzKg&sig=Cg0ArKJSzKE95Ana0_7tEAE&urlfix=1&adurl=
Frame ID: 79B359946B643CCA88138CFCCFB47DC1
Requests: 7 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: BBFD9EAB0FEFF069D51211542A794006
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssccvq-9Dihp5sAS7GwKJV0pos2HXNBKmYIDH0KXDvMvHKPL407Af5qx-znR1VOuR9lm0jsR8vDPXyRk5uYYWVNX36yjDSo9Ply1jTKfsQvLg2SeSlYj9nSLLkTfasuh_FV0VoX2N7rtHs3HzTcmNEk8x-cluEYPfwL0mSoK_BxVUSEd8CBITN7Qi_tcYBYqbNJ1IciwhTxg-m4Ta43APlFUjWGjMS9TbEXqoo9SpZ53zfuERi6gNrL9QBbtkv5J5X-OXau&sai=AMfl-YQN9JIOGnnE01oHKZgDzJO7UFrkzPNPBmgMQUQ8yrmdK11lH4-vtui-2Zc0NoLoMxwc-UhjhGsCohTdRQ4Cny0istw0320_4Gl_3AC7cw&sig=Cg0ArKJSzPFegb8ZzmJUEAE&urlfix=1&adurl=
Frame ID: BA759A28C9BFCB18C43A0B9E8EABCE3C
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuojs6KmAC-87kQD5Z2UZMNkx_CGXZiVOEcWk6ATOPj4b5DKU1oQfdgm06MVBS7Arg5H2Zb0n0f2wyF796YUXWEOOKP4YoxHyFYUfr4nHjY5kpEZmyYO7o3zfEv3HixiHqfntVoSv4ayKEgl1J6Scww4nSJw6EbjB26VTU2dYp6andtGOrvUGdzCUvfNGyp4vNRv2LoIgQzg699GT52W3sZjXEr6hZTVSElQRaQSW6zGv1G9T8WMpKoKcI5NNEpB0L7EP4&sai=AMfl-YTxNE56iXRADmnRR9CJehUtY1Bgym9wB08vzgq7-GrffgZtxldYdceoDzKoGqe7f7jYWyJE4G3D-DLPuWyY6Yo0sHliaZnO70Vk6QJIqg&sig=Cg0ArKJSzMOBXTiYiEGjEAE&urlfix=1&adurl=
Frame ID: B1C446DB502EA7838FBD51DFEBD69E87
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst7fdBdyDyRoYgXkUopHI-HSHMFbE40_SwpAE8DmWkCV_70Z_0uleWih-27DJpPpYunzDs0ogC_ZJJHCOTG5HjDH8o70zgyKVCdOOTaXxKJ1YFWPAMtPN1PTpV2ogORYGY-UVIrMn6JMd6hjY836nCIUl4WlRa20_f7VcXVwmOdlvZ387Z3jG7C2IcABSk9TMQT_qdq127Adut4L7u98RkY9-4tONinahzgGt97RcktJItIJLq37aijtyARHcNZlo86qsw7sAIQ&sai=AMfl-YRQ8r-xlMcKGj83pMzv320ZwK9D2nYS3685OIpl8D9sv4psIh4ubftHJSUp2RYkeDqX3Tih1VznuLLObS5l8Tv2Ix8ja3MheuAn_Pe-zA&sig=Cg0ArKJSzBd-lkIJXtT6EAE&urlfix=1&adurl=
Frame ID: 9F68AC053F6836544FD66EA2D085F29C
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuWoM7nQNFX5Ior8rk6b8mmWqPHDPn_jXoV3kIRK3K7b4w9NXY-QEitj5_vbX7wI_EK49NIatXlA-CX7LQdI-Xv7NplzgYk_ZCcctX5DkDAT2mxnx_yP9IBJsI44RUA6BvDLOvaZ2KE89xUuk3tgV7xf6u8JhahHJhgg2WsOVbB30drUMa_XwGwFNDibHD6yRLHfPnPqC91qLR_LGcRHW6ZQC31CcEQpViNS0DHtXOs9kSAExRR3QY8EbOZZORFX8PjtYnf&sai=AMfl-YSCyTCsX0s7nTTVmW28w7GCJ21pCCiDwRYHhpyR9EubqegYZZkawlygRivCSmKvMBu3rDd43o7H0HjBeJG6Mwi2gzppDrHBgZCGSlfejA&sig=Cg0ArKJSzBzR6CMDaNP3EAE&urlfix=1&adurl=
Frame ID: 5EA113D2FD3D5D2B93A1C9306C32F012
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssN-_NsnLFO_WqgOZuOzLkwfW2ZQTfMc87VDlInpa2JslvS75d7ee4wTvX6K1uKwd__J08zo5HeLghxaPF3R_QHZ3oZsdwCjf7ZxDAE5motWIuHklZdjIVTv3GOJxk4ELhAhtraNfuhpDfHx2CEs5yoZQZ4dxqGpTTnfYYBZa0zkPknt886ost31TbRsE1EH7lYfg4fy-NgIQjAX1Bu1O9j--FcNs4ykImuLp4SESqCqI4loly5lPbmUm9otdNZDeMMFs0NH0GV&sai=AMfl-YQFsS8P9HGBkuYU5J9K5GhQ6Dn1kUS5dC06nlxPsltpSoZjY47gQfvrwyyDdaaVt_U6tXJNoVmyrb-X0PJZiEhuKyR3-7140062SuNvtA&sig=Cg0ArKJSzDt9bAJOTZQZEAE&urlfix=1&adurl=
Frame ID: 28A44D911CD87E9FABC80EF5C73E54D6
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2F3223E70374F56DEFF0F1215D555560
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 450E445C33E7DAE47DDD64004BBFC141
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: BD875D03176B0F1DEFDE1B3434C2B560
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61225247/20190912072447544/index.html?e=69&leftOffset=0&topOffset=0&c=4zcialji99&t=1&renderingType=2
Frame ID: 54627ED48F9D794B4BBE83A81D5D480F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 73FDF60B84CF68AD14B09EDAD65F5DEA
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61234842/20190912072840302/index.html?e=69&leftOffset=0&topOffset=0&c=5WV268Zzpz&t=1&renderingType=2
Frame ID: B575D41F616E9FE14D86694F68579023
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61226303/20190912072502532/index.html?e=69&leftOffset=0&topOffset=0&c=2kS920FJoa&t=1&renderingType=2
Frame ID: 52067A1BFC2976338569F4EE4B48488A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20190916/r20190131/show_ads_impl.js
Frame ID: 2571A0355C7FC76753C6BA2663E8E9CC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20190916/r20190131/zrt_lookup.html
Frame ID: 0AC73A4F18C24B92A2D095B30EE5CF66
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=uk
Frame ID: 4DAC13ECF60A536EB129BD404796C29A
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsunjTh0FfTjobzfPxECCxczEMyagt-9WQ18Y2k2U7Ma18XxhXPeLCg1WEc6zisYJ0dkTOs5BW8akTUWskyN2Pg5sZ83ZgFtzYtGk9MNe6wSq5swX2s3wafsGhgXyvrpyYzMaPUEaWA85LG0zrXztMgKCk0yPlwfYsplRL1xUpGMWFHsiIZMsV67bGK_TTopE-KAxb40xhi3bmGF3bVT6z7XCeB1nKTfd1cn3V4PHEgOSAfeVfjsZy9eZ8-fW1C7PkWv5G1J1kV4&sai=AMfl-YSqcM7R_ayVdG17m_YrFuQWXF2BGC-KyoQSGOywT5HSuM92VuzCKivrQ2NwQMmze3jFirTaM-D-8FBGmdHUxtnzXHoGIEb_aDFHC2IcQA&sig=Cg0ArKJSzEIU8rGnFvf0EAE&urlfix=1&adurl=
Frame ID: 9F3DF93467C73FEDD2ADE209CBD14BBB
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu7QlXBzZYIpSn7452fAS_wozXv1DaJnANCMMV8FBXoSKtVcTN6f9pVonZNo8mI3nvWUgZeASOmTNfR-mv2-ISt8Uojf20ggrPT7ekwuvzeyZFKsKTEjNEuN-rJrHvpQcmgxgooYGoK8_bspjgH_S-pC9ZJ-30gHDUJA5vQhpHp0rBELjXJpJIT9t_RDtmYGYMLU0IOz1eWgZ8zJenyREUItvBHPm7_jYvtzQbf87D6GP4Ut2TpGGw_k-5w_oodUOFTxiYhp7yN&sai=AMfl-YSbjcXEJpCr0a_268tLlhraN4-0JnkT5sfkkXbjErDlF-yIJ7mLw71EcRvyU0ok3yQFjpqEvGkGzfEGdP4hwTjNyBK1cz5tMxmBBf7wQQ&sig=Cg0ArKJSzGNpJV4Uob9DEAE&urlfix=1&adurl=
Frame ID: C0B5865DAB66CAEC960F3AD195275A69
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1991679624331369&output=html&h=250&slotname=8385808081&adk=418362401&adf=1742708721&w=300&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life%2F&ea=0&flash=0&wgl=1&dt=1568745530820&bpp=15&bdt=1081&fdt=254&idt=254&shv=r20190916&cbv=r20190131&saldr=sa&correlator=3451259352070&frm=23&ife=5&pv=2&ga_vid=1326555442.1568745531&ga_sid=1568745531&ga_hid=166527605&ga_fc=0&iag=3&icsg=10600&nhd=1&dssz=18&mdo=0&mso=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1043&ady=3523&biw=1585&bih=1200&isw=300&ish=250&ifk=3897452198&scr_x=0&scr_y=0&eid=21064339%2C21064505&oid=3&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=20&bc=31&ifi=1&uci=1.dvobn4d90bco&fsb=1&dtd=270
Frame ID: BD608D71332536092083730241365F6D
Requests: 1 HTTP requests in this frame

Frame: https://www.lightboxcdn.com/vendor/a1583f50-579b-41d0-8c4e-1cd1790d945c/lightbox_builder.js?cb=637040096056673955
Frame ID: 5AD0D8D7C8B173254742506F84969ED6
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

VigLink (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /(?:^[^\/]*\/\/[^\/]*viglink\.com\/api\/|vglnk\.js)/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

438
Requests

99 %
HTTPS

31 %
IPv6

61
Domains

98
Subdomains

78
IPs

6
Countries

6193 kB
Transfer

17219 kB
Size

7
Cookies

46 Outgoing links

These are links going to different origins than the main page.

URL: http://www.zdnet.com.cn/
Title: ZDNet China

Search URL Search Domain Scan URL

URL: http://www.zdnet.fr/
Title: ZDNet France

Search URL Search Domain Scan URL

URL: http://www.zdnet.de/
Title: ZDNet Germany

Search URL Search Domain Scan URL

URL: http://www.zdnet.co.kr/
Title: ZDNet Korea

Search URL Search Domain Scan URL

URL: http://japan.zdnet.com/
Title: ZDNet Japan

Search URL Search Domain Scan URL

URL: https://www.techrepublic.com/resource-library/whitepapers/
Title: White Papers

Search URL Search Domain Scan URL

URL: https://downloads.zdnet.com/
Title: Downloads

Search URL Search Domain Scan URL

URL: https://www.techrepublic.com/forums/
Title: TechRepublic Forums

Search URL Search Domain Scan URL

URL: https://www.techrepublic.com/resource-library/whitepapers/10-dangerous-app-vulnerabilities-to-watch-out-for-free-pdf/?ftag=CMG-01-10aaa1b
Title: 10 dangerous app vulnerabilities to watch out for (free PDF)

Search URL Search Domain Scan URL

URL: https://twitter.com/raashidbhatt
Title: Raashid Bhat

Search URL Search Domain Scan URL

URL: https://twitter.com/search?q=emotet&f=live
Title: shared on Twitter

Search URL Search Domain Scan URL

URL: https://twitter.com/Cryptolaemus1
Title: Cryptolaemus

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=-P3RZ2R4G6I
Title: Who owns your health data? (ZDNet YouTube)

Search URL Search Domain Scan URL

URL: https://www.cnet.com/news/the-best-diy-home-security-systems-of-2019/?ftag=CMG-01-10aaa1b
Title: The best DIY home security systems of 2019 (CNET)

Search URL Search Domain Scan URL

URL: https://www.techrepublic.com/article/whats-powering-the-unlikely-rise-of-the-millionaire-hacker/?ftag=CMG-01-10aaa1b
Title: What's powering the unlikely rise of the millionaire hacker? (TechRepublic)

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=cbsinteractive-zdnet&utm_medium=referral&utm_content=alternating-thumbnails-a:ZDNETarticleDesktop/Tablet-Below%20Article%20Thumbnails:
Title: by Taboola

Search URL Search Domain Scan URL

URL: https://responsiblelife.co.uk/rms/?source=TB&medium=1&term=rms-rll-native-desktop-inc&utm_source=taboola&utm_medium=referral&utm_campaign=2431205
Title: Retirement Mortgage Service

Search URL Search Domain Scan URL

URL: http://clickster.io/api/visitors/57ac89e0a38746122f4af882/5c9ce06e85c65534073b3c46/incoming?adi=birthcert&adh=nolifedob42019&addet=birthcert-nolifedob42019&cadid=1TzYqEZ8D5X&appr=lo117_09092019&utm_source=cbsinteractive-zdnet&plcid=1039694&adid=274472782&taboolaclickid=CjAwMWIwNWViMy1iMWU0LTQxM2YtODhkNC0xNDZlZmFhMmM3ODgtdHVjdDQ3YWFkYmESDHNvaG9tZWRpYS1zYw
Title: Finance Daily

Search URL Search Domain Scan URL

URL: https://mackeeper.com/link/6a2a120c-be99-11e9-8c1b-127369ec21d1?c1=fixed?c4=onscreen&tid_ext=1+Important+Trick+Most+Mac+Users+Are+Unaware+of;270658539;1039694;CjAwMWIwNWViMy1iMWU0LTQxM2YtODhkNC0xNDZlZmFhMmM3ODgtdHVjdDQ3YWFkYmESC2tyb21ldGNoLXNj
Title: MacKeeper

Search URL Search Domain Scan URL

URL: https://www.directexpose.com/elvis-presley-never-knew/?utm_source=talas&utm_campaign=A_TS_DE_UK_D_ElvisPresley_v3_0206-Priscilla+Has+Revealed+What+Elvis+Used+To+Ask+Of+Her%2C+And+It%27s+Astonishing-https%3A%2F%2Fstorage.googleapis.com%2Fcaw-uploads%2F153d1219-ab16-4738-a397-7ac38d7aa8c8.png&utm_term=cbsinteractive-zdnet&utm_medium=A_TS_DE_UK_D_ElvisPresley_v3_0206&utm_content=newnext
Title: DirectExpose

Search URL Search Domain Scan URL

URL: https://ad.doubleclick.net/ddm/trackclk/N735221.2069703TABOOLA/B22998161.251586821;dc_trk_aid=447910887;dc_trk_cid=119244865;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?utm_source=taboola&utm_medium=referral&utm_term=cbsinteractive-zdnet
Title: Capital Rise

Search URL Search Domain Scan URL

URL: https://www.nch.com.au/wavepad/index.html?ref=taboola&utm_source=taboola&utm_medium=referral
Title: NCH Software

Search URL Search Domain Scan URL

URL: http://rfvtgb.articlesvally.com/worldwide/oscar-dresses?utm_medium=taboola&utm_source=taboola&utm_campaign=ta-av-oscars-des-uk-safe-msn-15099q&utm_term=cbsinteractive-zdnet
Title: Articles Vally

Search URL Search Domain Scan URL

URL: https://www.top10bestdatingsites.co.uk/?utm_source=taboola&utm_medium=cbsinteractive-zdnet&utm_campaign=T438&a=T438&ts=tabdat&taboola_campaign=1723152&c=176679269&taboolaclickid=CjAwMWIwNWViMy1iMWU0LTQxM2YtODhkNC0xNDZlZmFhMmM3ODgtdHVjdDQ3YWFkYmESFm5hdHVyYWxpbnRlbGxpZ2VuY2Utc2M&campaign_id=1723152&ad_id=176679269&publisher_id=cbsinteractive-zdnet
Title: Top UK Dating Sites

Search URL Search Domain Scan URL

URL: http://cbsi.force.com/CBSi/zdnetcommunityfaq
Title: Community Guidelines

Search URL Search Domain Scan URL

URL: http://www.cbsinteractive.com/legal/cbsi/terms-of-use
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://cbsi.secure.force.com/CBSi/articles/FAQ/Privacy-Policy?categories=CBS_Interactive%3AmPrivacy&template=template_mobilePrivacy&referer=mobileprivacy.com&data=&cfs=default
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://cbsi.secure.force.com/CBSi/articles/FAQ/mThird-Party-Social-Networking-Services?template=template_mobilepp&referer=mobilepp.com&data=&cfs=default
Title: Video Services Policy

Search URL Search Domain Scan URL

URL: https://cbslnk.cbsileads.com/redir?edition=en&ursuid=&devicetype=desktop&pagetype=article&assettitle=emotet%2C+today%27s+most+dangerous+botnet%2C+comes+back+to+life&assettype=content_article&topicguid=&viewguid=2deadd63-948e-47d6-8788-a047a60ccf51&docid=33167553&promo=2150&ftag_cd=LGN22ef1e6&spotname=right-rail&destUrl=https%3A%2F%2Fwww.techrepublic.com%2Fresource-library%2Fwhitepapers%2Fbuild-vs-buy-a-guide-for-customer-identity-and-access-management-german%2F%3Fpromo%3D2150%26ftag%3DLGN22ef1e6%26cval%3Dright-rail%26source%3Dzdnet&ctag=medc-right-rail&siteId=2&rsid=cnetzdnetglobalsite&sl=en&sc=&assetguid=4f29584f-9b66-438c-b15b-0640eecb2c31&q=&cval=33167553;2150&ttag=&bhid=
Title: Build vs. Buy: A Guide for Customer Identity and Access Management (German)

Search URL Search Domain Scan URL

URL: https://www.techrepublic.com/resource-library/company/akamai/
Title: Akamai

Search URL Search Domain Scan URL

URL: https://cbslnk.cbsileads.com/redir?edition=en&ursuid=&devicetype=desktop&pagetype=article&assettitle=emotet%2C+today%27s+most+dangerous+botnet%2C+comes+back+to+life&assettype=content_article&topicguid=&viewguid=2deadd63-948e-47d6-8788-a047a60ccf51&docid=33165221&promo=2150&ftag_cd=LGN22ef1e6&spotname=right-rail&destUrl=https%3A%2F%2Fwww.techrepublic.com%2Fresource-library%2Fwhitepapers%2Fhow-to-protect-against-10-common-browser-threats-free-pdf%2F%3Fpromo%3D2150%26ftag%3DLGN22ef1e6%26cval%3Dright-rail%26source%3Dzdnet&ctag=medc-right-rail&siteId=2&rsid=cnetzdnetglobalsite&sl=en&sc=&assetguid=4f29584f-9b66-438c-b15b-0640eecb2c31&q=&cval=33165221;2150&ttag=&bhid=
Title: How to protect against 10 common browser threats (free PDF)

Search URL Search Domain Scan URL

URL: https://www.techrepublic.com/resource-library/company/techrepublic/
Title: TechRepublic

Search URL Search Domain Scan URL

URL: https://cbslnk.cbsileads.com/redir?edition=en&ursuid=&devicetype=desktop&pagetype=article&assettitle=emotet%2C+today%27s+most+dangerous+botnet%2C+comes+back+to+life&assettype=content_article&topicguid=&viewguid=2deadd63-948e-47d6-8788-a047a60ccf51&docid=33167546&promo=2150&ftag_cd=LGN22ef1e6&spotname=right-rail&destUrl=https%3A%2F%2Fwww.techrepublic.com%2Fresource-library%2Fwhitepapers%2Fforrester-report-building-a-customer-obsessed-iam-team-german%2F%3Fpromo%3D2150%26ftag%3DLGN22ef1e6%26cval%3Dright-rail%26source%3Dzdnet&ctag=medc-right-rail&siteId=2&rsid=cnetzdnetglobalsite&sl=en&sc=&assetguid=4f29584f-9b66-438c-b15b-0640eecb2c31&q=&cval=33167546;2150&ttag=&bhid=
Title: Forrester Report: Building A Customer-Obsessed IAM Team (German)

Search URL Search Domain Scan URL

URL: https://www.facebook.com/pages/ZDNet/5953112932
Title:

Search URL Search Domain Scan URL

URL: http://twitter.com/zdnet
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/zdnet-com
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCr9QWb5RKLfaunjKHJZAdQQ
Title:

Search URL Search Domain Scan URL

URL: http://legalterms.cbsinteractive.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://legalterms.cbsinteractive.com/cookies
Title: Cookies

Search URL Search Domain Scan URL

URL: http://legalterms.cbsinteractive.com/adchoice
Title: Ad Choice

Search URL Search Domain Scan URL

URL: http://legalterms.cbsinteractive.com/terms-of-use
Title: Terms of Use

Search URL Search Domain Scan URL

URL: http://legalterms.cbsinteractive.com/eula
Title: Mobile User Agreement

Search URL Search Domain Scan URL

URL: http://narratives.zdnet.com/
Title: Sponsored Narratives

Search URL Search Domain Scan URL

URL: https://cbsi.secure.force.com/CBSi/knowledgehome?referer=zdnet.com
Title: Site Assistance

Search URL Search Domain Scan URL

URL: https://academy.zdnet.com/
Title: ZDNet Academy

Search URL Search Domain Scan URL

URL: https://www.cbsinteractive.com/legal/cbsi/privacy-policy/cookies-and-beacons
Title: cookie policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 100

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

Request Chain 116

https://tags.bluekai.com/site/20486?limit=0&id=5978151498357110841&redir=https://ml314.com/csync.ashx%3Ffp=$_BK_UUID%26person_id=5978151498357110841%26eid=50056 HTTP 302
https://ml314.com/csync.ashx?fp=6sE7Bx99999hK%2Fa5&person_id=5978151498357110841&eid=50056

Request Chain 117

https://idsync.rlcdn.com/395886.gif?partner_uid=5978151498357110841 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTNTk3ODE1MTQ5ODM1NzExMDg0MRAAGg0It9CE7AUSBQjoBxAAQgBKAA HTTP 307
https://ml314.com/csync.ashx?fp=4fd0264233b01f7d50f95da392eb8e10a1f2f161900a5c359b26e9a13e671f58f4cb09cee1a4f8eb&person_id=5978151498357110841&eid=50082

Request Chain 118

https://pixel.mathtag.com/sync/img?redir=https://ml314.com/csync.ashx%3Ffp=[MM_UUID]%26person_id=5978151498357110841%26eid=50220 HTTP 302
https://pixel.mathtag.com/sync/img?redir=https://ml314.com/csync.ashx%3Ffp=[MM_UUID]%26person_id=5978151498357110841%26eid=50220&mm_bnc&mm_bct&UUID=6b145d81-22b7-4800-ae0d-3418fbc905b8 HTTP 302
https://ml314.com/csync.ashx?fp=6b145d81-22b7-4800-ae0d-3418fbc905b8&person_id=5978151498357110841&eid=50220

Request Chain 119

https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D5978151498357110841 HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D5978151498357110841 HTTP 302
https://ml314.com/csync.ashx?fp=54a1289d7cc772f1b362e0b6201ea5b2&eid=50146&person_id=5978151498357110841

Request Chain 120

https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif HTTP 302
https://ml314.com/utsync.ashx?eid=50052&et=0&fp=21d4bDv6pNhyqzpX9RJy9VCPLlX9_fMBwYiL5VVbHAlE&gdpr=1&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil HTTP 302
https://ml314.com/csync.ashx?fp=21d4bDv6pNhyqzpX9RJy9VCPLlX9_fMBwYiL5VVbHAlE&person_id=5978151498357110841&eid=50052&return=https%3a%2f%2fps.eyeota.net%2fmatch%3fbid%3dr8hrb20%26uid%3dnil HTTP 302
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil

Request Chain 121

https://dpm.demdex.net/ibs:dpid=22052&dpuuid=5978151498357110841&redir= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=5978151498357110841&redir=

Request Chain 148

https://pixel.everesttech.net/4083/gr?ev_gb=0&url=https%3A%2F%2Fwww.everestjs.net%2Fstatic%2Fpixel_details.html%23google%3D__EFGCK__%26gsurfer%3D__EFGSURFER__%26optout%3D__EFOPTOUT__%26throttleCookie%3D__EFSYNC__%26time%3D__EFTIME__ HTTP 302
https://www.everestjs.net/static/pixel_details.html

Request Chain 171

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

Request Chain 177

https://sb.scorecardresearch.com/b?c1=2&c2=3005086&ns__t=1568745528902&ns_c=UTF-8&c8=Emotet%2C%20today%27s%20most%20dangerous%20botnet%2C%20comes%20back%20to%20life%20%7C%20ZDNet&c7=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=3005086&ns__t=1568745528902&ns_c=UTF-8&c8=Emotet%2C%20today%27s%20most%20dangerous%20botnet%2C%20comes%20back%20to%20life%20%7C%20ZDNet&c7=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life%2F&c9=

Request Chain 179

https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-304254h&cg=0&cc=1&si=https%3A//www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/&rp=&ts=compact&rnd=1568745528904 HTTP 302
https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-304254h&cg=0&cc=1&si=https%3A//www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/&rp=&ts=compact&rnd=1568745528904&ja=1

Request Chain 185

https://cm.everesttech.net/cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&url=/1x1&google_hm=WFlFb09BQUFCRHRwZFphWg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm=&google_sc=&ev_rs=1&url=/1x1&google_hm=WFlFb09BQUFCRHRwZFphWg&google_tc= HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1x1&google_gid=CAESEOglWoaz0k-YO-fAxfvIMS4&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 192

https://www.googleadservices.com/pagead/conversion/1036174608/?label=pXjaCJ6m6gcQkIqL7gM&guid=ON&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1036174608/?label=pXjaCJ6m6gcQkIqL7gM&guid=ON&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=OSiBXbXoBInx-gbDoKD4Aw&random=1679592691&sscte=1&crd=&gtd= HTTP 302
https://www.google.com/pagead/1p-user-list/1036174608/?label=pXjaCJ6m6gcQkIqL7gM&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1679592691&crd=&is_vtc=1&random=3985939130 HTTP 302
https://www.google.de/pagead/1p-user-list/1036174608/?label=pXjaCJ6m6gcQkIqL7gM&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1679592691&crd=&is_vtc=1&random=3985939130&ipr=y

Request Chain 203

https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1568745529139&ns_c=UTF-8&cv=3.1&c8=Emotet%2C%20today%27s%20most%20dangerous%20botnet%2C%20comes%20back%20to%20life%20%7C%20ZDNet&c7=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1568745529139&ns_c=UTF-8&cv=3.1&c8=Emotet%2C%20today%27s%20most%20dangerous%20botnet%2C%20comes%20back%20to%20life%20%7C%20ZDNet&c7=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life%2F&c9=

Request Chain 228

https://ad.doubleclick.net/ddm/trackimp/N6580.148013.CNET/B22814289.249203913;dc_trk_aid=445387738;dc_trk_cid=117597040;ord=1449627822;dc_lat=;dc_rdid=;tag_for_child_directed_treatment= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N6580.148013.CNET/B22814289.249203913;dc_pre=CNexq8DA2OQCFRAs4AodTXAK6A;dc_trk_aid=445387738;dc_trk_cid=117597040;ord=1449627822;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=

Request Chain 415

https://tags.bluekai.com/site/20486?limit=0&id=5978151498354675946&redir=https://ml314.com/csync.ashx%3Ffp=$_BK_UUID%26person_id=5978151498354675946%26eid=50056 HTTP 302
https://ml314.com/csync.ashx?fp=mhmBvQ99999fK%2Fa5&person_id=5978151498354675946&eid=50056

Request Chain 416

https://idsync.rlcdn.com/395886.gif?partner_uid=5978151498354675946 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTNTk3ODE1MTQ5ODM1NDY3NTk0NhAAGg0IvdCE7AUSBQjoBxAAQgBKAA HTTP 307
https://ml314.com/csync.ashx?fp=&person_id=5978151498354675946&eid=50082

Request Chain 417

https://pixel.mathtag.com/sync/img?redir=https://ml314.com/csync.ashx%3Ffp=[MM_UUID]%26person_id=5978151498354675946%26eid=50220 HTTP 302
https://pixel.mathtag.com/sync/img?redir=https://ml314.com/csync.ashx%3Ffp=[MM_UUID]%26person_id=5978151498354675946%26eid=50220&mm_bnc&mm_bct&UUID=b7f15d81-2273-4200-be6f-034dbfae528d HTTP 302
https://ml314.com/csync.ashx?fp=b7f15d81-2273-4200-be6f-034dbfae528d&person_id=5978151498354675946&eid=50220

Request Chain 418

https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D5978151498354675946 HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D5978151498354675946 HTTP 302
https://ml314.com/csync.ashx?fp=54a1289d7cc772f1b362e0b6201ea5b2&eid=50146&person_id=5978151498354675946

Request Chain 419

https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif HTTP 302
https://ml314.com/utsync.ashx?eid=50052&et=0&fp=218mhpPjlMmKCGGfB9GkKysOSSQ4PIuc570xlOSQWdfM&gdpr=1&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil HTTP 302
https://ml314.com/csync.ashx?fp=218mhpPjlMmKCGGfB9GkKysOSSQ4PIuc570xlOSQWdfM&person_id=5978151498354675946&eid=50052&return=https%3a%2f%2fps.eyeota.net%2fmatch%3fbid%3dr8hrb20%26uid%3dnil HTTP 302
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil

438 HTTP transactions
21 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/ 486 KB
112 KB 434ms
348ms Document
text/html 23.210.249.64
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.210.249.64 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a23-210-249-64.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

dac5c247fcf1856ab8a1ac7049b98e5a9f042881c6be1870945bb4b5465d5ae5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .zdnet.com .ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.zdnet.com
:scheme: https
:path: /article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1

Response headers

status: 200
server: nginx
content-type: text/html; charset=UTF-8
cache-control: max-age=5400, private
x-tx-id: 9efc2b2d-1045-479d-a9a6-026752a50932
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
expect-ct: max-age=0, report-uri="https://7a8f8748a40805618a61b617481a6ebc.report-uri.com/r/d/ct/reportOnly"
expires: Tue, 17 Sep 2019 18:51:12 GMT
last-modified: Tue, 17 Sep 2019 17:21:12 GMT
content-security-policy: frame-ancestors 'self' *.zdnet.com *.ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
x-frame-options: SAMEORIGIN
access-control-allow-origin: https://www.zdnet.com
content-encoding: gzip
accept-ranges: bytes
x-akamai-transformed: 9 117450 0 pmb=mTOE,2
date: Tue, 17 Sep 2019 18:38:46 GMT
set-cookie: fly_device=desktop; expires=Tue, 24-Sep-2019 18:38:46 GMT; path=/; domain=.zdnet.com; secure fly_geo={"countryCode": "gb"}; expires=Tue, 24-Sep-2019 18:38:46 GMT; path=/; domain=.zdnet.com; secure fly_preferred_edition=uk; path=/; domain=.zdnet.com; secure fly_default_edition=uk; path=/; domain=.zdnet.com; secure ak_bmsc=ED4772C9FAF4CBA77999FD2112E232AC48F7B364DA0600003628815DF6315F31~plkvQtedcQuw+lUMshiAYKiFKrBfPggJ8B3d4YbwmiCMDip3SVQDvKyDHswZ3w70RrmANzZ+MN8hOKItA1OPwHKx3EmtyJjWJTesCc6fjm0mzlwUZa5GOzyGMMi5n4xEsvxidvYYEJVrjhrmtAd7hTDhyDMmCdHFyzLvWj+jrGW/Ej/7ph8hcjXPVJeMY/eE2MFedu4pQEX2YvgU7Qg3ewTziDdZ8wGwvwomLlCFUPpCU=; expires=Tue, 17 Sep 2019 20:38:46 GMT; max-age=7200; path=/; domain=.zdnet.com; HttpOnly bm_mi=F2B02F4A161E9CDCEF795FB7B73B0C1B~cqx28Mafi0w6qkp1ZhDg+PEKyvdGcYnMheBcgnD9qVRSe2zNycYSST7LL33HPR7XCNKWHfWD5Tn7wYpkIpZoozFW4WwuuIOFN1Nzbkq68sS1lkTbwigndH65IjmRtavpgPYghZ73ny++SRDiccMAeye4YK7Rkruh27CnMXfjEEpEVllCN3UbL4RN7xB+/+AKiBsHP+6VOMrZmtNub8suhX2Yi+pdnx63HItTlSOzX/YKvPYN7O1CNqQVSm5OwJLoyg+ylJyvoZLo9HvH1hSam/1tOe2nJdeiE5jNOdCTyE/JQHv9UgalC6wPv29ATFqi; Domain=.zdnet.com; Path=/; Max-Age=0; HttpOnly
vary: Accept-Encoding, User-Agent
strict-transport-security: max-age=63072000; includeSubDomains; preload

GET
H2 200 main-0c0ec5e7a8-rev.css
zdnet1.cbsistatic.com/fly/1805-fly/css/core/ 357 KB
65 KB 25ms
6ms Stylesheet
text/css 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet1.cbsistatic.com/fly/1805-fly/css/core/main-0c0ec5e7a8-rev.css

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

d235e0475d0e47fa8ac7acb95ae361030406b78b6f8633538593ab77286fda7a

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 93638
status: 200
vary: Accept-Encoding
content-length: 65719
x-xss-protection: 1; mode=block
last-modified: Mon, 16 Sep 2019 16:26:59 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5d7fb7d3-593a3"
strict-transport-security: max-age=31536000
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 23 Sep 2019 16:38:08 GMT

GET
H2 200 controls-646631ea17-rev.css
zdnet2.cbsistatic.com/fly/css/video/htmlPlayerControls/ 41 KB
7 KB 20ms
6ms Stylesheet
text/css 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet2.cbsistatic.com/fly/css/video/htmlPlayerControls/controls-646631ea17-rev.css

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

cd97797f3232aac27d57b4b52b6a7f600a9f44d0b4907a07e481a811c87ce352

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 93636
status: 200
vary: Accept-Encoding
content-length: 6572
x-xss-protection: 1; mode=block
last-modified: Mon, 16 Sep 2019 16:27:13 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5d7fb7e1-a561"
strict-transport-security: max-age=31536000
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 23 Sep 2019 16:38:09 GMT

GET
H2 200 evidon-sitenotice-tag.js Show response
zdnet2.cbsistatic.com/fly/bundles/zdnetjs/js/libs/evidon/ 69 KB
14 KB 6ms
6ms Script
application/javascript 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet2.cbsistatic.com/fly/bundles/zdnetjs/js/libs/evidon/evidon-sitenotice-tag.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

8998e68f9bb1686ca1e03fcf3f0d6ea669c32d1f3554aeea809f1b1824ff6625

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58459
status: 200
vary: Accept-Encoding
content-length: 13960
x-xss-protection: 1; mode=block
last-modified: Mon, 16 Sep 2019 16:22:50 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5d7fb6da-1134e"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Sep 2019 02:24:27 GMT

GET
H2 200 country.js Show response
c.evidon.com/geo/ 263 B
434 B 121ms
41ms Script
application/x-javascript 23.45.108.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/geo/country.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.45.108.200 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-45-108-200.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 5f889444aff25ca5d87419f5a4abb5531ff5e1824bb4c12b0b4e770686b5551e

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:46 GMT
content-encoding: gzip
last-modified: Wed, 30 May 2018 22:22:40 GMT
server: Apache
status: 200
etag: "51ef95ed95600c4c3543a2ed615f4a96:1527718960"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 86400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 170

GET
H2 200 snthemes.js Show response
zdnet3.cbsistatic.com/fly/bundles/zdnetjs/js/libs/evidon/ 94 KB
8 KB 7ms
6ms Script
application/javascript 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet3.cbsistatic.com/fly/bundles/zdnetjs/js/libs/evidon/snthemes.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

39f0e13a96fd029965b5b5fd3504853b6fe6ded07b4dd8862a0e033be626e655

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 299764
status: 200
vary: Accept-Encoding
content-length: 7763
x-xss-protection: 1; mode=block
last-modified: Thu, 12 Sep 2019 10:19:34 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5d7a1bb6-177f3"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Sep 2019 07:17:39 GMT

GET
H2 200 settings.js Show response
zdnet4.cbsistatic.com/fly/bundles/zdnetjs/js/libs/evidon/ 33 KB
2 KB 31ms
6ms Script
application/javascript 2a04:4e42:3::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet4.cbsistatic.com/fly/bundles/zdnetjs/js/libs/evidon/settings.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

ad7ed17bf4c8d9dd2511e7254670822d0f90c8fb89187f860cfbcb91821abc84

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 576975
status: 200
vary: Accept-Encoding
content-length: 1669
x-xss-protection: 1; mode=block
last-modified: Tue, 10 Sep 2019 14:04:37 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5d77ad75-828e"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Sep 2019 02:22:30 GMT

GET
H2 200 en.js Show response
zdnet2.cbsistatic.com/fly/js/libs/evidon/translations/ 311 KB
14 KB 9ms
9ms Script
application/javascript 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet2.cbsistatic.com/fly/js/libs/evidon/translations/en.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/bundles/zdnetjs/js/libs/evidon/evidon-sitenotice-tag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

caab9bbec165591d5214448b624dae44a3cbc575721ba71da2f7130bbbcbc6dc

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 402282
status: 200
vary: Accept-Encoding
content-length: 14353
x-xss-protection: 1; mode=block
last-modified: Thu, 12 Sep 2019 10:22:06 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5d7a1c4e-4ddff"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Sep 2019 02:54:04 GMT

GET
H2 200 49d6c90a Show response
www.zdnet.com/akam/11/ 32 KB
11 KB 54ms
54ms Script
application/javascript 23.210.249.64
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/akam/11/49d6c90a

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.210.249.64 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a23-210-249-64.deploy.static.akamaitechnologies.com

Software

Resource Hash

cfbc1593f796a187c71f707ae4ea65b43560e8cb7dd238bdd0919b1f87162403

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:46 GMT
content-encoding: gzip
last-modified: Thu, 02 May 2019 20:07:36 GMT
etag: "80b6faa95abfffca69b68e99f73047005936c34f455509262c1967022cf6fceb"
vary: Accept-Encoding, User-Agent
content-type: application/javascript
status: 200
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 10429

GET
DATA 200
OK truncated
/ 917 B
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2fe67ecc4354b214728e0a7d75b67536a78f6b575080b589d54a1937fc46b41

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1724d7fd70903754d6f29172f2ac879dc6dab79df6c4c78ed06f45c0f117e15c

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ceffb891c3e1891757ead2e7e41497adc13abca0d14d7f58d20e3aa8d5aee108

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c0ccb11374e2374cb7a52c792ffe07d9203d28d4ad97623bcf27bc58d2513f9

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 catalin-cimpanu.jpg
zdnet3.cbsistatic.com/hub/i/r/2018/08/21/a59867e9-8d75-40af-a87c-690638f8afa4/thumbnail/40x40/e9e4d21a35e101b1402c656cf979114c/ 910 B
1 KB 7ms
6ms Image
image/jpeg 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet3.cbsistatic.com/hub/i/r/2018/08/21/a59867e9-8d75-40af-a87c-690638f8afa4/thumbnail/40x40/e9e4d21a35e101b1402c656cf979114c/catalin-cimpanu.jpg

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

ba2fa15976662b87f31dccdd53d415b927f2118760fdafc4ac21dd2c1b234ff3

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:46 GMT
x-content-type-options: nosniff
age: 5444954
status: 200
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 910
x-xss-protection: 1; mode=block
last-modified: Mon, 03 Sep 2018 02:32:23 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jul 2020 18:08:02 GMT

GET
H2 200 emotet.png
zdnet3.cbsistatic.com/hub/i/2019/04/11/1df1f32e-bbc1-4cee-866e-864a7f8f8ea6/22ab8f55a7ad94b7f18c53ab7f2f2b0f/ 25 KB
25 KB 7ms
6ms Image
image/png 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet3.cbsistatic.com/hub/i/2019/04/11/1df1f32e-bbc1-4cee-866e-864a7f8f8ea6/22ab8f55a7ad94b7f18c53ab7f2f2b0f/emotet.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

adfb04b671c5cadeaf8c06da83dc6a65f257af7a3f5c33bb59ced910b6fe1f90

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 127236
status: 200
content-transfer-encoding: binary
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 24878
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "c5a4273ee913c53de4b72fadbfc6cb7f"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 mag-white01.png
zdnet4.cbsistatic.com/fly/1568650970-fly/bundles/zdnetcss/images/core/ 1 KB
1 KB 6ms
6ms Image
image/png 2a04:4e42:3::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet4.cbsistatic.com/fly/1568650970-fly/bundles/zdnetcss/images/core/mag-white01.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

69721aa2f1085046c84d1943a1daa0515be8e2f060c21063024ea117789e425c

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://zdnet1.cbsistatic.com/fly/1805-fly/css/core/main-0c0ec5e7a8-rev.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 93634
status: 200
vary: Accept-Encoding
content-length: 936
x-xss-protection: 1; mode=block
last-modified: Mon, 16 Sep 2019 16:22:50 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5d7fb6da-4f1"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 23 Sep 2019 16:38:11 GMT

GET
H2 200 Raleway-Bold.woff2
zdnet1.cbsistatic.com/bundles/zdnetcss/fonts/raleway/ 51 KB
51 KB 29ms
16ms Font
application/octet-stream 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet1.cbsistatic.com/bundles/zdnetcss/fonts/raleway/Raleway-Bold.woff2

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

9db8bd3e641dc88d54edf476a148e75e29b4e8ccd040cb340404d557578dcfbd

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
Referer: https://zdnet1.cbsistatic.com/fly/1805-fly/css/core/main-0c0ec5e7a8-rev.css
Origin: https://www.zdnet.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:46 GMT
x-content-type-options: nosniff
nncoection: close
age: 5445113
status: 200
vary: Accept-Encoding
content-length: 52212
x-xss-protection: 1; mode=block
last-modified: Tue, 16 Jul 2019 08:38:39 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "5d2d8d0f-cbf4"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jul 2020 18:06:51 GMT

GET
H2 200 Raleway-Light.woff2
zdnet1.cbsistatic.com/bundles/zdnetcss/fonts/raleway/ 50 KB
50 KB 29ms
17ms Font
application/octet-stream 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet1.cbsistatic.com/bundles/zdnetcss/fonts/raleway/Raleway-Light.woff2

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

6de73873dd441f953668e77030299f082e0f3e6335bf944d88d44978162e6609

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
Referer: https://zdnet1.cbsistatic.com/fly/1805-fly/css/core/main-0c0ec5e7a8-rev.css
Origin: https://www.zdnet.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:46 GMT
x-content-type-options: nosniff
age: 5445113
status: 200
vary: Accept-Encoding
content-length: 51608
x-xss-protection: 1; mode=block
last-modified: Tue, 16 Jul 2019 08:38:39 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "5d2d8d0f-c998"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jul 2020 18:06:51 GMT

GET
H2 200 Raleway-Regular.woff2
zdnet1.cbsistatic.com/bundles/zdnetcss/fonts/raleway/ 50 KB
51 KB 19ms
6ms Font
application/octet-stream 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet1.cbsistatic.com/bundles/zdnetcss/fonts/raleway/Raleway-Regular.woff2

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

66ef1b7581d8ef7b82bfe2ca363a612a479d89b808e2241f68d3e8c75f4f06d4

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
Referer: https://zdnet1.cbsistatic.com/fly/1805-fly/css/core/main-0c0ec5e7a8-rev.css
Origin: https://www.zdnet.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:46 GMT
x-content-type-options: nosniff
age: 4899286
status: 200
vary: Accept-Encoding
content-length: 51572
x-xss-protection: 1; mode=block
last-modified: Mon, 22 Jul 2019 16:01:41 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "5d35dde5-c974"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jul 2020 01:11:57 GMT

GET
H2 200 regin.png
zdnet4.cbsistatic.com/hub/i/r/2019/07/08/b0bcf6a6-d5b0-4788-8484-afb528f2f9a8/thumbnail/170x128/94395f77f33706b2913a6537f62020dc/ 18 KB
18 KB 7ms
6ms Image
image/png 2a04:4e42:3::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet4.cbsistatic.com/hub/i/r/2019/07/08/b0bcf6a6-d5b0-4788-8484-afb528f2f9a8/thumbnail/170x128/94395f77f33706b2913a6537f62020dc/regin.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

0821a4e3c939f773991479316a8e6dbbe73959d2a1b2830ddd79567d51b94241

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1787794
status: 200
content-transfer-encoding: binary
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 18503
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "79b8072704504943c4a4e5900945f2a9"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 flame.png
zdnet4.cbsistatic.com/hub/i/r/2019/07/08/8a460c03-f622-45ad-834a-9ca3408f47bf/thumbnail/170x128/ee9fa64f648b0d75e327f56454a1c2c3/ 23 KB
23 KB 13ms
11ms Image
image/png 2a04:4e42:3::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet4.cbsistatic.com/hub/i/r/2019/07/08/8a460c03-f622-45ad-834a-9ca3408f47bf/thumbnail/170x128/ee9fa64f648b0d75e327f56454a1c2c3/flame.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

936dc650424e586efd0dd47b9e2073864b0f2d224ba4eeffbe185aabaf545cbf

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1787794
status: 200
content-transfer-encoding: binary
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 23476
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "befa130dcb31961fa251d61e1e6ba0e1"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 stuxnet.png
zdnet2.cbsistatic.com/hub/i/r/2019/07/08/7d9b8688-ae13-49b5-b5e4-525f2ac5ff26/thumbnail/170x128/f3d4e34bb87d561217090fdb4f6d469c/ 27 KB
27 KB 8ms
6ms Image
image/png 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet2.cbsistatic.com/hub/i/r/2019/07/08/7d9b8688-ae13-49b5-b5e4-525f2ac5ff26/thumbnail/170x128/f3d4e34bb87d561217090fdb4f6d469c/stuxnet.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

29655aa4bb3dca26b3d6a18c3a4aadcf7a6d13718611dc8c12d86f66ebabefe5

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4591350
status: 200
content-transfer-encoding: binary
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 27363
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "1fdd72b9fc6717195f76ea7c0783fa25"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 shamoon.png
zdnet4.cbsistatic.com/hub/i/r/2019/07/08/425ad5e4-30d3-477f-8da5-e3c47a159d00/thumbnail/170x128/2bc57b7723807c22d95a5ecf4a50af7e/ 24 KB
24 KB 18ms
16ms Image
image/png 2a04:4e42:3::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet4.cbsistatic.com/hub/i/r/2019/07/08/425ad5e4-30d3-477f-8da5-e3c47a159d00/thumbnail/170x128/2bc57b7723807c22d95a5ecf4a50af7e/shamoon.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

12bdb2e244cdb7b686f139afaeb84701747cd38419ac2f5cc44d3805e9034079

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4539862
status: 200
content-transfer-encoding: binary
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 24615
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "e1f70e23dce0d941aa028f900244a094"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 triton.png
zdnet4.cbsistatic.com/hub/i/r/2019/07/08/4e8bc7d3-5907-4c46-b75f-537bb529426e/thumbnail/170x128/2bc866b4f19fe9a7d2bdd1586769b5ac/ 24 KB
24 KB 17ms
16ms Image
image/png 2a04:4e42:3::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet4.cbsistatic.com/hub/i/r/2019/07/08/4e8bc7d3-5907-4c46-b75f-537bb529426e/thumbnail/170x128/2bc866b4f19fe9a7d2bdd1586769b5ac/triton.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

443238fc6591bfd1bc56ce75064045ecd9f8619bf2d2b18d8420c4d9b5baa618

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 845334
status: 200
content-transfer-encoding: binary
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 24011
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "8f51d048845867380207217d2b5c3156"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 ecuador-data-breach.jpg
zdnet4.cbsistatic.com/hub/i/r/2019/09/17/71996cb9-8a95-41cd-afaf-463660269e9a/thumbnail/170x128/30493391bb2e21267a678d91695d4687/ 7 KB
7 KB 23ms
21ms Image
image/jpeg 2a04:4e42:3::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet4.cbsistatic.com/hub/i/r/2019/09/17/71996cb9-8a95-41cd-afaf-463660269e9a/thumbnail/170x128/30493391bb2e21267a678d91695d4687/ecuador-data-breach.jpg

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

769737b0e36daf92a9b050ab0d94b0005182cfb19fdc3f61745c5ad7e3de4c6f

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8807
status: 200
content-transfer-encoding: binary
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 6825
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "9fa83fec3cf3810e5680ed45f7124dce"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 screenshot-2019-09-17-at-16-34-20.png
zdnet3.cbsistatic.com/hub/i/r/2019/09/17/a989f71b-d227-4478-95ad-8ec73619685d/thumbnail/170x128/6a872cb4f0fc9cf1ed6d86a329504e8d/ 44 KB
44 KB 8ms
7ms Image
image/png 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet3.cbsistatic.com/hub/i/r/2019/09/17/a989f71b-d227-4478-95ad-8ec73619685d/thumbnail/170x128/6a872cb4f0fc9cf1ed6d86a329504e8d/screenshot-2019-09-17-at-16-34-20.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

295ba7918375b2e8dd196dd0467bbc2c67d3220fdbd3468d699ed8e0f5f4a8a8

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10132
status: 200
content-transfer-encoding: binary
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 45149
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "faf5f848713c920a20a582b87c75ef9d"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 istock-845470768.jpg
zdnet3.cbsistatic.com/hub/i/r/2019/08/02/fe1a8e3a-e4ba-44de-9b94-10ca71f90471/thumbnail/170x128/ea1c6af84c2b873b774e4b784c56269b/ 9 KB
9 KB 8ms
6ms Image
image/jpeg 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet3.cbsistatic.com/hub/i/r/2019/08/02/fe1a8e3a-e4ba-44de-9b94-10ca71f90471/thumbnail/170x128/ea1c6af84c2b873b774e4b784c56269b/istock-845470768.jpg

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

3c4e5d9190758a17654ffba0d04c5a820ba6ed162cd10807e9ccdcb2c20662e6

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1060887
status: 200
content-transfer-encoding: binary
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 8640
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "29a6aa8af3c942a277478a90aa4cae21"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 screenshot-2019-09-17-at-10-37-56.png
zdnet4.cbsistatic.com/hub/i/r/2019/09/17/c93a8c75-848b-4c7f-9360-284089fa96b1/thumbnail/170x128/a8b9b02555a8b45adfddc40b0af63339/ 41 KB
41 KB 23ms
22ms Image
image/png 2a04:4e42:3::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet4.cbsistatic.com/hub/i/r/2019/09/17/c93a8c75-848b-4c7f-9360-284089fa96b1/thumbnail/170x128/a8b9b02555a8b45adfddc40b0af63339/screenshot-2019-09-17-at-10-37-56.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

b8f859b2a0490954900d375eda51f31d6c8bcbc90bc4e6be102295514271bac9

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19606
status: 200
content-transfer-encoding: binary
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 41813
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "a34335a3bede0f17a7af733b697ad848"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 gootkit.png
zdnet1.cbsistatic.com/hub/i/r/2019/09/17/3f876e1a-ddbf-4b5e-adbd-559f5136ca5a/thumbnail/170x128/2ceab5a74f8e7e97a4325360fd2b2e81/ 19 KB
19 KB 8ms
7ms Image
image/png 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet1.cbsistatic.com/hub/i/r/2019/09/17/3f876e1a-ddbf-4b5e-adbd-559f5136ca5a/thumbnail/170x128/2ceab5a74f8e7e97a4325360fd2b2e81/gootkit.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

010ec20667d89c6c6d99390a2a455a95a9db0f47002bbc8730b6f5be20b0df2e

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20291
status: 200
content-transfer-encoding: binary
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 19281
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "85aa96d070f948fc891f02bacbddb48f"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 screenshot-2019-09-17-at-13-14-34.png
zdnet4.cbsistatic.com/hub/i/r/2019/09/17/5fb8f07e-f9ed-48af-afcc-2bb15017dda6/thumbnail/170x128/79ff0f8653dd20150d619a67cdbafd96/ 59 KB
59 KB 24ms
22ms Image
image/png 2a04:4e42:3::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet4.cbsistatic.com/hub/i/r/2019/09/17/5fb8f07e-f9ed-48af-afcc-2bb15017dda6/thumbnail/170x128/79ff0f8653dd20150d619a67cdbafd96/screenshot-2019-09-17-at-13-14-34.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

9786a4e2b96b8585d2796041fc235f69ecb3b745371b2fa647effbaafac790c2

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:46 GMT
x-content-type-options: nosniff
age: 22666
status: 200
content-transfer-encoding: binary
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 60358
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "862a8af927652b7b2fbf7128cf6b360f"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 screenshot-2019-09-17-at-10-35-24.png
zdnet4.cbsistatic.com/hub/i/r/2019/09/17/95834b58-1b5b-42f0-bf56-a21315b4b7fd/thumbnail/170x128/769332030c408c3dc4431360b436fc9f/ 38 KB
38 KB 17ms
16ms Image
image/png 2a04:4e42:3::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet4.cbsistatic.com/hub/i/r/2019/09/17/95834b58-1b5b-42f0-bf56-a21315b4b7fd/thumbnail/170x128/769332030c408c3dc4431360b436fc9f/screenshot-2019-09-17-at-10-35-24.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

b8c2f45bde4f979653211dd37ee65fd030f2f02a3803108eb189c2203313f0c4

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:46 GMT
x-content-type-options: nosniff
age: 26868
status: 200
content-transfer-encoding: binary
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 38672
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "395fb64a55a3a57fdd9de78e425b9852"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 pensivemanlaptopistock-612851322.jpg
zdnet1.cbsistatic.com/hub/i/r/2019/09/04/89d1b067-834a-49af-869c-598239524d03/thumbnail/170x128/3cc69b438816e4d8d9eae8aa111ad0da/ 7 KB
7 KB 8ms
7ms Image
image/jpeg 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet1.cbsistatic.com/hub/i/r/2019/09/04/89d1b067-834a-49af-869c-598239524d03/thumbnail/170x128/3cc69b438816e4d8d9eae8aa111ad0da/pensivemanlaptopistock-612851322.jpg

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

23331b4f64e824c9ae59d496c6da0fb92d136a414aaa88202284314c01d91b54

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1150135
status: 200
content-transfer-encoding: binary
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 6618
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "ae3d525daf92cee0003a7f2d92c34ea3"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 watching-eye.jpg
zdnet1.cbsistatic.com/hub/i/r/2017/04/20/96cc5dcf-52b3-4a03-bc10-f9f4d0d5adbe/thumbnail/170x128/07c9c9679cb3568dff529d6b1db18f07/ 10 KB
9 KB 8ms
7ms Image
image/jpeg 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet1.cbsistatic.com/hub/i/r/2017/04/20/96cc5dcf-52b3-4a03-bc10-f9f4d0d5adbe/thumbnail/170x128/07c9c9679cb3568dff529d6b1db18f07/watching-eye.jpg

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

14fff73cc1b6830fb97fdb96495f9a48090b7b5c98ae028fa36f41a80ea19501

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63772
status: 200
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 9357
x-xss-protection: 1; mode=block
last-modified: Thu, 19 Oct 2017 16:20:15 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Sep 2020 00:55:35 GMT

GET
H2 200 require-2.1.2.js Show response
zdnet2.cbsistatic.com/fly/1805-fly/js/libs/ 16 KB
6 KB 8ms
8ms Script
application/javascript 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet2.cbsistatic.com/fly/1805-fly/js/libs/require-2.1.2.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

f96f203f5605c9f56e7f6f97caf6ea84f122872ec3c5ac1f9037a1b508c706ee

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 93637
status: 200
vary: Accept-Encoding
content-length: 6305
x-xss-protection: 1; mode=block
last-modified: Mon, 16 Sep 2019 16:26:57 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5d7fb7d1-3f09"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 23 Sep 2019 16:38:09 GMT

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 logo.png
zdnet4.cbsistatic.com/fly/1568650970-fly/bundles/zdnetcss/images/core/ 4 KB
4 KB 6ms
6ms Image
image/png 2a04:4e42:3::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet4.cbsistatic.com/fly/1568650970-fly/bundles/zdnetcss/images/core/logo.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

ff2ae991ac0efdb5ae8b4428ba8555a0aeb0fd94b8014ce290c484242c524097

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://zdnet1.cbsistatic.com/fly/1805-fly/css/core/main-0c0ec5e7a8-rev.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 93635
status: 200
vary: Accept-Encoding
content-length: 4128
x-xss-protection: 1; mode=block
last-modified: Mon, 16 Sep 2019 16:22:50 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5d7fb6da-1009"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 23 Sep 2019 16:38:09 GMT

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d54f94df1233ab7224af68f63fe3df27584c4c01d70b2e65bcdc774ba05c6b41

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 157 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 vendorlist.js Show response
zdnet2.cbsistatic.com/fly/js/libs/evidon/ 113 KB
51 KB 6ms
6ms Script
application/javascript 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet2.cbsistatic.com/fly/js/libs/evidon/vendorlist.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/bundles/zdnetjs/js/libs/evidon/evidon-sitenotice-tag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

eb07b53d262575cef96004e2be725ac235db39262e9bb8466a2a9b85cf532aa8

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 399878
status: 200
vary: Accept-Encoding
content-length: 52305
x-xss-protection: 1; mode=block
last-modified: Thu, 12 Sep 2019 10:22:07 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5d7a1c4f-1c3b9"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Sep 2019 03:34:06 GMT

GET
H2 200 main.default.js Show response
zdnet3.cbsistatic.com/fly/1805-fly/js/ 209 KB
69 KB 6ms
6ms Script
application/javascript 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet3.cbsistatic.com/fly/1805-fly/js/main.default.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1805-fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

9129de7e22b312f68817ca6fb8472884ba0fbed5981b2d70872113823ec27438

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 93637
status: 200
vary: Accept-Encoding
content-length: 70874
x-xss-protection: 1; mode=block
last-modified: Mon, 16 Sep 2019 16:26:59 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5d7fb7d3-3442d"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 23 Sep 2019 16:38:09 GMT

GET
H/1.1 200
OK ls-zdnet.js Show response
js-sec.indexww.com/ht/ 85 KB
26 KB 708ms
634ms Script
text/javascript 2.18.234.21
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/ls-zdnet.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 57e1e8e64fe95a0acc0822d690633b9450b26919fcedc32958ebcf7d39393181

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 18:38:47 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 Sep 2019 18:35:06 GMT
Server: Apache
ETag: "90456f-15269-592c3fab944fd"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3591
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 26184
Expires: Tue, 17 Sep 2019 19:38:38 GMT

GET
H/1.1 200
OK YZ2TK-PC7PJ-K64DL-L53CR-P2G4E Show response
c.go-mpulse.net/boomerang/ Frame 6760 187 KB
55 KB 147ms
68ms Script
application/javascript 104.108.48.32
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/boomerang/YZ2TK-PC7PJ-K64DL-L53CR-P2G4E
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.48.32 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-108-48-32.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e0b8436d50fb200de76d7a25cf450ea238cd100197f8e9d462e9228153da873f

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 18:38:46 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/javascript;charset=UTF-8
Cache-Control: max-age=604800, s-maxage=604800
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Timing-Allow-Origin: *

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 41 KB
13 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

b845f2d1f90649b1f179899e2655575fe42f844a32206ae95e864c1723541acf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "282 / 880 of 1000 / last-modified: 1568744087"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 13148
x-xss-protection: 0
expires: Tue, 17 Sep 2019 18:38:46 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
28 KB 6ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40E8) /
Resource Hash: 45491009ecacd44a68ce929f718ec44a30d50b204a1c0302871ea801a2410171

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 18:38:46 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 Sep 2019 17:14:55 GMT
Server: ECS (fcn/40E8)
Etag: "2de633c541519a6e0e3cc9b2a90013da+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 28608

GET
H2 200 sfp.js Show response
native.sharethrough.com/assets/ 414 KB
117 KB 240ms
151ms Script
application/javascript 143.204.214.33
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://native.sharethrough.com/assets/sfp.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.214.33 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-214-33.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3b3ec1cd8d0742d8fe649237a5bdd012339d75738c3f62db356d8a0c59eac24a

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:48 GMT
content-encoding: gzip
last-modified: Tue, 17 Sep 2019 17:46:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=3600
x-amz-cf-id: fv-IQ6OehKoofcCk-On3LQd78Ajt43jAnDZKQHYcJYyGRPi0S47d6A==
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
expires: Tue, 17 Sep 2019 18:46:45 GMT

GET
H2 200 evidon-banner.js Show response
zdnet2.cbsistatic.com/fly/js/libs/evidon/ 8 KB
3 KB 6ms
6ms Script
application/javascript 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet2.cbsistatic.com/fly/js/libs/evidon/evidon-banner.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/bundles/zdnetjs/js/libs/evidon/evidon-sitenotice-tag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

c649aaa88ce29f86caa50dc08e1745c9783e049656ff2d5a93ef813b7f0c662a

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 416997
status: 200
vary: Accept-Encoding
content-length: 2440
x-xss-protection: 1; mode=block
last-modified: Thu, 12 Sep 2019 10:22:04 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5d7a1c4c-1faf"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Sep 2019 22:40:17 GMT

GET
H2 204 18863
l.betrad.com/site/v3/425/3445/6/1/2/2/ 0
120 B 303ms
102ms Image
text/plain 35.168.89.158
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.betrad.com/site/v3/425/3445/6/1/2/2/18863?consent=1
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.89.158 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-168-89-158.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
date: Tue, 17 Sep 2019 18:38:47 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary: Accept-Encoding

GET
H2 200 ;ord=1568745526920
ad.doubleclick.net/ddm/ad/lcaregyh/rvkzintn/ 43 B
206 B 45ms
44ms Image
image/gif 172.217.21.198
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/ad/lcaregyh/rvkzintn/;ord=1568745526920?

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.198 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s12-in-f198.1e100.net

Software

cafe /

Resource Hash

9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Sep 2019 18:38:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 43
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK widget_iframe.d6364fae9340b0be5f13818370141fd0.html
platform.twitter.com/widgets/ Frame A2F4 0
0 6ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.d6364fae9340b0be5f13818370141fd0.html?origin=https%3A%2F%2Fwww.zdnet.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/4192) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Tue, 17 Sep 2019 18:38:46 GMT
Etag: "7d3f6ed140174a20e7c8be261a70a863+gzip"
Last-Modified: Tue, 17 Sep 2019 17:14:06 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/4192)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 5816

GET
H2 204 18863
l.betrad.com/site/v3/425/3445/6/4/2/2/ 0
120 B 273ms
107ms Image
text/plain 35.168.89.158
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.betrad.com/site/v3/425/3445/6/4/2/2/18863?consent=1
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.89.158 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-168-89-158.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
date: Tue, 17 Sep 2019 18:38:47 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary: Accept-Encoding

GET
H2 200 urs.js Show response
urs.zdnet.com/sdk/ 50 KB
50 KB 290ms
119ms Script
application/javascript 35.190.38.167
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://urs.zdnet.com/sdk/urs.js
Requested by: Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1805-fly/js/libs/require-2.1.2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.190.38.167 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 167.38.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ffaeeea8b8a09eda9e1eb2f2dc2c9ae055afb7fdbd4d88f57f324f8cad1d4ac5

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:47 GMT
via: 1.1 google
last-modified: Thu, 07 Feb 2019 14:05:56 GMT
etag: "5c5c3b44-c7f5"
content-type: application/javascript
status: 200
accept-ranges: bytes
alt-svc: clear
content-length: 51189

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 16ms
16ms Script
application/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.zdnet.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Sep 2019 18:38:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:809::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.zdnet.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Sep 2019 18:38:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2019090901.js Show response
securepubads.g.doubleclick.net/gpt/ 157 KB
58 KB 140ms
70ms Script
text/javascript 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019090901.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

d2064583dc074f40b117a6e11043ea853c50bc49954b5ac936a48d9482d36fa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 09 Sep 2019 13:07:13 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 59061
x-xss-protection: 0
expires: Tue, 17 Sep 2019 18:38:47 GMT

GET
H/1.1 200
OK moment~timeline~tweet.ec04a6cb5ba879d0e0db41f211639fdf.js Show response
platform.twitter.com/js/ 24 KB
8 KB 7ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/moment~timeline~tweet.ec04a6cb5ba879d0e0db41f211639fdf.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41AF) /
Resource Hash: 57811344d04a892ddcd3623c551ce97f268cdf0b300e2396cac5168dbc49d425

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 18:38:47 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 Sep 2019 17:14:00 GMT
Server: ECS (fcn/41AF)
Etag: "193d41dde5636e7f143422dcf5051b6d+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-control-allow-origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 7914

GET
H/1.1 200
OK tweet.b2d749028be81f16d9cb4994d9692feb.js Show response
platform.twitter.com/js/ 19 KB
7 KB 14ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/tweet.b2d749028be81f16d9cb4994d9692feb.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40D8) /
Resource Hash: 2137b85fb02da63ebddb0df947618705e590cac29d7dd5e268337e92ebf6751e

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 18:38:47 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 Sep 2019 17:14:00 GMT
Server: ECS (fcn/40D8)
Etag: "add928b0d9be8cf878d1c1f13a904301+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-control-allow-origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 6281

GET
H2 200 scrolling-mpu-22779a851e-rev.js Show response
zdnet3.cbsistatic.com/fly/js/components/ 956 B
621 B 6ms
6ms Script
application/javascript 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet3.cbsistatic.com/fly/js/components/scrolling-mpu-22779a851e-rev.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1805-fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

4d565f67641c732365c3180ec1e37c7a987825faad3e8632de8a07a9101feedd

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 526660
status: 200
vary: Accept-Encoding
content-length: 491
x-xss-protection: 1; mode=block
last-modified: Tue, 10 Sep 2019 14:07:29 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "5d77ae21-3bc"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Sep 2019 16:21:06 GMT

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/ 93 KB
19 KB 290ms
75ms Script
text/javascript 152.199.23.241
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js
Requested by: Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1805-fly/js/libs/require-2.1.2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (via/F2EE) /
Resource Hash: 64cfd2a647408273e2609b638b29d1f10370824f0169ee4db637edac660dfb66

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:47 GMT
content-encoding: gzip
last-modified: Mon, 16 Sep 2019 18:11:12 GMT
server: ECAcc (via/F2EE)
etag: "4063075910"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=300
accept-ranges: bytes
content-length: 19393
expires: Tue, 17 Sep 2019 18:43:47 GMT

GET
H2 200 syndication
syndication.twitter.com/i/jot/ 43 B
124 B 130ms
129ms Image
image/gif 104.244.42.136
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/syndication?l=%7B%22_category_%22%3A%22syndicated_impression%22%2C%22triggered_on%22%3A1568745527038%2C%22dnt%22%3Afalse%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22impression%22%7D%7D

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 109
pragma: no-cache
last-modified: Tue, 17 Sep 2019 18:38:47 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 53b54ccb72dd96ae3c33363a3f764e74
x-transaction: 00fb1595009421ee
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 tweets.json Show response
cdn.syndication.twimg.com/ 43 KB
5 KB 202ms
201ms Script
application/javascript 2606:2800:134:1a0d:1429:742:782:b6
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/tweets.json?callback=__twttr.callbacks.cb0&ids=1057333314896494592%2C1161313895887376384%2C1164902044014194690%2C1173506983997186053%2C1173512556960452608%2C1173517787597172741&lang=en&suppress_response_codes=true&theme=light&tz=GMT%2B0200

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

tsa_f /

Resource Hash

5f37ba5dbec53bc9e91c474ddeff2d69b22b7ff005208b0a04150a00449a7eaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-disposition: attachment; filename=jsonp.jsonp
content-length: 4816
x-xss-protection: 0
x-response-time: 178
last-modified: Tue, 17 Sep 2019 18:38:47 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: must-revalidate, max-age=60
x-connection-hash: 7976be414802db4342e3be0e188a4d70
timing-allow-origin: *
x-transaction: 005aefe7001ed327
expires: Tue, 17 Sep 2019 18:39:47 GMT

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ Frame 6760 2 KB
1 KB 353ms
278ms XHR
application/json 104.108.48.32
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=YZ2TK-PC7PJ-K64DL-L53CR-P2G4E&d=www.zdnet.com&t=5229152&v=1.571.0&if=&sl=0&si=572vbgvbhbu-NaN&plugins=ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,LOGN&acao=
Requested by: Host: c.go-mpulse.net
URL: https://c.go-mpulse.net/boomerang/YZ2TK-PC7PJ-K64DL-L53CR-P2G4E
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.48.32 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-108-48-32.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d31c621bb6f98f0d2f55b5f3b72b82c8c4aaf85a6365eeb21891b1986bde9b31

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 18:38:47 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://www.zdnet.com
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 692

GET
H2 200 1f4c9.png
abs.twimg.com/emoji/v2/72x72/ 726 B
898 B 1409ms
1408ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f4c9.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40B3) /

Resource Hash

579ae4fc4f4666d0177f25dc10379d7f147353006063a8903599976e3e6526b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:48 GMT
x-content-type-options: nosniff
x-ton-expected-size: 726
x-cache: HIT
status: 200
content-length: 726
x-response-time: 26
surrogate-key: twitter-assets
last-modified: Thu, 17 May 2018 19:31:06 GMT
server: ECS (fcn/40B3)
etag: "Cl9ge58w3w+BkEMBmHp0Qg=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 2a73c4eee184662ec8436177bec76d88
accept-ranges: bytes
expires: Wed, 16 Sep 2020 18:38:48 GMT

GET
H2 200 1f4c8.png
abs.twimg.com/emoji/v2/72x72/ 727 B
907 B 8ms
7ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f4c8.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40DC) /

Resource Hash

72b0d27cb37a1d6380662025e6d8898a27ec53c2735db7f2f2cb10688e4a00fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:39:05 GMT
x-content-type-options: nosniff
x-ton-expected-size: 727
x-cache: HIT
status: 200
content-length: 727
x-response-time: 30
surrogate-key: twitter-assets
last-modified: Thu, 17 May 2018 19:31:06 GMT
server: ECS (fcn/40DC)
etag: "K1Nz9iTmqEmc8RmP2POJ5A=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: e45d2c6a30c174f564b19d26fc654c46
accept-ranges: bytes
expires: Wed, 16 Sep 2020 18:39:05 GMT

GET
H2 200 1f512.png
abs.twimg.com/emoji/v2/72x72/ 411 B
589 B 8ms
8ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f512.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41A4) /

Resource Hash

a864d0a8fdb6277ffcc33ee6c1a2e955649958462c04bc407c04b4b1a961cc38

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:47 GMT
x-content-type-options: nosniff
x-ton-expected-size: 411
x-cache: HIT
status: 200
content-length: 411
x-response-time: 22
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:25 GMT
server: ECS (fcn/41A4)
etag: "etl6GT5PNovC2CLQM2cuvA=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: b91da58d8398a0ce4f5b31b97b000e3c
accept-ranges: bytes
expires: Wed, 16 Sep 2020 18:38:47 GMT

GET
H2 200 1f4b0.png
abs.twimg.com/emoji/v2/72x72/ 772 B
964 B 9ms
8ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f4b0.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40E7) /

Resource Hash

356cbaf73b1793d3073c3f153e9b80e6e93793f7dca9e620094ca9abccc8f401

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:47 GMT
x-content-type-options: nosniff
x-ton-expected-size: 772
x-cache: HIT
status: 200
content-length: 772
x-response-time: 8
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:24 GMT
server: ECS (fcn/40E7)
etag: "dEBJD21wLvr4rF84v1KofQ=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: df9a1e592d30f2226c7cfb70c39280b5
accept-ranges: bytes
expires: Wed, 16 Sep 2020 18:38:47 GMT

GET
H2 200 1f3db.png
abs.twimg.com/emoji/v2/72x72/ 508 B
643 B 9ms
8ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f3db.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40D7) /

Resource Hash

bff5eb66c3c0decba63e447374e2c281f9b23fc9a489230d5c0e93317a2e798f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:47 GMT
x-content-type-options: nosniff
x-ton-expected-size: 508
x-cache: HIT
status: 200
content-length: 508
x-response-time: 20
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:28:33 GMT
server: ECS (fcn/40D7)
etag: "GqVWH4/rPcb+GHTuuP06Xw=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 559a7102e170bf53947f5e6613c9e66b
accept-ranges: bytes
expires: Wed, 16 Sep 2020 18:38:47 GMT

GET
H/1.1 200
OK tweet.9bf5093a19cec463852b31b784bf047a.light.ltr.css
platform.twitter.com/css/ 51 KB
12 KB 7ms
7ms Stylesheet
text/css 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/tweet.9bf5093a19cec463852b31b784bf047a.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40F7) /
Resource Hash: 82362621d84dafedb468e0a04d88dcc0730114e52b6907a2e89141e7ae379aed

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 18:38:47 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Sep 2019 22:11:05 GMT
Server: ECS (fcn/40F7)
Etag: "98ef2a3a88ab7443920fb6114193c099+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-control-allow-origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: text/css; charset=utf-8
Content-Length: 11553

GET
H/1.1 200
OK tweet.9bf5093a19cec463852b31b784bf047a.light.ltr.css
platform.twitter.com/css/ 51 KB
51 KB 7ms
7ms Image
text/css 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/tweet.9bf5093a19cec463852b31b784bf047a.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40E3) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 18:38:47 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Sep 2019 22:11:05 GMT
Server: ECS (fcn/40E3)
Etag: "98ef2a3a88ab7443920fb6114193c099+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: text/css; charset=utf-8
Content-Length: 11553

GET
H2 200 article-053d18cff6-rev.js Show response
zdnet4.cbsistatic.com/fly/js/pages/ 163 KB
46 KB 7ms
6ms Script
application/javascript 2a04:4e42:3::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet4.cbsistatic.com/fly/js/pages/article-053d18cff6-rev.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1805-fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

105f3be6891984cd7acbe730e48440d16293d4bf0ec4c5d89ffd3ae869b00047

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 93637
status: 200
vary: Accept-Encoding
content-length: 46589
x-xss-protection: 1; mode=block
last-modified: Mon, 16 Sep 2019 16:27:00 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5d7fb7d4-28a7a"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 23 Sep 2019 16:38:10 GMT

GET
H2 200 CBSI-PLAYER.js Show response
vidtech.cbsinteractive.com/uvpjs/0.42.297/ 1 MB
281 KB 126ms
38ms Script
application/javascript 151.101.114.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://vidtech.cbsinteractive.com/uvpjs/0.42.297/CBSI-PLAYER.js
Requested by: Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1805-fly/js/libs/require-2.1.2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1df152c5f79010dd701eceeabbf5fae49f8b375b625f2a5d7f8a8fbe11b92f2b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:47 GMT
content-encoding: gzip
age: 1766133
x-cache: HIT, HIT
status: 200
content-length: 286838
x-amz-id-2: eFLdg4aPXUFc7W4j8Nhh9UdduMDflMLRIufQ6v/Vh6+pWt+vfGcNnF3gpKRr47exsFfoiPpv1MY=
x-served-by: cache-dca17747-DCA, cache-hhn4050-HHN
last-modified: Fri, 01 Feb 2019 18:20:56 GMT
server: AmazonS3
x-timer: S1568745527.408509,VS0,VE0
etag: "eb5dd4ed3dcb7641ebbcb604d7ddb038"
vary: Accept-Encoding
x-amz-request-id: F767A360D0453B01
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1, 16

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 35 KB
14 KB 20ms
7ms Script
application/x-javascript 2600:9000:2057:b000:18:1fcd:349:ca21
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1805-fly/js/libs/require-2.1.2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:b000:18:1fcd:349:ca21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 99fd27cd410417b5633d3fc37196751afc4b3f9ffa5853dedb73cfcb3e810d7c

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:06:23 GMT
content-encoding: gzip
last-modified: Thu, 01 Aug 2019 01:56:46 GMT
server: nginx
age: 1943
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=7200
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: QI3vDHNsuzYCqHUVmTDY1BjfyH2RyNoMXWeONS3hQViOlBKvjqQU_Q==
via: 1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
expires: Tue, 17 Sep 2019 20:06:23 GMT

GET
H2 200 U2Vdr6oI_normal.jpg
pbs.twimg.com/profile_images/1083854233483399171/ 2 KB
2 KB 6ms
6ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1083854233483399171/U2Vdr6oI_normal.jpg

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41AC) /

Resource Hash

cea82d67689c1c17b9ba59f2b218bf4d7c60d660f1dfed642759c08442e0ef06

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:47 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 2111
x-response-time: 182
surrogate-key: profile_images profile_images/bucket/6 profile_images/1083854233483399171
last-modified: Fri, 11 Jan 2019 22:30:40 GMT
server: ECS (fcn/41AC)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 5417698c71c4e4caea8b47ce23c38cab
accept-ranges: bytes

GET
H2 200 GEQ-rZKz_normal.png
pbs.twimg.com/profile_images/1107613521523761153/ 3 KB
3 KB 6ms
6ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1107613521523761153/GEQ-rZKz_normal.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/418B) /

Resource Hash

32bd128f9959f9814ed0ffde4a48e3f72d552efa0619675d3c26fa8d8625d30b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:47 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 3175
x-response-time: 148
surrogate-key: profile_images profile_images/bucket/6 profile_images/1107613521523761153
last-modified: Mon, 18 Mar 2019 12:01:36 GMT
server: ECS (fcn/418B)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 50b1ae2d648042ec354b5f89cbc24a63
accept-ranges: bytes

GET
H2 200 EEknZptXUAEuXL5
pbs.twimg.com/media/ 102 KB
102 KB 7ms
7ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EEknZptXUAEuXL5?format=png&name=small

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40DD) /

Resource Hash

a79cf077a5bb7210d86f235480b05e6c6260fafcb7a57eb9c8cfff5ab6fe8240

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:47 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 104473
x-response-time: 125
surrogate-key: media media/bucket/0 media/1173512499553062913
last-modified: Mon, 16 Sep 2019 08:20:37 GMT
server: ECS (fcn/40DD)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: d4e4125425b25786a7b588bda5020494
accept-ranges: bytes

GET
H2 200 LN3vmn2K_normal.jpg
pbs.twimg.com/profile_images/992727929074475008/ 2 KB
2 KB 9ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/992727929074475008/LN3vmn2K_normal.jpg

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/418A) /

Resource Hash

e4ab4a6bcf67f50610fb39af3ab7afb69b1daf39b641e1b046d01372287b70fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:47 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 1807
x-response-time: 151
surrogate-key: profile_images profile_images/bucket/9 profile_images/992727929074475008
last-modified: Sat, 05 May 2018 11:27:16 GMT
server: ECS (fcn/418A)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 1f88b25957ef25ff1807ca60334d9858
accept-ranges: bytes

GET
H2 200 1afd1cca1054b9022963ebeb36ca4d70_normal.png
pbs.twimg.com/profile_images/3311140912/ 7 KB
7 KB 8ms
8ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/3311140912/1afd1cca1054b9022963ebeb36ca4d70_normal.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/4184) /

Resource Hash

b879d81f28b7aa37772d874d373ccebc1c929a5b97f1ec1c02ee742a4c4df102

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:47 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 7190
x-response-time: 136
surrogate-key: profile_images profile_images/bucket/1 profile_images/3311140912
last-modified: Thu, 04 Nov 2010 01:42:54 GMT
server: ECS (fcn/4184)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 8d4db818d3a98071090bfba6d31bc943
accept-ranges: bytes

GET
H2 200 8yfjcajj_normal.jpg
pbs.twimg.com/profile_images/923217345971068929/ 2 KB
2 KB 11ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/923217345971068929/8yfjcajj_normal.jpg

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40AE) /

Resource Hash

718e2dcce3a93a8b2df28c60bd36644af8d45c7c93c048c4621317027dc8add0

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:47 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 2187
x-response-time: 245
surrogate-key: profile_images profile_images/bucket/3 profile_images/923217345971068929
last-modified: Wed, 25 Oct 2017 15:57:02 GMT
server: ECS (fcn/40AE)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 3c2c1e0a2da80d34f8c69ee870ae5c54
accept-ranges: bytes

GET
H2 200 DqxnC_NWsAgX_2A
pbs.twimg.com/media/ 52 KB
52 KB 10ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/DqxnC_NWsAgX_2A?format=jpg&name=small

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40DD) /

Resource Hash

817eef99708866afd3c46c521381bd5158c13b572ff0832d16889df14c1c1057

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:47 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 52776
x-response-time: 376
surrogate-key: media media/bucket/5 media/1057333313550069768
last-modified: Tue, 30 Oct 2018 18:06:00 GMT
server: ECS (fcn/40DD)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: d3a97c244e27a481f70c6f58f482b9e8
accept-ranges: bytes

GET
H2 200 j8XKLVA0_normal.jpg
pbs.twimg.com/profile_images/1158493587484696576/ 2 KB
2 KB 7ms
6ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1158493587484696576/j8XKLVA0_normal.jpg

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/4191) /

Resource Hash

1bf7f942638a5a657d1fa10cd2e2e50f6d78cba23e60e61393191330fae38d27

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:47 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 2263
x-response-time: 187
surrogate-key: profile_images profile_images/bucket/0 profile_images/1158493587484696576
last-modified: Mon, 05 Aug 2019 21:40:49 GMT
server: ECS (fcn/4191)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: abbbb6c4fe72774df8b05021f5f4875c
accept-ranges: bytes

GET
H2 200 MZcvnhsY_normal.jpg
pbs.twimg.com/profile_images/901783088908394496/ 2 KB
2 KB 175ms
174ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/901783088908394496/MZcvnhsY_normal.jpg

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40E2) /

Resource Hash

bc740c3112caddaec0203f975f014756ba0aad2b52b76029e0752193bfa2829d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:47 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 1655
x-response-time: 119
surrogate-key: profile_images profile_images/bucket/8 profile_images/901783088908394496
last-modified: Sun, 27 Aug 2017 12:24:57 GMT
server: ECS (fcn/40E2)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: d4fd0719d79cb41182bb063d7432510f
accept-ranges: bytes

GET
H2 200 EB3Q1PQXUAAQiiw
pbs.twimg.com/media/ 68 KB
68 KB 26ms
26ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EB3Q1PQXUAAQiiw?format=png&name=small

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/419F) /

Resource Hash

22db8f5dcc6495cdd131e21af3db2398cbab79988c2c62bd476819da7cecf127

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:47 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 69310
x-response-time: 120
surrogate-key: media media/bucket/9 media/1161313891978268672
last-modified: Tue, 13 Aug 2019 16:27:42 GMT
server: ECS (fcn/419F)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: e535c100944ec87aac1bd0207f5f5ef3
accept-ranges: bytes

GET
H2 200 mpulse-1.0.2.js Show response
zdnet1.cbsistatic.com/fly/js/libs/ 12 KB
5 KB 6ms
6ms Script
application/javascript 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet1.cbsistatic.com/fly/js/libs/mpulse-1.0.2.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1805-fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

763fa0bd7eff816d0a5f8c3e4075f9173a5cebf51a1e2c0d1174f841de10b9dd

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 361156
status: 200
vary: Accept-Encoding
content-length: 4877
x-xss-protection: 1; mode=block
last-modified: Thu, 12 Sep 2019 10:22:08 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5d7a1c50-2fdf"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Sep 2019 14:19:30 GMT

GET
DATA 200
OK truncated
/ 825 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4468e35646c229b518e5f398c5a3d6b15ba1351a71ef22692129bb32f5030ac0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 572 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0341a4478ce861ef85c819b913fa0a2501836a6a2ffda8643e95e39f4a2a7de0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 707 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 338e5578a7b3021caec1db415b93b214c378029d3cd8d19adc833d8b85ea7d29

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 600 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c50a17e8272b9359e4b62e0f305e201f359cb5bd2245671c115d031f2b7f68d0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 323 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c3531ed2c934e5daee80955db42a0245d666131e6322c6ec6985992922520ab4

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 835 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7e8d9c376f9c2619e8812440b680d6b28c3ed51cb6e7e71ea877fe5441aa9215

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

POST
H2 200 pixel_49d6c90a Show response
www.zdnet.com/akam/11/ 0
572 B 79ms
79ms XHR
text/html 23.210.249.64
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/akam/11/pixel_49d6c90a

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.210.249.64 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a23-210-249-64.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Sec-Fetch-Mode: cors
X-NewRelic-ID: UQIHWFZXGwIDXFdRAAYDVw==
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 17 Sep 2019 18:38:47 GMT
status: 200
vary: Accept-Encoding, User-Agent
content-type: text/html
access-control-allow-origin: https://www.zdnet.com
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
expires: Tue, 17 Sep 2019 18:38:47 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 297ms
99ms Image
image/gif 54.86.174.228
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=zdnet.com&p=%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life%2F&u=CmJd_bCX2bjkJZiXj&d=zdnet.com&g=65713&g0=security&g1=catalin%20cimpanu&n=1&f=00001&c=0&x=0&m=0&y=5340&o=1585&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1355&t=Bi7POWBF-_a1Ce4wgYCNkMttFb5gD&V=116&i=Emotet%2C%20today%27s%20most%20dangerous%20botnet%2C%20comes%20back%20to%20life%20%7C%20ZDNet&tz=-120&_acct=anon&sn=1&sv=D5U8gwCob7seb058OCTKq0DJ827H&sd=1&im=067b2ff3&_
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.86.174.228 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-86-174-228.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Tue, 17 Sep 2019 18:38:47 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H/1.1 200
OK isInternalUser.js Show response
iicbsi-a.akamaihd.net/common/js/esi/ 22 B
272 B 28ms
7ms Script
application/x-javascript 2a02:26f0:6c00::210:ba1b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://iicbsi-a.akamaihd.net/common/js/esi/isInternalUser.js?cb=cbsiInternal
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:ba1b , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0f91e664ba993207337dbd5b1ab9f156c5f579d99d9b2e1315706815deadd0ae

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 18:38:47 GMT
Cache-Control: max-age=139594
Server: AkamaiNetStorage
Connection: keep-alive
ETag: "fb25287978f1b619e801f164a2dfd9ea:1473886414"
Content-Length: 22
Content-Type: application/x-javascript

GET
H2 200 vglnk.js Show response
cdn.viglink.com/api/ 78 KB
28 KB 61ms
24ms Script
text/javascript 2606:4700::6810:a10d
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viglink.com/api/vglnk.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:a10d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1e3d2c14e73d02c96b42ade56dfbb0535e4cf0537161c2b5bce2e149a09384b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:47 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 84196
cf-ray: 517d32fab88ccbcc-VIE
status: 200
content-length: 27719
x-amz-id-2: HNEV4caKoOdziBrXGZIDp4CzG6boiBMb4TLu65nU6otYm4+p2OQwr1vWix1CX0FBodMy916W6w4=
last-modified: Mon, 16 Sep 2019 19:15:01 GMT
server: cloudflare
etag: "1545d811432c0074356408ee8f6c1e23"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: FB54A2C70C0BB866
cache-control: public, max-age=1800
accept-ranges: bytes
content-type: text/javascript
expires: Tue, 17 Sep 2019 19:08:47 GMT

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/v2/ 2 KB
1 KB 201ms
201ms XHR
application/json 104.108.48.32
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/v2/config.json?key=YZ2TK-PC7PJ-K64DL-L53CR-P2G4E&t=1568745527443&s=5a5814d587bd2fc94c0814eb53c6d46deb189323b55677bc08592b17827bea54
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.48.32 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-108-48-32.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fb1e86a5c01f5d3640bfcb13ec8b0528c5cb205839bf3c6e59b2d16018fe118e

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 18:38:47 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.zdnet.com
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 800

GET
H2 200 utag.1779.js Show response
tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/ 3 KB
2 KB 74ms
73ms Script
text/javascript 152.199.23.241
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.1779.js?utv=ut4.43.201812051842
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (via/F38F) /
Resource Hash: cd5e6512fdbb698425174148dba05f72357a3b1944413f8812c55c4025d3d562

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:47 GMT
content-encoding: gzip
last-modified: Mon, 11 Jul 2016 20:43:57 GMT
server: ECAcc (via/F38F)
etag: "392561602+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1785
expires: Wed, 02 Oct 2019 18:38:47 GMT

GET
H2 200 utag.1782.js Show response
tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/ 2 KB
1 KB 77ms
76ms Script
text/javascript 152.199.23.241
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.1782.js?utv=ut4.43.201810291720
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (via/F2B8) /
Resource Hash: 791b7ff5657f9c41e24adaa1f6f5a4dc51046d292b25b01a5a8d152ff4a951ac

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:47 GMT
content-encoding: gzip
last-modified: Mon, 29 Oct 2018 17:20:42 GMT
server: ECAcc (via/F2B8)
etag: "3447796852"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1071
expires: Wed, 02 Oct 2019 18:38:47 GMT

GET
H2 200 utag.1787.js Show response
tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/ 142 KB
48 KB 77ms
76ms Script
text/javascript 152.199.23.241
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.1787.js?utv=ut4.43.201909041804
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (via/F37A) /
Resource Hash: 95ec4dea002be118a633dc5070c23358d10e179ad3de44f23ac97578c6971df7

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:47 GMT
content-encoding: gzip
last-modified: Wed, 04 Sep 2019 18:05:01 GMT
server: ECAcc (via/F37A)
etag: "3504427907"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 48569
expires: Wed, 02 Oct 2019 18:38:47 GMT

GET
H2 200 utag.1790.js Show response
tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/ 2 KB
958 B 125ms
124ms Script
text/javascript 152.199.23.241
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.1790.js?utv=ut4.43.201805241512
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (via/F38E) /
Resource Hash: 10113bad06fefd5698a45480ffaedd421c6e06f9dbd0d1c772b7128bbea0842d

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:47 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2016 14:31:10 GMT
server: ECAcc (via/F38E)
etag: "2267415266"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 872
expires: Wed, 02 Oct 2019 18:38:47 GMT

GET
H2 200 utag.1791.js Show response
tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/ 2 KB
1 KB 125ms
125ms Script
text/javascript 152.199.23.241
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.1791.js?utv=ut4.43.201805241512
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (via/F352) /
Resource Hash: 7eae865fd7c820936603897a072b7ddd77b2c74e8022160fd19792291a63fac8

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:47 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2016 14:31:10 GMT
server: ECAcc (via/F352)
etag: "3334871598+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1196
expires: Wed, 02 Oct 2019 18:38:47 GMT

GET
H2 200 utag.1792.js Show response
tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/ 4 KB
2 KB 73ms
73ms Script
text/javascript 152.199.23.241
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.1792.js?utv=ut4.43.201805241512
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (via/F2E3) /
Resource Hash: dabf73474662398f4f686a1b3103542f53384dd6241e6ac13f8ba535c6372aff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:47 GMT
content-encoding: gzip
last-modified: Thu, 28 Jul 2016 14:28:47 GMT
server: ECAcc (via/F2E3)
etag: "2022868805+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1664
expires: Wed, 02 Oct 2019 18:38:47 GMT

GET
H2 200 utag.1797.js Show response
tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/ 2 KB
968 B 74ms
73ms Script
text/javascript 152.199.23.241
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.1797.js?utv=ut4.43.201805241512
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (via/F357) /
Resource Hash: 3ff065de0d90b0510727a72c173d05652c30967c5e6561dbf1d82fa077cabb22

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:47 GMT
content-encoding: gzip
last-modified: Wed, 25 Jan 2017 20:07:58 GMT
server: ECAcc (via/F357)
etag: "1907756232"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 883
expires: Wed, 02 Oct 2019 18:38:47 GMT

GET
H/1.1

200
OK

jot.html
platform.twitter.com/ Frame 6E6D
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

0
0

6ms
6ms

Document
text/html

2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40B5) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Origin: https://www.zdnet.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-control-allow-origin: *
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Tue, 17 Sep 2019 18:38:47 GMT
Etag: "d9592a6c704736fa4da218d4357976dd"
Last-Modified: Mon, 09 Sep 2019 22:21:05 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40B5)
X-Cache: HIT
Content-Length: 80

Redirect headers

status: 302 302 Found
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length: 0
content-type: text/html;charset=utf-8
date: Tue, 17 Sep 2019 18:38:47 GMT
expires: Tue, 31 Mar 1981 05:00:00 GMT
last-modified: Tue, 17 Sep 2019 18:38:47 GMT
location: https://platform.twitter.com/jot.html
pragma: no-cache
server: tsa_f
strict-transport-security: max-age=631138519
x-connection-hash: 53b54ccb72dd96ae3c33363a3f764e74
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-response-time: 140
x-transaction: 0076273200190793
x-tsa-request-body-time: 1
x-twitter-response-tags: BouncerCompliant
x-xss-protection: 0

GET
H2 200 pixel.gif
cdn.viglink.com/images/ 43 B
103 B 36ms
35ms Image
image/gif 2606:4700::6810:a10d
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.viglink.com/images/pixel.gif?ch=1&rn=8.599378856625197
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:a10d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:47 GMT
cf-cache-status: HIT
age: 15
cf-ray: 517d32faf974cbcc-VIE
status: 200
content-length: 43
x-amz-id-2: HrrKeHwcpae7WIw2OrZ71qNBKOTtGe87zi7c46ReqYsyaDilbmLNVsrHM//KTvEu+OHWwIYX9P0=
last-modified: Tue, 10 Feb 2015 03:29:39 GMT
server: cloudflare
etag: "221d8352905f2c38b3cb2bd191d630b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: BCF6197221BF5488
cache-control: max-age=15, must-revalidate
accept-ranges: bytes
content-type: image/gif

GET
H2 200 pixel.gif
cdn.viglink.com/images/ 43 B
265 B 28ms
28ms Image
image/gif 2606:4700::6810:a10d
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.viglink.com/images/pixel.gif?ch=2&rn=8.599378856625197
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:a10d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:47 GMT
cf-cache-status: HIT
age: 15
cf-ray: 517d32faf977cbcc-VIE
status: 200
content-length: 43
x-amz-id-2: HrrKeHwcpae7WIw2OrZ71qNBKOTtGe87zi7c46ReqYsyaDilbmLNVsrHM//KTvEu+OHWwIYX9P0=
last-modified: Tue, 10 Feb 2015 03:29:39 GMT
server: cloudflare
etag: "221d8352905f2c38b3cb2bd191d630b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: BCF6197221BF5488
cache-control: max-age=15, must-revalidate
accept-ranges: bytes
content-type: image/gif

GET
H2 200 lightbox.js Show response
www.lightboxcdn.com/vendor/a1583f50-579b-41d0-8c4e-1cd1790d945c/ Frame 8B4A 326 B
548 B 64ms
22ms Script
application/javascript 2606:4700::6810:50a5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/a1583f50-579b-41d0-8c4e-1cd1790d945c/lightbox.js?cb=1568745527593&lv=1
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:50a5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 75b2131cd274a3c76482b9cc3283624cb3f7a742543cca6ea75aa064bf7eb2c9

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:47 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 332695
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cf-ray: 517d32fbd8638c74-VIE

GET
H/1.1 200
OK st.v3.js Show response
www.everestjs.net/static/ 25 KB
7 KB 118ms
38ms Script
application/x-javascript 184.31.90.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.everestjs.net/static/st.v3.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.90.90 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a184-31-90-90.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 3624e97a6a4f6fb481369929e579039d00be03b0a2e5d1f5f961c44dfd98940c

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 18:38:47 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Aug 2019 09:05:18 GMT
Server: Apache
ETag: "1ff0663-624a-58fe7d2af0fea"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=52304
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7175
Expires: Wed, 18 Sep 2019 09:10:31 GMT

GET
H2 200 cbsinteractive.js Show response
tru.am/scripts/custom/ 3 KB
1 KB 236ms
183ms Script
text/javascript 2606:4700:20::6819:a222
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://tru.am/scripts/custom/cbsinteractive.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.1797.js?utv=ut4.43.201805241512
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:a222 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 885fb8b9c3d2738bd627def3899f26d4d42641bbb868cc99d1fbc16f0ed9f4c6

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:47 GMT
content-encoding: br
cf-cache-status: MISS
x-guploader-uploadid: AEnB2UpEK2_UGmVNQ5OFUmEABdSC4UrRYJlOwgL5Up_y001sLjD4pCFGdc1vgLYy8eeaL8wSCfwz_OBaoxWVJcVwie6iieQkHQ
x-goog-storage-class: REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: text/javascript
last-modified: Tue, 30 Apr 2019 19:32:26 GMT
server: cloudflare
etag: W/"c486c91d1321adf59073588524182108"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=9gbW7g==, md5=xIbJHRMhrfWQc1iFJBghCA==
x-goog-generation: 1556652746634603
cache-control: public, max-age=86400
x-goog-stored-content-length: 2725
cf-ray: 517d32fbe944cba4-VIE
expires: Wed, 18 Sep 2019 18:38:47 GMT

GET
H/1.1 200
OK tag.aspx Show response
ml314.com/ 26 KB
12 KB 138ms
38ms Script
application/javascript 34.247.144.106
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?1782019
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.1782.js?utv=ut4.43.201810291720
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.144.106 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-247-144-106.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7d655e8cd62ba58d86b3bc9c8e1e04a76506a4dfc852c3b3813deb0aef284548

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 18:38:47 GMT
Content-Encoding: gzip
Last-Modified: Mon, 16 Sep 2019 23:27:23 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=17316
Connection: keep-alive
Content-Length: 11933
Expires: Tue, 17 Sep 2019 23:27:23 GMT

GET
H/1.1 200
OK anonc.js Show response
dw.cbsi.com/ 73 B
620 B 478ms
152ms Script
application/javascript 64.30.230.22
CBS Interactive Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://dw.cbsi.com/anonc.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.1787.js?utv=ut4.43.201909041804
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.30.230.22 Fremont, United States, ASN6623 (CBSI-1 - CBS Interactive Inc., US),
Reverse DNS: phx2-dw-cbsi-xw-ext-lb.cnet.com
Software: Apache/2.4.25 /
Resource Hash: 0cc13558a456e010a247dc22826d9893e0a0a726cb75c89d59e29e73635dcda1

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 18:38:48 GMT
Server: Apache/2.4.25
Etag: SQA0b12BKDi2Umx4tF8.1.dw_anonc
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAi IVDi CONi OUR OTRi IND PHY ONL UNI FIN COM NAV INT DEM STA"
Cache-control: private, max-age=43200, s-max-age=0
Connection: Keep-Alive
Content-Type: application/javascript
Keep-Alive: timeout=80, max=659
Content-Length: 73
Expires: Mon, 05 Jan 1970 12:12:12 GMT

GET
H/1.1 200
OK ds.js Show response
dw.cbsi.com/js/cbsi/ 18 KB
7 KB 488ms
154ms Script
application/javascript 64.30.230.22
CBS Interactive Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://dw.cbsi.com/js/cbsi/ds.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.1790.js?utv=ut4.43.201805241512
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.30.230.22 Fremont, United States, ASN6623 (CBSI-1 - CBS Interactive Inc., US),
Reverse DNS: phx2-dw-cbsi-xw-ext-lb.cnet.com
Software: Apache/2.4.25 /
Resource Hash: d696da403b0169c2191d0ec0b0fcdaa85487b21b19fd58f4b1fb5b9edf40b153

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 18:38:48 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Sep 2017 19:06:40 GMT
Server: Apache/2.4.25
ETag: "1917-55916dc13f000"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200, s-maxage=1800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=80, max=360
Content-Length: 6423
Expires: Tue, 17 Sep 2019 19:08:48 GMT

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
536 B 103ms
34ms XHR
application/json 52.215.98.88
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=184216
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.98.88 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-215-98-88.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 7aae10b3b9001b13836b916767226a56e4ff139b114675d226e4234fd78c8f15

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 17 Sep 2019 18:38:47 GMT
x-aspnet-version: 4.0.30319
status: 200
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.zdnet.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Thu, 17 Oct 2019 18:38:47 GMT

GET
H2 200 user.js Show response
www.lightboxcdn.com/vendor/a1583f50-579b-41d0-8c4e-1cd1790d945c/ Frame 8B4A 764 KB
125 KB 21ms
21ms Script
application/javascript 2606:4700::6810:50a5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/a1583f50-579b-41d0-8c4e-1cd1790d945c/user.js?cb=637040096062454060
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/a1583f50-579b-41d0-8c4e-1cd1790d945c/lightbox.js?cb=1568745527593&lv=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:50a5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cee1c5841cb5b83de3d871d70b1e3e5b1e98630fa8e34b0379f0e7bb8bdee32

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 17 Sep 2019 18:38:47 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: 6+vzNKuuA0u2oqezIey4/g==
age: 332692
cf-polished: origSize=1197238
status: 200
last-modified: Fri, 13 Sep 2019 22:13:26 GMT
x-ms-lease-status: unlocked
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: 0fe1f9d9-d01e-008e-2d80-6a1a60000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 517d32fbf87f8c74-VIE
expires: Wed, 16 Sep 2020 18:38:47 GMT

GET
H2 200 fb_lightbox.2.1.5.css
www.lightboxcdn.com/static/ 4 KB
1 KB 21ms
21ms Stylesheet
text/css 2606:4700::6810:50a5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/static/fb_lightbox.2.1.5.css?cb=637040096056673955
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/a1583f50-579b-41d0-8c4e-1cd1790d945c/user.js?cb=637040096062454060
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:50a5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 17 Sep 2019 18:38:47 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: q4B4xYJoZwx9ikt94o1nCA==
age: 332687
cf-polished: origSize=6016
x-ms-meta-cbmodifiedtime: Wed, 10 Apr 2019 18:50:43 GMT
status: 200
last-modified: Wed, 10 Apr 2019 19:06:17 GMT
x-ms-lease-status: unlocked
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
x-ms-request-id: c3ff4551-101e-005f-1e80-6aa73f000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 517d32fc68e78c74-VIE
expires: Wed, 16 Sep 2020 18:38:47 GMT

GET
H2 200 ls.html
www.lightboxcdn.com/lclst/a1583f50-579b-41d0-8c4e-1cd1790d945c/ Frame AAF5 0
0 36ms
36ms Document
text/html 2606:4700::6810:50a5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/lclst/a1583f50-579b-41d0-8c4e-1cd1790d945c/ls.html?purl=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life%2F&vid=a1583f50-579b-41d0-8c4e-1cd1790d945c&se=0&prev=0&cb=637040096056673955
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/a1583f50-579b-41d0-8c4e-1cd1790d945c/user.js?cb=637040096062454060
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:50a5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: www.lightboxcdn.com
:scheme: https
:path: /lclst/a1583f50-579b-41d0-8c4e-1cd1790d945c/ls.html?purl=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life%2F&vid=a1583f50-579b-41d0-8c4e-1cd1790d945c&se=0&prev=0&cb=637040096056673955
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
accept-encoding: gzip, deflate, br
cookie: __cfduid=dc1fea4de1db8166763ee2568e060803b1568745527
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Response headers

status: 200
date: Tue, 17 Sep 2019 18:38:47 GMT
content-type: text/html
content-md5: xa1/rdPe0J6SwxlD7atkzw==
last-modified: Fri, 13 Sep 2019 22:13:25 GMT
x-ms-request-id: 15ac8443-b01e-00d1-6193-6ce89e000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
cf-cache-status: HIT
age: 104673
expires: Wed, 16 Sep 2020 18:38:47 GMT
cache-control: public, max-age=31536000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 517d32fc68ee8c74-VIE
content-encoding: br

GET
H2 200 t.gif
www.lightboxcdn.com/z9g/ 35 B
273 B 19ms
18ms Image
image/gif 2606:4700::6810:50a5
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.lightboxcdn.com/z9g/t.gif?c=1568745527739&h=www.zdnet.com&e=p&u=40913
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:50a5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 17 Sep 2019 18:38:47 GMT
cf-cache-status: HIT
content-md5: KNaBTzCeoon4R8ac+RGUxg==
age: 992254
cf-polished: status=not_needed
x-ms-meta-cbmodifiedtime: Tue, 26 Feb 2019 00:59:40 GMT
status: 200
content-length: 35
x-ms-lease-status: unlocked
last-modified: Tue, 26 Feb 2019 01:15:02 GMT
server: cloudflare
etag: 0x8D69B87D5A1B25F
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
x-ms-request-id: 48b7eafb-401e-010c-457d-f6fd65000000
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 517d32fc68ed8c74-VIE
cf-bgj: imgq:85

GET
H/1.1 200
OK utsync.ashx Show response
ml314.com/ 906 B
1 KB 36ms
36ms Script
application/javascript 34.247.144.106
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=50070&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life%2F&pv=1568745527746_uskk5ec3w&bl=en-us&cb=4469979&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D%5BPersonID%5D%26redir%3D&ht=&d=&dc=&si=1568745527746_uskk5ec3w&cid=2deadd63-948e-47d6-8788-a047a60ccf51&s=1600x1200&rp=
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?1782019
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.144.106 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-247-144-106.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b7abe32cf2c27fade8cb728fe70119cb419ff71af3a93634a7d2d27a3d462421

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:46 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
p3P: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control: private
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 520
Expires: 0

GET
H/1.1 200
OK ud.ashx Show response
in.ml314.com/ 20 B
698 B 463ms
173ms Script
application/javascript 35.175.13.58
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://in.ml314.com/ud.ashx?topiclimit=&cb=1782019
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?1782019
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.175.13.58 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-175-13-58.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 18:38:47 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, no-cache="set-cookie"
Connection: keep-alive
Content-Length: 138
Expires: Wed, 18 Sep 2019 18:38:48 GMT

GET
H/1.1

200
OK

csync.ashx
ml314.com/
Redirect Chain

https://tags.bluekai.com/site/20486?limit=0&id=5978151498357110841&redir=https://ml314.com/csync.ashx%3Ffp=$_BK_UUID%26person_id=5978151498357110841%26eid=50056
https://ml314.com/csync.ashx?fp=6sE7Bx99999hK%2Fa5&person_id=5978151498357110841&eid=50056

43 B
312 B

36ms
35ms

Image
image/gif

34.247.144.106
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=6sE7Bx99999hK%2Fa5&person_id=5978151498357110841&eid=50056
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.144.106 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-247-144-106.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 18:38:47 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Content-Length: 43
Expires: Wed, 18 Sep 2019 14:38:48 GMT

Redirect headers

Location: https://ml314.com/csync.ashx?fp=6sE7Bx99999hK%2Fa5&person_id=5978151498357110841&eid=50056
Date: Tue, 17 Sep 2019 18:38:48 GMT
Connection: keep-alive
Content-Length: 0
BK-Server: b27e
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1

200
OK

csync.ashx
ml314.com/
Redirect Chain

https://idsync.rlcdn.com/395886.gif?partner_uid=5978151498357110841
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTNTk3ODE1MTQ5ODM1NzExMDg0MRAAGg0It9CE7AUSBQjoBxAAQgBKAA
https://ml314.com/csync.ashx?fp=4fd0264233b01f7d50f95da392eb8e10a1f2f161900a5c359b26e9a13e671f58f4cb09cee1a4f8eb&person_id=5978151498357110841&eid=50082

43 B
312 B

75ms
33ms

Image
image/gif

34.247.144.106
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=4fd0264233b01f7d50f95da392eb8e10a1f2f161900a5c359b26e9a13e671f58f4cb09cee1a4f8eb&person_id=5978151498357110841&eid=50082
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.144.106 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-247-144-106.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 18:38:47 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Content-Length: 43
Expires: Wed, 18 Sep 2019 14:38:48 GMT

Redirect headers

date: Tue, 17 Sep 2019 18:38:48 GMT
via: 1.1 google
status: 307
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ml314.com/csync.ashx?fp=4fd0264233b01f7d50f95da392eb8e10a1f2f161900a5c359b26e9a13e671f58f4cb09cee1a4f8eb&person_id=5978151498357110841&eid=50082
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H/1.1

200
OK

csync.ashx
ml314.com/
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https://ml314.com/csync.ashx%3Ffp=[MM_UUID]%26person_id=5978151498357110841%26eid=50220
https://pixel.mathtag.com/sync/img?redir=https://ml314.com/csync.ashx%3Ffp=[MM_UUID]%26person_id=5978151498357110841%26eid=50220&mm_bnc&mm_bct&UUID=6b145d81-22b7-4800-ae0d-3418fbc905b8
https://ml314.com/csync.ashx?fp=6b145d81-22b7-4800-ae0d-3418fbc905b8&person_id=5978151498357110841&eid=50220

43 B
312 B

59ms
35ms

Image
image/gif

34.247.144.106
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=6b145d81-22b7-4800-ae0d-3418fbc905b8&person_id=5978151498357110841&eid=50220
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.144.106 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-247-144-106.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 18:38:47 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Content-Length: 43
Expires: Wed, 18 Sep 2019 14:38:48 GMT

Redirect headers

Date: Tue, 17 Sep 2019 18:38:48 GMT
Server: MT3 1710 796a9e3 master zrh-pixel-x16
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://ml314.com/csync.ashx?fp=6b145d81-22b7-4800-ae0d-3418fbc905b8&person_id=5978151498357110841&eid=50220
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Tue, 17 Sep 2019 18:38:47 GMT

GET
H/1.1

200
OK

csync.ashx
ml314.com/
Redirect Chain

https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D5978151498357110841
https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D5978151498357110841
https://ml314.com/csync.ashx?fp=54a1289d7cc772f1b362e0b6201ea5b2&eid=50146&person_id=5978151498357110841

43 B
312 B

34ms
33ms

Image
image/gif

34.247.144.106
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=54a1289d7cc772f1b362e0b6201ea5b2&eid=50146&person_id=5978151498357110841
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.144.106 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-247-144-106.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 18:38:47 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Content-Length: 43
Expires: Wed, 18 Sep 2019 14:38:47 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:47 GMT
P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Location: https://ml314.com/csync.ashx?fp=54a1289d7cc772f1b362e0b6201ea5b2&eid=50146&person_id=5978151498357110841
Cache-Control: no-cache
X-Server: 10.45.4.60
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif
https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif
https://ml314.com/utsync.ashx?eid=50052&et=0&fp=21d4bDv6pNhyqzpX9RJy9VCPLlX9_fMBwYiL5VVbHAlE&gdpr=1&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil
https://ml314.com/csync.ashx?fp=21d4bDv6pNhyqzpX9RJy9VCPLlX9_fMBwYiL5VVbHAlE&person_id=5978151498357110841&eid=50052&return=https%3a%2f%2fps.eyeota.net%2fmatch%3fbid%3dr8hrb20%26uid%3dnil
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil

70 B
171 B

57ms
55ms

Image
image/gif

18.195.52.121
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=r8hrb20&uid=nil
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.195.52.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-195-52-121.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 18:38:48 GMT
Content-Length: 70
Content-Type: image/gif

Redirect headers

Date: Tue, 17 Sep 2019 18:38:47 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/html; charset=utf-8
Location: https://ps.eyeota.net/match?bid=r8hrb20&uid=nil
Cache-Control: private
Connection: keep-alive
Content-Length: 168
Expires: Wed, 18 Sep 2019 14:38:48 GMT

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/
Redirect Chain

https://dpm.demdex.net/ibs:dpid=22052&dpuuid=5978151498357110841&redir=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=5978151498357110841&redir=

42 B
776 B

41ms
40ms

Image
image/gif

52.208.194.131
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=5978151498357110841&redir=
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.194.131 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-208-194-131.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v042-0f5851a1c.edge-irl1.demdex.com 5.59.0.20190904135845 5ms (+0ms)
Pragma: no-cache
X-TID: t4BMqzGtRTw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
X-TID: /WCUDtenSIQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=5978151498357110841&redir=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content / Show response
5f651e72.akstat.io/ 0
354 B 166ms
83ms XHR
image/gif 23.38.58.249
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://5f651e72.akstat.io/?h.pg=article&when=1568745527797&t_other=custom4%7C438&d=zdnet.com&h.key=YZ2TK-PC7PJ-K64DL-L53CR-P2G4E&h.d=zdnet.com&h.cr=f44af1b5940e6d8b63115d9bc70f13ce48b57bd4&h.t=1568745527542&http.initiator=api&rt.start=api&rt.si=1fb3a087-a735-4c28-8cf5-911032a8aad6&rt.ss=1568745528818&rt.sl=0&api=1&api.v=2&api.l=js&api.lv=0.0.1

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.38.58.249 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-38-58-249.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:47 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.zdnet.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-XSS-Protection: 0
Expires: Tue, 17 Sep 2019 18:38:47 GMT

GET
H2 200 ta-pagesocial-sdk.js Show response
tru.am/scripts/ 35 KB
12 KB 27ms
26ms Script
application/javascript 2606:4700:20::6819:a222
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://tru.am/scripts/ta-pagesocial-sdk.js
Requested by: Host: tru.am
URL: https://tru.am/scripts/custom/cbsinteractive.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:a222 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b8d8ef7fec86e16424f0c6be7f0471a0c29256e074e1336d92876ddb4bc09ff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 18 Apr 2019 03:51:14 GMT
server: cloudflare
age: 3740
etag: W/"942d5ae1e512ccdf18813550428dd002"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86400
cf-ray: 517d32fd1dedcba4-VIE
expires: Wed, 18 Sep 2019 18:38:47 GMT

GET
H/1.1 200
OK z Show response
lightboxapi2.azurewebsites.net/z9l/40913/www.zdnet.com/jsonp/ 331 B
572 B 544ms
131ms Script
application/javascript 23.99.128.52
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://lightboxapi2.azurewebsites.net/z9l/40913/www.zdnet.com/jsonp/z?cb=1568745527869&callback=jQuery171035659764389448045_1568745527733&_=1568745527870
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/a1583f50-579b-41d0-8c4e-1cd1790d945c/user.js?cb=637040096062454060
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.99.128.52 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS: waws-prod-dm1-001.cloudapp.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 65a559cd5d7c7a102e987ccfca22835b724c4229667f8c5e95ddefd3f2f8f50b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 18:38:47 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Length: 359
Vary: Accept-Encoding
Content-Type: application/javascript

GET
H2 200 z.gif Show response
api1.lightboxcdn.com/z9u/LIewXglgNlCGD0BWAdABgAQApiwMYQDsAXEAZwAsBudASWIFMp0dd0B5AZXQA10BGVAH0-AFkGIAlOgCCAB1lR6AdXoAjANIQiSAMwB2ZDoBsWdQAkAKsAAyAGnRQIAa3roA4vVxOQUgMLkAJxAAW3p4PRE0Qz0AJgBOZD4jOPQO... 183 B
579 B 69ms
23ms XHR
application/javascript 2606:4700::6810:4ea5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://api1.lightboxcdn.com/z9u/LIewXglgNlCGD0BWAdABgAQApiwMYQDsAXEAZwAsBudASWIFMp0dd0B5AZXQA10BGVAH0-AFkGIAlOgCCAB1lR6AdXoAjANIQiSAMwB2ZDoBsWdQAkAKsAAyAGnRQIAa3roA4vVxOQUgMLkAJxAAW3p4PRE0Qz0AJgBOZD4jOPQOWAAzWACIXQNjIA__XZX/z.gif
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:4ea5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: dd787044f07fb551657e198707ea27bfddcf6cf53bd6e8bf5efd6322a5273cba

Request headers

Accept: */*
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 17 Sep 2019 18:38:47 GMT
content-encoding: br
cf-cache-status: HIT
age: 22797
x-powered-by: ASP.NET
status: 200
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
access-control-allow-credentials: true
cf-ray: 517d32fd8859cb98-VIE
expires: Wed, 18 Sep 2019 18:38:47 GMT

POST
H2 200 beacon Show response
beacon.tru.am/ 0
333 B 230ms
160ms Fetch 2606:4700:20::6819:a222
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.tru.am/beacon
Requested by: Host: tru.am
URL: https://tru.am/scripts/ta-pagesocial-sdk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:a222 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 17 Sep 2019 18:38:48 GMT
via: 1.1 google
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
access-control-allow-origin: https://www.zdnet.com
cache-control: no-cache, private, max-age=0
cf-ray: 517d32fdb92ecb98-VIE
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

POST
H/1.1 200
OK ping Show response
api.viglink.com/api/ 265 B
945 B 152ms
40ms XHR
text/javascript 52.49.176.73
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viglink.com/api/ping
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.176.73 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-49-176-73.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 912ba37ae19990d75014083a4f7bb4b2c50acd914b8e673dbead20612e28817d

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:47 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://www.zdnet.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 265
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 2 KB
1 KB 103ms
39ms XHR
application/json 52.208.194.131
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://dpm.demdex.net/id?d_visid_ver=2.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=10D31225525FF5790A490D4D%40AdobeOrg&d_nsid=0&ts=1568745528101
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.194.131 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-208-194-131.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2aad6f9d3c9047f94d7785f36c599e2b0772fb63e505dd959681e07a66306815

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v042-0f8e42c3e.edge-irl1.demdex.com 5.59.0.20190904135845 5ms (+1ms)
Pragma: no-cache
Content-Encoding: gzip
X-TID: +avcDO8XS88=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.zdnet.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 673
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
139 B 72ms
71ms Script
text/javascript 152.199.23.241
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=cbsi/zdnetglobalsite/201909161811&cb=1568745528102
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (via/F385) /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:48 GMT
last-modified: Thu, 14 Apr 2016 16:59:33 GMT
server: ECAcc (via/F385)
etag: "2243872957"
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=600
accept-ranges: bytes
content-length: 2
expires: Tue, 17 Sep 2019 18:48:48 GMT

GET
H/1.1 200
OK c.gif
dw.cbsi.com/clear/ 42 B
346 B 154ms
154ms Image
image/gif 64.30.230.22
CBS Interactive Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dw.cbsi.com/clear/c.gif?rsid=cnetzdnetglobalsite&sid=2&siteid=2&pagetype=article&assetguid=4f29584f-9b66-438c-b15b-0640eecb2c31&assettitle=emotet%2C%20today%27s%20most%20dangerous%20botnet%2C%20comes%20back%20to%20life&assettype=content_article&pubdate=2019-09-16%2011%3A51%3A00&viewguid=2deadd63-948e-47d6-8788-a047a60ccf51&devicetype=desktop&sitetype=responsive%20web&author=catalin%20cimpanu&authorid=85fd8691-f525-4ea2-a601-af296f629f7f&topicguid=113c25b6-ec91-11e3-95d2-02911863765e&topic=security&topicbrcrm=security&ts=1568745528105&ld=www.zdnet.com&ldc=5fe1b771-b1b0-4e05-bffe-bc42b902e27d&brwinsz=1600x1200&brscrsz=1600x1200&brlang=en-US&tcset=utf8&im=dsjs&clgf=SQA0b12BKDi2Umx4tF8&srcurl=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life%2F&title=Emotet%2C%20today%27s%20most%20dangerous%20botnet%2C%20comes%20back%20to%20life%20%7C%20ZDNet
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.30.230.22 Fremont, United States, ASN6623 (CBSI-1 - CBS Interactive Inc., US),
Reverse DNS: phx2-dw-cbsi-xw-ext-lb.cnet.com
Software: Apache/2.4.25 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:48 GMT
Server: Apache/2.4.25
Vary: *
Content-Type: image/gif
Cache-control: no-cache, must-revalidate, no-transform
Connection: Keep-Alive
Keep-Alive: timeout=80, max=882
Content-Length: 42
Expires: Mon, 05 Jan 1970 12:12:12 GMT

POST
H/1.1 200
OK domains Show response
api.viglink.com/api/ 76 B
521 B 36ms
36ms XHR
text/javascript 52.49.176.73
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viglink.com/api/domains
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.176.73 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-49-176-73.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: b516672147ee7925112e7db3275460befd13901c7a3f9f21ba6d100929f89766

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:47 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://www.zdnet.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 76
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK Cookie set dest5.html
cbsi.demdex.net/ Frame F8F4 0
0 143ms
35ms Document
text/html 52.31.175.110
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cbsi.demdex.net/dest5.html?d_nsid=undefined
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.1787.js?utv=ut4.43.201909041804
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.175.110 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-175-110.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Host: cbsi.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
Accept-Encoding: gzip, deflate, br
Cookie: demdex=83153696841002058541225469411765512245
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Content-Encoding: gzip
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Tue, 10 Sep 2019 14:26:27 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Set-Cookie: demdex=83153696841002058541225469411765512245;Path=/;Domain=.demdex.net;Expires=Sun, 15-Mar-2020 18:38:48 GMT;Max-Age=15552000
Vary: Accept-Encoding, User-Agent
X-TID: EorRuAE8RXM=
Content-Length: 2764
Connection: keep-alive

GET
H/1.1 200
OK id Show response
saa.cbsi.com/ 90 B
713 B 421ms
98ms XHR
application/x-javascript 52.0.145.219
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://saa.cbsi.com/id?d_visid_ver=2.3.0&d_fieldgroup=A&mcorgid=10D31225525FF5790A490D4D%40AdobeOrg&mid=83006028943439647741249246551671844173&ts=1568745528210
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.145.219 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-0-145-219.compute-1.amazonaws.com
Software: Omniture DC /
Resource Hash: 33847eff64e6cb7a791652e196aede732fc9a8fc17845f7ca6ae9f3ebe8d1084

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Tue, 17 Sep 2019 18:38:48 GMT
Server: Omniture DC
xserver: www268
Vary: Origin
X-C: ms-6.9.1
P3P: CP="This is not a P3P policy"
Access-Control-Allow-Origin: https://www.zdnet.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 90

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 2 KB
1 KB 70ms
42ms XHR
application/json 52.208.194.131
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://dpm.demdex.net/id?d_visid_ver=2.3.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=10D31225525FF5790A490D4D%40AdobeOrg&d_nsid=0&d_mid=83006028943439647741249246551671844173&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&d_cid_ic=AVID%012EC0941C052CA904-600029C1A00D5144&ts=1568745528633
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.194.131 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-208-194-131.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 51eab6e96e931e1db5730d06fa882b76dd127b89dcb318fb16d41511d172156f

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v042-0e202faf3.edge-irl1.demdex.com 5.59.0.20190904135845 8ms (+1ms)
Pragma: no-cache
Content-Encoding: gzip
X-TID: h75LvpQfQ0Q=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.zdnet.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 673
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 nr-1130.min.js Show response
js-agent.newrelic.com/ 24 KB
10 KB 38ms
37ms Script
application/javascript 151.101.14.110
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1130.min.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.110 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0e78b8cde09dbe0fc473f87bc77ec30ccc56780398d8676cf93c4aaec432257f

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:48 GMT
content-encoding: gzip
x-amz-request-id: 8174A4BD27442C39
x-cache: HIT
status: 200
content-length: 9407
x-amz-id-2: okRb4AqloAZZ3+qaWnpqMQYC7hkPpbr/Yrluzst01SO9f1ckk5T9tspUtBHMBazVI7CvXAVZCdo=
x-served-by: cache-fra19152-FRA
last-modified: Tue, 09 Jul 2019 23:52:06 GMT
server: AmazonS3
x-timer: S1568745529.677962,VS0,VE0
etag: "73f8857196b9ef7fd3b302cbc557b8ac"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 19100

GET
H/1.1 200
OK jpt Show response
secure.adnxs.com/ 0
677 B 91ms
28ms XHR
text/html 185.33.223.203
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/jpt?id=11834629&size=728x90&callback=headertag.AppNexusHtb.adResponseCallback&callback_uid=Lo4jo1vd&psa=0&promo_sizes=970x250&referrer=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life%2F

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.203 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

317.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:50 GMT
X-Proxy-Origin: 89.34.96.84; 89.34.96.84; 317.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.19:80
AN-X-Request-Uuid: 7db5fdc6-8c4e-44fd-b014-c79acaac21b2
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.zdnet.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK jpt Show response
secure.adnxs.com/ 0
677 B 98ms
35ms XHR
text/html 185.33.223.203
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/jpt?id=11834625&size=300x250&callback=headertag.AppNexusHtb.adResponseCallback&callback_uid=fSojeiGh&psa=0&referrer=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life%2F

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.203 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

317.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:50 GMT
X-Proxy-Origin: 89.34.96.84; 89.34.96.84; 317.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.79:80
AN-X-Request-Uuid: a5e2ba97-9350-40a1-b023-01c20699d242
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.zdnet.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK jpt Show response
secure.adnxs.com/ 0
677 B 93ms
30ms XHR
text/html 185.33.223.203
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/jpt?id=11834627&size=300x250&callback=headertag.AppNexusHtb.adResponseCallback&callback_uid=r2CApeAD&psa=0&referrer=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life%2F

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.203 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

317.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:50 GMT
X-Proxy-Origin: 89.34.96.84; 89.34.96.84; 317.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.41:80
AN-X-Request-Uuid: 91e1b0f2-33f3-4341-88e3-179a48821278
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.zdnet.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK jpt Show response
secure.adnxs.com/ 0
677 B 99ms
37ms XHR
text/html 185.33.223.203
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/jpt?id=11834631&size=300x250&callback=headertag.AppNexusHtb.adResponseCallback&callback_uid=Duk2H8n7&psa=0&promo_sizes=300x600&referrer=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life%2F

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.203 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

317.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:50 GMT
X-Proxy-Origin: 89.34.96.84; 89.34.96.84; 317.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.44:80
AN-X-Request-Uuid: 43ef92cb-b3c0-4a16-8347-71b23872af59
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.zdnet.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK jpt Show response
secure.adnxs.com/ 0
678 B 99ms
38ms XHR
text/html 185.33.223.203
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/jpt?id=11834632&size=728x90&callback=headertag.AppNexusHtb.adResponseCallback&callback_uid=z2wworaJ&psa=0&promo_sizes=970x250&referrer=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life%2F

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.203 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

317.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:50 GMT
X-Proxy-Origin: 89.34.96.84; 89.34.96.84; 317.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.133:80
AN-X-Request-Uuid: 7419ef16-f29e-4932-8ca4-867b7bc9bc0e
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.zdnet.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 66 B
943 B 338ms
267ms XHR
text/javascript 2.18.234.21
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?v=7.2&s=182823&fn=headertag.IndexExchangeHtb.adResponseCallback&r=%7B%22id%22%3A45988346%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life%2F%22%7D%2C%22imp%22%3A%5B%7B%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22202%22%2C%22siteID%22%3A%22182829%22%7D%2C%22id%22%3A%221%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22220%22%2C%22siteID%22%3A%22183316%22%7D%2C%22id%22%3A%222%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22209%22%2C%22siteID%22%3A%22182828%22%7D%2C%22id%22%3A%223%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22210%22%2C%22siteID%22%3A%22182826%22%7D%2C%22id%22%3A%224%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22208%22%2C%22siteID%22%3A%22182824%22%7D%2C%22id%22%3A%225%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22222%22%2C%22siteID%22%3A%22182825%22%7D%2C%22id%22%3A%226%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22219%22%2C%22siteID%22%3A%22183315%22%7D%2C%22id%22%3A%227%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22201%22%2C%22siteID%22%3A%22182823%22%7D%2C%22id%22%3A%228%22%7D%5D%2C%22ext%22%3A%7B%22source%22%3A%22ixwrapper%22%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220f18fcb7-0103-45d3-a555-fca08ffd1b9f%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222019-09-17T18%3A38%3A47%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%7D
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: dc26d8c468dc588b6ccc8bba66b3a106a0d5ab062bade96087d2d0291ba601f3

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:49 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://www.zdnet.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 86
Expires: Tue, 17 Sep 2019 18:38:49 GMT

GET
H2 200 vglnk.js Show response
cdn.viglink.com/api/ 78 KB
27 KB 26ms
26ms Script
text/javascript 2606:4700::6810:a10d
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viglink.com/api/vglnk.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:a10d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1e3d2c14e73d02c96b42ade56dfbb0535e4cf0537161c2b5bce2e149a09384b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:48 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 84197
cf-ray: 517d33026ce1cbcc-VIE
status: 200
content-length: 27719
x-amz-id-2: HNEV4caKoOdziBrXGZIDp4CzG6boiBMb4TLu65nU6otYm4+p2OQwr1vWix1CX0FBodMy916W6w4=
last-modified: Mon, 16 Sep 2019 19:15:01 GMT
server: cloudflare
etag: "1545d811432c0074356408ee8f6c1e23"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: FB54A2C70C0BB866
cache-control: public, max-age=1800
accept-ranges: bytes
content-type: text/javascript
expires: Tue, 17 Sep 2019 19:08:48 GMT

GET
H2 200 utag.1775.js Show response
tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/ 26 KB
9 KB 76ms
76ms Script
text/javascript 152.199.23.241
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.1775.js?utv=ut4.43.201909161811
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (via/F35E) /
Resource Hash: 0f4176807e149be9c6cc0e583699fffe630cccb37e57242ce5a7b1f7d63d859d

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:48 GMT
content-encoding: gzip
last-modified: Thu, 10 Nov 2016 20:41:55 GMT
server: ECAcc (via/F35E)
etag: "1112944691"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 8960
expires: Wed, 02 Oct 2019 18:38:48 GMT

GET
H2 200 utag.277.js Show response
tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/ 2 KB
947 B 77ms
77ms Script
text/javascript 152.199.23.241
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.277.js?utv=ut4.43.201909161811
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (via/F372) /
Resource Hash: 0e13cd6845611f0c419398a75b85ba014a7fffb1b9e9575c2e1b4cfefebd0017

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:48 GMT
content-encoding: gzip
last-modified: Mon, 11 Jul 2016 20:43:58 GMT
server: ECAcc (via/F372)
etag: "461771432"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 863
expires: Wed, 02 Oct 2019 18:38:48 GMT

GET
H2 200 utag.1772.js Show response
tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/ 2 KB
1 KB 77ms
77ms Script
text/javascript 152.199.23.241
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.1772.js?utv=ut4.43.201909161811
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (via/F298) /
Resource Hash: e482ba089d973ca257acfd70b2d7541447d5d333449b106d5c3dffebe322566a

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:48 GMT
content-encoding: gzip
last-modified: Mon, 11 Jul 2016 20:43:58 GMT
server: ECAcc (via/F298)
etag: "4198895974+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 959
expires: Wed, 02 Oct 2019 18:38:48 GMT

GET
H2 200 utag.1796.js Show response
tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/ 8 KB
3 KB 96ms
96ms Script
text/javascript 152.199.23.241
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.1796.js?utv=ut4.43.201909161811
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (via/F2C3) /
Resource Hash: 9337d4f2ef8a00759da573e178e302712fec944ac54cfd808f48c526b9816d3b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:48 GMT
content-encoding: gzip
last-modified: Mon, 28 Nov 2016 15:09:53 GMT
server: ECAcc (via/F2C3)
etag: "931235332"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 2762
expires: Wed, 02 Oct 2019 18:38:48 GMT

GET
H2 200 utag.1810.js Show response
tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/ 2 KB
1 KB 96ms
96ms Script
text/javascript 152.199.23.241
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.1810.js?utv=ut4.43.201909161811
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (via/F3AB) /
Resource Hash: 07178558c596bc2fe33d99750a349d5413fa4571fc778cefbe4f4f367404f6d6

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:48 GMT
content-encoding: gzip
last-modified: Mon, 08 Jul 2019 17:22:10 GMT
server: ECAcc (via/F3AB)
etag: "4274102907"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 988
expires: Wed, 02 Oct 2019 18:38:48 GMT

GET
H/1.1

200
OK

pixel_details.html
www.everestjs.net/static/ Frame 8325
Redirect Chain

https://pixel.everesttech.net/4083/gr?ev_gb=0&url=https%3A%2F%2Fwww.everestjs.net%2Fstatic%2Fpixel_details.html%23google%3D__EFGCK__%26gsurfer%3D__EFGSURFER__%26optout%3D__EFOPTOUT__%26throttleCook...
https://www.everestjs.net/static/pixel_details.html

0
0

39ms
39ms

Document
text/html

184.31.90.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.everestjs.net/static/pixel_details.html
Requested by: Host: www.everestjs.net
URL: https://www.everestjs.net/static/st.v3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.90.90 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a184-31-90-90.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Host: www.everestjs.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Response headers

Server: Apache
Last-Modified: Tue, 04 Oct 2011 16:14:21 GMT
ETag: "8623-a6-4ae7b62583140"
Accept-Ranges: bytes
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 146
Cache-Control: max-age=49956
Expires: Wed, 18 Sep 2019 08:31:24 GMT
Date: Tue, 17 Sep 2019 18:38:48 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Date: Tue, 17 Sep 2019 18:38:48 GMT
Server: Apache
Set-Cookie: everest_session_v2=XYEoOAAABDtpdZaZ; path=/; domain=.everesttech.net everest_g_v2=g_surferid~XYEoOAAABDtpdZaZ; path=/; domain=.everesttech.net; expires=Thu, 12-Aug-2021 05:18:48 GMT
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Location: https://www.everestjs.net/static/pixel_details.html#google=XYEoOAAABDtpdZaZ&gsurfer=XYEoOAAABDtpdZaZ&optout=0&throttleCookie=&time=20190917183848
Content-Length: 345
Keep-Alive: timeout=15, max=995308
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK Cookie set dest5.html
cbsi.demdex.net/ Frame F0D5 0
0 104ms
36ms Document
text/html 52.31.175.110
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cbsi.demdex.net/dest5.html?d_nsid=0
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.1787.js?utv=ut4.43.201909041804
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.175.110 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-175-110.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Host: cbsi.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
Accept-Encoding: gzip, deflate, br
Cookie: demdex=83153696841002058541225469411765512245; dextp=269-1-1568745528371|477-1-1568745528472|771-1-1568745528572|22052-1-1568745528673
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Content-Encoding: gzip
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Tue, 10 Sep 2019 14:25:24 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Set-Cookie: demdex=83153696841002058541225469411765512245;Path=/;Domain=.demdex.net;Expires=Sun, 15-Mar-2020 18:38:48 GMT;Max-Age=15552000
Vary: Accept-Encoding, User-Agent
X-TID: dt7P5Cr1SAc=
Content-Length: 2764
Connection: keep-alive

GET
H/1.1 200
OK s47021169576942 Show response
saa.cbsi.com/b/ss/cnetzdnetglobalsite/10/JS-2.3.0/ 2 KB
2 KB 402ms
402ms Script
application/x-javascript 52.0.145.219
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://saa.cbsi.com/b/ss/cnetzdnetglobalsite/10/JS-2.3.0/s47021169576942?AQB=1&ndh=1&pf=1&callback=s_c_il[0].doPostbacks&et=1&t=17%2F8%2F2019%2020%3A38%3A48%202%20-120&d.&nsid=0&jsonv=1&.d&mid=83006028943439647741249246551671844173&aid=2EC0941C052CA904-600029C1A00D5144&aamlh=6&ce=UTF-8&ns=cbsinteractive&pageName=zdnet%3A%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life%2F&g=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life%2F&cc=USD&ch=editorial&server=www.zdnet.com&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=zdnet&v1=zdnet&h1=editorial%7Carticle&c2=D%3Dv2&v2=uk&l2=113c25b6-ec91-11e3-95d2-02911863765e&c3=D%3Dv3&v3=responsive%20web%7Cdesktop&l3=85fd8691-f525-4ea2-a601-af296f629f7f&c4=D%3Dv4&c5=D%3Dv5&v5=cnetzdnetglobalsite&c6=D%3Dv6&v6=editorial%7Carticle&c7=D%3Dv7&v7=D%3Dg&c8=D%3Dv8&v8=Emotet%2C%20today%27s%20most%20dangerous%20botnet%2C%20comes%20back%20to%20life%20%7C%20ZDNet&c9=D%3DUser-Agent&c10=D%3Dv10&v10=article&c11=D%3Dv11&v15=not%20authenticated%7Canon&c20=D%3Dv20&v20=emotet%2C%20today%27s%20most%20dangerous%20botnet%2C%20comes%20back%20to%20life&c22=D%3Dv22&v22=content_article&c23=D%3Dv23&v23=113c25b6-ec91-11e3-95d2-02911863765e&c24=D%3Dv24&v24=2deadd63-948e-47d6-8788-a047a60ccf51&c25=D%3Dv25&c26=D%3Dv26&c28=D%3Dv28&c30=D%3Dv30&v30=4f29584f-9b66-438c-b15b-0640eecb2c31&c31=D%3Dv31&c33=D%3Dv33&c34=D%3Dv34&c35=D%3Dv35&v35=SQA0b12BKDi2Umx4tF8&c44=D%3Dv44&v44=zdnet&c50=D%3Dv50&c51=D%3Dv51&c52=D%3Dv52&c53=D%3Dv53&c54=D%3Dv54&c65=D%3Dv65&v65=discover&c69=D%3Dv69&v85=false&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=10D31225525FF5790A490D4D%40AdobeOrg&AQE=1
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.1787.js?utv=ut4.43.201909041804
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.145.219 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-0-145-219.compute-1.amazonaws.com
Software: Omniture DC /
Resource Hash: 1357ab9629c305fb54d1de98d95d8af60c362017220a98788cf21161b88f5312

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-AAM-TID: oED/OAK+Q+Y=
Date: Tue, 17 Sep 2019 18:38:48 GMT
X-C: ms-6.9.1
P3P: CP="This is not a P3P policy"
Connection: keep-alive
Content-Length: 1598
DCS: dcs-prod-irl1-v042-03bd6d0bc.edge-irl1.demdex.com 5.59.0.20190904135845 10ms (+1ms)
Pragma: no-cache
Last-Modified: Wed, 18 Sep 2019 18:38:48 GMT
Server: Omniture DC
xserver: www127
ETag: "3368855369339928576-6382279826035848113"
Vary: *
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, no-transform, private
Expires: Mon, 16 Sep 2019 18:38:48 GMT

GET
H2 200 / Show response
www.zdnet.com/components/breaking-news/xhr/ 1 KB
2 KB 184ms
184ms XHR
application/json 23.210.249.64
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/components/breaking-news/xhr/?slug=breaking-news-banner

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.210.249.64 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a23-210-249-64.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

70466750ea9e429a29f9c09d0def2c28d16a327ca8103c734f241c878113e23f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .zdnet.com .ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
X-NewRelic-ID: UQIHWFZXGwIDXFdRAAYDVw==
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
X-Requested-With: XMLHttpRequest
Sec-Fetch-Mode: cors

Response headers

content-security-policy: frame-ancestors 'self' *.zdnet.com *.ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding, User-Agent
content-length: 506
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 17 Sep 2019 18:37:48 GMT
server: nginx
x-frame-options: SAMEORIGIN
date: Tue, 17 Sep 2019 18:38:48 GMT
expect-ct: max-age=0, report-uri="https://7a8f8748a40805618a61b617481a6ebc.report-uri.com/r/d/ct/reportOnly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-tx-id: e7fe76f4-2de0-45f3-897b-7f0d633ad9d5
content-type: application/json
access-control-allow-origin: https://www.zdnet.com
cache-control: max-age=5400, private
accept-ranges: bytes
expires: Tue, 17 Sep 2019 20:07:48 GMT

GET
H2 200 disqus-count-5922ea1c53-rev.js Show response
zdnet2.cbsistatic.com/fly/js/components/ 406 B
440 B 7ms
6ms Script
application/javascript 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet2.cbsistatic.com/fly/js/components/disqus-count-5922ea1c53-rev.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1805-fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

b8c15c61feffdfe68b168cf2ac8cf58867f38547da3b15d7971a75c44f16bc26

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 358020
status: 200
vary: Accept-Encoding
content-length: 270
x-xss-protection: 1; mode=block
last-modified: Thu, 12 Sep 2019 10:22:02 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "5d7a1c4a-196"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Sep 2019 15:11:47 GMT

GET
H2 200 image-gallery-modal-e49526b449-rev.js Show response
zdnet1.cbsistatic.com/fly/js/components/ 5 KB
2 KB 6ms
6ms Script
application/javascript 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet1.cbsistatic.com/fly/js/components/image-gallery-modal-e49526b449-rev.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1805-fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

f5b52ad70c5d645388b52d2fadaf8a5311aee9a01436866ab9b3e2c5f02e1c22

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 123916
status: 200
vary: Accept-Encoding
content-length: 1909
x-xss-protection: 1; mode=block
last-modified: Thu, 12 Sep 2019 10:22:02 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5d7a1c4a-13d0"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 23 Sep 2019 08:13:31 GMT

GET
H2 200 industroyer.png
zdnet3.cbsistatic.com/hub/i/r/2019/07/08/352e9411-0746-4aac-a8d6-e599794dceb9/thumbnail/170x128/f24741ef141bba7f096977bb9c6b0106/ 14 KB
14 KB 8ms
6ms Image
image/png 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet3.cbsistatic.com/hub/i/r/2019/07/08/352e9411-0746-4aac-a8d6-e599794dceb9/thumbnail/170x128/f24741ef141bba7f096977bb9c6b0106/industroyer.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

155935e0a93c8ec455550b190009b63e38f69b99ba20dbdc3da5dfe1271b89b7

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4454018
status: 200
content-transfer-encoding: binary
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 13712
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "042aec9e604155f2f06c0a16c5f9ba06"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 duqu.png
zdnet2.cbsistatic.com/hub/i/r/2019/07/08/1ed9a71d-b11e-4d38-a0a2-99435566bae2/thumbnail/170x128/5a7daabbc85ec370c59be15784b36c7d/ 27 KB
27 KB 9ms
7ms Image
image/png 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet2.cbsistatic.com/hub/i/r/2019/07/08/1ed9a71d-b11e-4d38-a0a2-99435566bae2/thumbnail/170x128/5a7daabbc85ec370c59be15784b36c7d/duqu.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

b105bb3b88371b52236270b355f1657b62bcebb2141a2e67fd6439bf981b1d99

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4591260
status: 200
content-transfer-encoding: binary
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 27423
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "0e31fe01bd51d1368eb9c4d9a3e4284e"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 plugx.png
zdnet2.cbsistatic.com/hub/i/r/2019/07/08/a805a835-0a4d-45ad-8c6d-d744d5361b46/thumbnail/170x128/c160c0514b3910ddde37693cc246d521/ 6 KB
6 KB 8ms
6ms Image
image/png 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet2.cbsistatic.com/hub/i/r/2019/07/08/a805a835-0a4d-45ad-8c6d-d744d5361b46/thumbnail/170x128/c160c0514b3910ddde37693cc246d521/plugx.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

8f3c628048bb8f1f65090540cef37dedb3da8c58713b2d76710c87c9060edde0

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1790234
status: 200
content-transfer-encoding: binary
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 5998
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "fa3060edb66e6ff4507886f9912e1ab9"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 winnti.png
zdnet4.cbsistatic.com/hub/i/r/2019/07/08/f0220f04-31c8-4d17-873a-f66e9c1bc390/thumbnail/170x128/7b5b52260c5a6750883cde914d0499a3/ 26 KB
26 KB 9ms
8ms Image
image/png 2a04:4e42:3::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet4.cbsistatic.com/hub/i/r/2019/07/08/f0220f04-31c8-4d17-873a-f66e9c1bc390/thumbnail/170x128/7b5b52260c5a6750883cde914d0499a3/winnti.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

d888280a72edc651af08047011eef087b2bc4d09580f91de2ffe09e22a52bdf0

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 676834
status: 200
content-transfer-encoding: binary
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 26341
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "085041a0a9f34e2125087d2c53fe6291"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 uroburos.png
zdnet2.cbsistatic.com/hub/i/r/2019/07/08/b570b615-9755-48fc-a1b7-9ddb157e021a/thumbnail/170x128/c31da214d08ede8f4beb192154400d59/ 12 KB
12 KB 8ms
7ms Image
image/png 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet2.cbsistatic.com/hub/i/r/2019/07/08/b570b615-9755-48fc-a1b7-9ddb157e021a/thumbnail/170x128/c31da214d08ede8f4beb192154400d59/uroburos.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

0b02d7a500ed96bb84b65bbcb27ee8524a12424170a0f02aa8a0e4604df3d086

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4569435
status: 200
content-transfer-encoding: binary
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 12240
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "d9dbc51dc534921589adf460c85cd824"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 disqus-loader-db6fae9369-rev.js Show response
zdnet3.cbsistatic.com/fly/js/components/ 1 KB
728 B 7ms
7ms Script
application/javascript 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet3.cbsistatic.com/fly/js/components/disqus-loader-db6fae9369-rev.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1805-fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

4bb0f33f40b38593e1cba1c8b2f15703d33753bbd80f30511dd9c464a959afe7

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 133050
status: 200
vary: Accept-Encoding
content-length: 642
x-xss-protection: 1; mode=block
last-modified: Thu, 12 Sep 2019 10:22:02 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5d7a1c4a-580"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 23 Sep 2019 05:41:17 GMT

GET
H2 200 ecuador-data-breach.jpg
zdnet3.cbsistatic.com/hub/i/r/2019/09/17/71996cb9-8a95-41cd-afaf-463660269e9a/thumbnail/70x53/e2f7c31ec1c0eaec3a447caa5fafbf23/ 2 KB
2 KB 9ms
7ms Image
image/jpeg 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet3.cbsistatic.com/hub/i/r/2019/09/17/71996cb9-8a95-41cd-afaf-463660269e9a/thumbnail/70x53/e2f7c31ec1c0eaec3a447caa5fafbf23/ecuador-data-breach.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

934f6af2feba6488e54a10898cec47d5c8c1052994b6662fc0855fb782f36fa2

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8793
status: 200
content-transfer-encoding: binary
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 1939
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "7ca57a9f85a19a6e4b9a248c1daca185"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 gootkit.png
zdnet2.cbsistatic.com/hub/i/r/2019/09/17/3f876e1a-ddbf-4b5e-adbd-559f5136ca5a/thumbnail/70x53/5542b16aa8858b77059dc6b8930cd135/ 5 KB
4 KB 8ms
7ms Image
image/png 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet2.cbsistatic.com/hub/i/r/2019/09/17/3f876e1a-ddbf-4b5e-adbd-559f5136ca5a/thumbnail/70x53/5542b16aa8858b77059dc6b8930cd135/gootkit.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

0fc35f6d91748c84229af65812c67a706be65c51bbea081ed92dac22828ed2b2

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20190
status: 200
content-transfer-encoding: binary
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 4516
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "d3f93e7766e8e1b7ef66dfdd9a8be93b"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 luminpdf-users-redacted.png
zdnet2.cbsistatic.com/hub/i/r/2019/09/16/ee231831-f9d6-49bd-bdcf-5ea6c798a7cc/thumbnail/70x53/b8f55d61b5474e9d07d08aac626dbecc/ 3 KB
3 KB 8ms
7ms Image
image/png 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet2.cbsistatic.com/hub/i/r/2019/09/16/ee231831-f9d6-49bd-bdcf-5ea6c798a7cc/thumbnail/70x53/b8f55d61b5474e9d07d08aac626dbecc/luminpdf-users-redacted.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

3ffb21d18f190848a680784584453555ac531c52285bb4d9e24e93b71b05f616

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80964
status: 200
content-transfer-encoding: binary
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 3307
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "71a5c0514ab83382d98154e5a5f9d813"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 lastpass.png
zdnet1.cbsistatic.com/hub/i/r/2019/09/16/eaade1dd-03d6-4527-a092-bae69a690068/thumbnail/70x53/d34ba855773e3f90ad8007abc931afc6/ 7 KB
7 KB 7ms
6ms Image
image/png 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet1.cbsistatic.com/hub/i/r/2019/09/16/eaade1dd-03d6-4527-a092-bae69a690068/thumbnail/70x53/d34ba855773e3f90ad8007abc931afc6/lastpass.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

5dcd44c16f3e6d379af59491b2399f26200dba8e0c2cbd53aa2f7adf64611fc8

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 121962
status: 200
content-transfer-encoding: binary
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 6762
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "f1b8b7b3ceb65c188dcdc0851634cadf"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 / Show response
www.zdnet.com/newsletter/xhr/widget-login/ 2 KB
2 KB 436ms
436ms XHR
application/json 23.210.249.64
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/newsletter/xhr/widget-login/?topic=security

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.210.249.64 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a23-210-249-64.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

778e4d83416c5b51b10553365bdd4dc14d286e23b97a2fe096c20a9102f322ec

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .zdnet.com .ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
X-NewRelic-ID: UQIHWFZXGwIDXFdRAAYDVw==
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
X-Requested-With: XMLHttpRequest
Sec-Fetch-Mode: cors

Response headers

content-security-policy: frame-ancestors 'self' *.zdnet.com *.ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding, User-Agent
content-length: 729
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: nginx
x-frame-options: SAMEORIGIN
date: Tue, 17 Sep 2019 18:38:49 GMT
expect-ct: max-age=0, report-uri="https://7a8f8748a40805618a61b617481a6ebc.report-uri.com/r/d/ct/reportOnly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-tx-id: 9bad24b1-ca80-4ad7-a326-f9a90aaa26c3
content-type: application/json
access-control-allow-origin: https://www.zdnet.com
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Tue, 17 Sep 2019 18:38:49 GMT

POST
H2 200 / Show response
www.zdnet.com/m3d0s1/xhr/right-rail/ 11 KB
3 KB 351ms
351ms XHR
application/json 23.210.249.64
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/m3d0s1/xhr/right-rail/

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.210.249.64 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a23-210-249-64.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

ece0b69e7d61c35d2c06de83fff4ba69283fef66e7b73ee5b3fe3412d3d8936b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .zdnet.com .ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
X-NewRelic-ID: UQIHWFZXGwIDXFdRAAYDVw==
X-Requested-With: XMLHttpRequest
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

content-security-policy: frame-ancestors 'self' *.zdnet.com *.ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding, User-Agent
content-length: 1678
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: nginx
x-frame-options: SAMEORIGIN
date: Tue, 17 Sep 2019 18:38:49 GMT
expect-ct: max-age=0, report-uri="https://7a8f8748a40805618a61b617481a6ebc.report-uri.com/r/d/ct/reportOnly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-tx-id: c62fd46f-4683-4c48-912e-fa39fe1877ba
content-type: application/json
access-control-allow-origin: https://www.zdnet.com
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Tue, 17 Sep 2019 18:38:49 GMT

GET
H2 200 front-door-carousel-56427878d9-rev.js Show response
zdnet1.cbsistatic.com/fly/js/components/ 5 KB
2 KB 6ms
6ms Script
application/javascript 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet1.cbsistatic.com/fly/js/components/front-door-carousel-56427878d9-rev.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1805-fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

5ecc6a93ec2939faa8dbf80084346c7d940f5a2181ee69343810da52902eb92d

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 361155
status: 200
vary: Accept-Encoding
content-length: 1564
x-xss-protection: 1; mode=block
last-modified: Thu, 12 Sep 2019 10:22:02 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5d7a1c4a-124a"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Sep 2019 14:19:32 GMT

GET
H2 200 urban-airship-29ae327ed0-rev.js Show response
zdnet3.cbsistatic.com/fly/js/components/ 1 KB
976 B 9ms
8ms Script
application/javascript 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet3.cbsistatic.com/fly/js/components/urban-airship-29ae327ed0-rev.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1805-fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

fa33d1db535d783b0baf4e74bdc7ce9e54633f87a03669b2803e567088d64ccb

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 599150
status: 200
vary: Accept-Encoding
content-length: 827
x-xss-protection: 1; mode=block
last-modified: Tue, 10 Sep 2019 14:07:29 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5d77ae21-514"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Sep 2019 20:12:59 GMT

GET
H/1.1 200
OK 36c1ca5070 Show response
bam.nr-data.net/1/ 57 B
261 B 447ms
111ms Script
text/javascript 162.247.242.19
New Relic

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/36c1ca5070?a=138637741&v=1130.54e767a&to=NV1TZ0MHXxUFWxBYWQwXcFBFD14IS1kWRV8BVFRsQg9fAQhd&rst=2806&ref=https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/&ap=637&be=441&fe=2589&dc=777&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1568745526068,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:2,%22c%22:2,%22s%22:22,%22ce%22:87,%22rq%22:87,%22rp%22:434,%22rpe%22:677,%22dl%22:437,%22di%22:730,%22ds%22:777,%22de%22:779,%22dc%22:2589,%22l%22:2589,%22le%22:2658%7D,%22navigation%22:%7B%7D%7D&fp=622&fcp=622&at=GRpEEQsdExIcZw1VFFgaCFZXBQMEVlxJAAZWDRwHBl9VSwUBBQcbUgoHBARUUFNUAVcDFE4aRVxBD1IoBVUBEwxAS1RQRBRYEh0aSBNXEExYUF0DZR8UXUYLFAFXX0dUCEU5BUoQWFUOXRMfEwREHw1WA3JPAVRUEQtEVQ8XWwtHUxAaHRFVA0cPB10wSEYHGgsRVQNCDRBXFBMaQFpdXFYvVUReGgZXVQFcVQECS1QCUFlJAAcHCxwKBAIDS1QKXQAHWg4CBAdTVERIGhRQUQdsSENURAtEBUoQWFUOXRMfExJeFg1bLVUUWBoAAgIFA1MGDklUVVsJHAIAAwJLXQ0AAxtSCggCAF4HVVMOUVQUThpEQV1EC0QMTBBBRVhkHm8eEUYRSkIAX1MWFlJcXDoeBxZMDVJaB2QeVlwJRQMQFRBeUgNBQh5cCUISSVwFX1EHSl5GQktTCRBWAUUbAVdcVkJLUwcHU0lFWU9UWFVUOh5EGRRGUBRYQ0xO&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1130.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.19 San Francisco, United States, ASN23467 (NEWRELIC-AS-1 - New Relic, US),
Reverse DNS: bam-7.nr-data.net
Software: /
Resource Hash: 5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 57
Content-Type: text/javascript;charset=ISO-8859-1

GET
H2 200 advertisement-d41d8cd98f-rev.js Show response
zdnet2.cbsistatic.com/fly/js/utils/ 0
263 B 7ms
7ms Script
application/javascript 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet2.cbsistatic.com/fly/js/utils/advertisement-d41d8cd98f-rev.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1805-fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:48 GMT
x-content-type-options: nosniff
age: 559675
status: 200
vary: Accept-Encoding
content-length: 0
x-xss-protection: 1; mode=block
last-modified: Tue, 10 Sep 2019 14:07:46 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "5d77ae32-0"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Sep 2019 07:10:53 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/cbsinteractive-zdnet/ 84 KB
19 KB 40ms
38ms Script
application/javascript 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/cbsinteractive-zdnet/loader.js
Requested by: Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1805-fly/js/libs/require-2.1.2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8bbab7355d5aa551c9f5152fac15aa857d1e352242440ce6911a4e8eef321500

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: U8wN2az2a8oXD_Oos5M5xV5YnT4Twwju
content-encoding: gzip
etag: "df80d9c3040bf21067053575df545fac"
age: 102
x-cache: HIT
status: 200
content-length: 18765
x-amz-id-2: TFTvVlYzYxDxuEzrPlj4vkfPHhvwYH2fWAZkz+FBxVBDewfnnBrfYayOAel+vdN4tWN7vfMuZjc=
x-served-by: cache-hhn4021-HHN
last-modified: Wed, 11 Sep 2019 14:50:51 GMT
server: AmazonS3
x-timer: S1568745529.905309,VS0,VE1
date: Tue, 17 Sep 2019 18:38:48 GMT
vary: Accept-Encoding
x-amz-request-id: 8B32C10FD489ACD0
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 29
x-cache-hits: 1

GET
H/1.1

200
OK

jot.html
platform.twitter.com/ Frame F5E4
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

0
0

10ms
6ms

Document
text/html

2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40E9) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Origin: https://www.zdnet.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Tue, 17 Sep 2019 18:38:49 GMT
Etag: "d9592a6c704736fa4da218d4357976dd"
Last-Modified: Mon, 09 Sep 2019 22:21:05 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40E9)
X-Cache: HIT
Content-Length: 80

Redirect headers

status: 302 302 Found
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length: 0
content-type: text/html;charset=utf-8
date: Tue, 17 Sep 2019 18:38:49 GMT
expires: Tue, 31 Mar 1981 05:00:00 GMT
last-modified: Tue, 17 Sep 2019 18:38:48 GMT
location: https://platform.twitter.com/jot.html
pragma: no-cache
server: tsa_f
strict-transport-security: max-age=631138519
x-connection-hash: 53b54ccb72dd96ae3c33363a3f764e74
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-response-time: 105
x-transaction: 0054eb36008a2495
x-tsa-request-body-time: 0
x-twitter-response-tags: BouncerCompliant
x-xss-protection: 0

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet1.cbsistatic.com/hub/i/r/2019/09/16/eaade1dd-03d6-4527-a092-bae69a690068/thumbnail/70x53/d34ba855773e3f90ad8007abc931afc6/lastpass.png

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/1805-fly/js/main.default.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

5dcd44c16f3e6d379af59491b2399f26200dba8e0c2cbd53aa2f7adf64611fc8

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 121962
status: 200
content-transfer-encoding: binary
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 6762
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "f1b8b7b3ceb65c188dcdc0851634cadf"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 gootkit.png
zdnet2.cbsistatic.com/hub/i/r/2019/09/17/3f876e1a-ddbf-4b5e-adbd-559f5136ca5a/thumbnail/70x53/5542b16aa8858b77059dc6b8930cd135/ 5 KB
5 KB 7ms
6ms Image
image/png 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet2.cbsistatic.com/hub/i/r/2019/09/17/3f876e1a-ddbf-4b5e-adbd-559f5136ca5a/thumbnail/70x53/5542b16aa8858b77059dc6b8930cd135/gootkit.png

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/1805-fly/js/main.default.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

0fc35f6d91748c84229af65812c67a706be65c51bbea081ed92dac22828ed2b2

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20190
status: 200
content-transfer-encoding: binary
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 4516
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "d3f93e7766e8e1b7ef66dfdd9a8be93b"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet2.cbsistatic.com/hub/i/r/2019/09/16/ee231831-f9d6-49bd-bdcf-5ea6c798a7cc/thumbnail/70x53/b8f55d61b5474e9d07d08aac626dbecc/luminpdf-users-redacted.png

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/1805-fly/js/main.default.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

3ffb21d18f190848a680784584453555ac531c52285bb4d9e24e93b71b05f616

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80964
status: 200
content-transfer-encoding: binary
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 3307
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "71a5c0514ab83382d98154e5a5f9d813"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet3.cbsistatic.com/hub/i/r/2019/09/17/71996cb9-8a95-41cd-afaf-463660269e9a/thumbnail/70x53/e2f7c31ec1c0eaec3a447caa5fafbf23/ecuador-data-breach.jpg

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/1805-fly/js/main.default.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

934f6af2feba6488e54a10898cec47d5c8c1052994b6662fc0855fb782f36fa2

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8793
status: 200
content-transfer-encoding: binary
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 1939
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "7ca57a9f85a19a6e4b9a248c1daca185"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK cs.js Show response
sb.scorecardresearch.com/c2/3005086/ 0
400 B 409ms
328ms Script
application/x-javascript 2.19.43.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/c2/3005086/cs.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.1775.js?utv=ut4.43.201909161811
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.43.224 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-19-43-224.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 18:38:49 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Apr 2011 23:11:26 GMT
ETag: "d41d8cd98f00b204e9800998ecf8427e:1349196464"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=259200
Connection: keep-alive
Content-Length: 20
Expires: Fri, 20 Sep 2019 18:38:49 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=3005086&ns__t=1568745528902&ns_c=UTF-8&c8=Emotet%2C%20today%27s%20most%20dangerous%20botnet%2C%20comes%20back%20to%20life%20%7C%20ZDNet&c7=https%3A%2F%2Fw...
https://sb.scorecardresearch.com/b2?c1=2&c2=3005086&ns__t=1568745528902&ns_c=UTF-8&c8=Emotet%2C%20today%27s%20most%20dangerous%20botnet%2C%20comes%20back%20to%20life%20%7C%20ZDNet&c7=https%3A%2F%2F...

0
248 B

66ms
39ms

Image
text/plain

2.19.43.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=3005086&ns__t=1568745528902&ns_c=UTF-8&c8=Emotet%2C%20today%27s%20most%20dangerous%20botnet%2C%20comes%20back%20to%20life%20%7C%20ZDNet&c7=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life%2F&c9=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.43.224 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-19-43-224.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:49 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=3005086&ns__t=1568745528902&ns_c=UTF-8&c8=Emotet%2C%20today%27s%20most%20dangerous%20botnet%2C%20comes%20back%20to%20life%20%7C%20ZDNet&c7=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life%2F&c9=
Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:49 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
zn_3xebfjduss0srw5-cbs.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 60 KB
15 KB 99ms
43ms Script
application/javascript 104.17.209.240
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://zn_3xebfjduss0srw5-cbs.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_3xeBFJDuSs0SRW5&Q_LOC=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life%2F

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.277.js?utv=ut4.43.201909161811

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

661582515dd231f99fdd37d11c1237a8e001ab99b898dc1430ac2f73f718098c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 64266
cf-polished: origSize=62037
status: 200
edge-control: max-age=604800
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-bgj: minify
server: cloudflare
x-powered-by: Express
etag: W/"f255-UCA7wINInts3OI0TBl6iZ+HnnBg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
cf-ray: 517d330419dace53-LHR
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2

200

m
secure-us.imrworldwide.com/cgi-bin/
Redirect Chain

https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-304254h&cg=0&cc=1&si=https%3A//www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/&rp=&ts=compact&rnd=1568745528904
https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-304254h&cg=0&cc=1&si=https%3A//www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/&rp=&ts=compact&rnd=1568745528904&ja=1

44 B
332 B

35ms
35ms

Image
image/gif

34.254.217.168
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-304254h&cg=0&cc=1&si=https%3A//www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/&rp=&ts=compact&rnd=1568745528904&ja=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.217.168 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-254-217-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Sep 2019 18:38:49 GMT
server: nginx
status: 200
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://www.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 17 Sep 2019 18:38:48 GMT
server: nginx
status: 302
location: https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-304254h&cg=0&cc=1&si=https%3A//www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/&rp=&ts=compact&rnd=1568745528904&ja=1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://www.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
content-length: 0
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 fly-disqus-count-1f604770a3-rev.js Show response
zdnet2.cbsistatic.com/fly/js/components/ 882 B
566 B 7ms
6ms Script
application/javascript 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet2.cbsistatic.com/fly/js/components/fly-disqus-count-1f604770a3-rev.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1805-fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

b2ab8784d5ca4bc5e4e1990ba55c6d9f041b8fe8cf41ad9afa37bc1c3dd12756

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 130601
status: 200
vary: Accept-Encoding
content-length: 460
x-xss-protection: 1; mode=block
last-modified: Thu, 12 Sep 2019 10:22:02 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "5d7a1c4a-372"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 23 Sep 2019 06:22:07 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 121 KB
31 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

14d88b3a27f0e6de034f86ad42d6411081e9467daf754147f2f16bcb20782177

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;report-uri https://www.facebook.com/csp/reporting/
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-length: 31604
x-xss-protection: 0
pragma: public
x-fb-debug: ZRHnTNvqSKhfDWy7Wp/i2PNfUXE6GqpeLPfneA6zPT8pEUNo+IW35iYlfLb+gsxzLXYsjmjVKiXMLmKRes9WDA==
x-fb-trip-id: 420120009
x-frame-options: DENY
date: Tue, 17 Sep 2019 18:38:48 GMT
vary: Origin, Accept-Encoding
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;report-uri https://www.facebook.com/csp/reporting/
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 cbs_zQTp2H_zdnet.js Show response
cdn-magiclinks.trackonomics.net/client/static/v2/ 95 KB
18 KB 32ms
11ms Script
text/javascript 2600:9000:2057:4a00:1d:8c8c:47c0:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-magiclinks.trackonomics.net/client/static/v2/cbs_zQTp2H_zdnet.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.1810.js?utv=ut4.43.201909161811
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:4a00:1d:8c8c:47c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Apache/2.4.34 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.8 /
Resource Hash: 735dd6528ef8dd97886865a6ff4a0387d6cebab544c6288c8ba2169b1858c392

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 17:31:51 GMT
content-encoding: gzip
last-modified: Wed, 21 Aug 2019 10:15:58 GMT
server: Apache/2.4.34 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.8
age: 4017
status: 200
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
access-control-allow-origin: *
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: MB7VIDixqhLko8anZflYmbrI1mCrCBo3Cy7-OdX0Ky3V20g-ozHnyg==
via: 1.1 b0954612f115b3d0a0db0a669e45ae8f.cloudfront.net (CloudFront)

GET
H/1.1 200
OK 4083-12969.js Show response
www.everestjs.net/dl/4083/ 484 B
664 B 44ms
44ms Script
application/x-javascript 184.31.90.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.everestjs.net/dl/4083/4083-12969.js
Requested by: Host: www.everestjs.net
URL: https://www.everestjs.net/static/st.v3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.90.90 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a184-31-90-90.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 1d4d518e1da495fb6d6d8b3d86bba79d7597b61b466e71c45cdb09ed79659c53

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 18:38:48 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Nov 2013 14:23:10 GMT
Server: Apache
ETag: "4a5a49-1e4-4ec011a776f80"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=79273
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 288
Expires: Wed, 18 Sep 2019 16:40:01 GMT

GET
H/1.1 200
OK v
pixel.everesttech.net/4083/ 128 B
716 B 42ms
41ms Image
image/png 66.117.28.68
Adobe Systems Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/4083/v?ev___loc=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life%2F&ev___ref=%2F%2F
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 66.117.28.68 , United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),
Reverse DNS
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 18:38:48 GMT
Last-Modified: Wed, 19 Oct 2016 22:11:25 GMT
Server: Apache
ETag: "1433c2-80-53f3f17013d40"
Vary: Cookie
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=15, max=984714
Content-Length: 128

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/
Redirect Chain

https://cm.everesttech.net/cm
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&url=/1x1&google_hm=WFlFb09BQUFCRHRwZFphWg
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm=&google_sc=&ev_rs=1&url=/1x1&google_hm=WFlFb09BQUFCRHRwZFphWg&google_tc=
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1x1&google_gid=CAESEOglWoaz0k-YO-fAxfvIMS4&google_cver=1
https://pixel.everesttech.net/1x1

128 B
407 B

107ms
46ms

Image
image/png

66.117.28.68
Adobe Systems Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 66.117.28.68 , United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),
Reverse DNS
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 18:38:49 GMT
Last-Modified: Wed, 19 Oct 2016 22:11:25 GMT
Server: Apache
ETag: "9c38d7-80-53f3f17013d40"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=995232
Content-Length: 128

Redirect headers

Date: Tue, 17 Sep 2019 18:38:48 GMT
Server: AMO-cookiemap/1.1
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Location: https://pixel.everesttech.net/1x1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=15,max=100
Content-Length: 0

GET
H2 200 ua-sdk.min.js Show response
web-sdk.urbanairship.com/notify/v1/ 78 KB
17 KB 77ms
25ms Script
application/javascript 35.227.208.151
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://web-sdk.urbanairship.com/notify/v1/ua-sdk.min.js
Requested by: Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/js/components/urban-airship-29ae327ed0-rev.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 35.227.208.151 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 151.208.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e59c8c655db8c097ed0067789aeb44ed58f25f8c68a5772bbb3f1fdc18e5e336

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:36:01 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1556302399
age: 168
x-guploader-uploadid: AEnB2Uoc9-SFojteFRvJxO-cXVZm4VCFNTX5yf5pK9a_3Je6G5mCE6bULi4kvFoG8IFD042kJwvuyGC2LEuNTRq9bvyDMnkqrQ
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 16960
last-modified: Fri, 26 Apr 2019 18:13:21 GMT
server: UploadServer
etag: "251defdc0ecc8a3bad8ae4cf9aab1923"
vary: Accept-Encoding
x-goog-hash: crc32c=A7yEjg==, md5=JR3v3A7MijutiuTPmqsZIw==
x-goog-generation: 1556302401249893
cache-control: public, max-age=300
x-goog-stored-content-length: 16960
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 17 Sep 2019 18:41:01 GMT

GET
H2 200 show-hide-1.0-7dc26ff326-rev.js Show response
zdnet3.cbsistatic.com/fly/js/components/ 2 KB
842 B 6ms
6ms Script
application/javascript 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet3.cbsistatic.com/fly/js/components/show-hide-1.0-7dc26ff326-rev.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1805-fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

f92514f4e39c16da9037f964148a09a79419744b77d611860ffc81c86aeace0a

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 462664
status: 200
vary: Accept-Encoding
content-length: 710
x-xss-protection: 1; mode=block
last-modified: Wed, 11 Sep 2019 18:17:57 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5d793a55-7a5"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Sep 2019 10:07:44 GMT

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 94ms
39ms Script
application/x-javascript 2.19.43.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/cbsinteractive-zdnet/loader.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.43.224 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-19-43-224.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 18:38:49 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 901
Expires: Wed, 18 Sep 2019 18:38:49 GMT

GET
H2 200 load.js Show response
widget.perfectmarket.com/cbsinteractive-zdnet/ 13 KB
5 KB 271ms
188ms Script
binary/octet-stream 151.101.13.181
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/cbsinteractive-zdnet/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/cbsinteractive-zdnet/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.181 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1d1eab2e9d5b36e1297db68599d3e9c3df71869a0863fb261972b93e919d7af1

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: rwr9L97XovW8QPypI62jHvd7E2HiNZm2
content-encoding: gzip
etag: "fc0de48a0976cde02ddee0bd49a81832"
age: 292
x-cache: HIT, HIT
status: 200
content-length: 4742
x-amz-id-2: yrT/u9Rv6PktLWJG8mTKM8SDKOdGK7Nt6385N2MlaVIkQyZbpbyDvzQSaL/jT+h2dF8WPMkVNrQ=
x-served-by: cache-lax8644-LAX, cache-fra19150-FRA
last-modified: Thu, 20 Oct 2016 17:48:07 GMT
server: AmazonS3
x-timer: S1568745529.079590,VS0,VE150
date: Tue, 17 Sep 2019 18:38:49 GMT
vary: Accept-Encoding,,
x-amz-request-id: BF8556B9B88B5C74
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
content-type: binary/octet-stream
x-cache-hits: 1, 1

GET
H2 200 impl.20190911-24-RELEASE.js Show response
cdn.taboola.com/libtrc/ 393 KB
111 KB 38ms
38ms Script
application/javascript 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20190911-24-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/cbsinteractive-zdnet/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 079c6baf748d3b543bd11d58558f93c92619dfc023b34b66a1c3648a4f01feee

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: Blzyav7I7Fqr90naydKIw6WeS8AJ8pk2
content-encoding: gzip
etag: "46435c29fa55e5bb182a8089f8899af1"
age: 95
x-cache: HIT
status: 200
x-amz-replication-status: COMPLETED
content-length: 113770
x-amz-id-2: TpwWJhvTI2hPC4MqvfN6kcPHT+HJbADzqUA74zo+2QRKfb2VA14qMvLQnsDazZSdOLTYf5jCbYo=
x-served-by: cache-hhn4021-HHN
last-modified: Wed, 11 Sep 2019 13:41:59 GMT
server: AmazonS3
x-timer: S1568745529.030690,VS0,VE0
date: Tue, 17 Sep 2019 18:38:49 GMT
vary: Accept-Encoding
x-amz-request-id: F64D595A7D85A57A
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 2
x-cache-hits: 717

GET
H2 200 309391486091569 Show response
connect.facebook.net/signals/config/ 307 KB
78 KB 9ms
9ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/309391486091569?v=2.9.4&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

d44c1c3b519cd0b390eb41352d8f3e522e4ed7eac8bc5cf475638985a9c4af16

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-length: 79752
x-xss-protection: 0
pragma: public
x-fb-debug: w0JHtuftqvcGyOztlWqv4jLd2hF8AVy2u56LtnflkvEo4yLFypRT2WMqAR4ZqgILdMKN4dH2Fye4Iow0il9l/w==
x-fb-trip-id: 420120009
x-frame-options: DENY
date: Tue, 17 Sep 2019 18:38:49 GMT
vary: Origin, Accept-Encoding
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-user-list/1036174608/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1036174608/?label=pXjaCJ6m6gcQkIqL7gM&guid=ON&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1036174608/?label=pXjaCJ6m6gcQkIqL7gM&guid=ON&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=OSiBXbXoBInx-g...
https://www.google.com/pagead/1p-user-list/1036174608/?label=pXjaCJ6m6gcQkIqL7gM&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1679592691&crd=&is_vtc=1&random=3985939130
https://www.google.de/pagead/1p-user-list/1036174608/?label=pXjaCJ6m6gcQkIqL7gM&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1679592691&crd=&is_vtc=1&random=3985939130&ipr=y

42 B
110 B

35ms
35ms

Image
image/gif

2a00:1450:4001:81c::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1036174608/?label=pXjaCJ6m6gcQkIqL7gM&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1679592691&crd=&is_vtc=1&random=3985939130&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Sep 2019 18:38:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 17 Sep 2019 18:38:49 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/1036174608/?label=pXjaCJ6m6gcQkIqL7gM&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1679592691&crd=&is_vtc=1&random=3985939130&ipr=y
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pixel
ad.yieldmanager.com/ 0
341 B 432ms
36ms Image
text/plain 217.12.15.83
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldmanager.com/pixel?id=2447099&t=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

217.12.15.83 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

mpr1.ngd.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 18:38:49 GMT
X-Content-Type-Options: nosniff
Server: ATS
Age: 0
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK s
pixel.everesttech.net/4083/ 128 B
702 B 112ms
50ms Image
image/png 66.117.28.68
Adobe Systems Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/4083/s?s=12969
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 66.117.28.68 , United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),
Reverse DNS
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 18:38:49 GMT
Last-Modified: Wed, 19 Oct 2016 22:11:25 GMT
Server: Apache
ETag: "9c38d7-80-53f3f17013d40"
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=15, max=997313
Content-Length: 128

GET
H/1.1 200
OK count.js Show response
zdnet-1.disqus.com/ 1 KB
1 KB 1156ms
1078ms Script
application/javascript 151.101.112.134
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet-1.disqus.com/count.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1805-fly/js/libs/require-2.1.2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 18:38:50 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 785079
P3P: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 04 Sep 2019 20:05:34 GMT
Server: nginx
ETag: "5d70190e-367"
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=300
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect

POST
H/1.1 204
No Content /
686eb704.akstat.io/ 0
354 B 289ms
214ms Other
image/gif 104.108.48.32
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://686eb704.akstat.io/

Requested by

Host: c.go-mpulse.net
URL: https://c.go-mpulse.net/boomerang/YZ2TK-PC7PJ-K64DL-L53CR-P2G4E

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.108.48.32 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-108-48-32.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:49 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.zdnet.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-XSS-Protection: 0
Expires: Tue, 17 Sep 2019 18:38:49 GMT

GET
H2 200 bcn
www.summerhamster.com/ 43 B
181 B 109ms
35ms Image
image/gif 52.29.17.61
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.summerhamster.com/bcn?fe=1568745529030&y=2.0.1105&elg=457272819&flg=68&x=zzz.cgqhw.frp%2Fduwlfoh%2Fhprwhw-wrgdbv-prvw-gdqjhurxv-erwqhw-frphv-edfn-wr-olih%2F&vqwo=1&deo=0&g0=vg%3A%3Aer%2Cxd%3A%3Aqexd%3A%3Aqsu%7Cvg%3A%3Ask%3A%3Aqsk%3A%3Aqsu%7Cgisl%3A%3Alp%2Clqi%2Cqh%3A%3Aqoe%3A%3Aqsu%3A%3Axuo%3D%2F%2Fdg.grxeohfolfn.qhw%2Fggp%2Fdg%2Fofduhjbk%2Fuynclqwq%2F%3Brug%3D1568745526920%3F%7Cjdg%3A%3Aho%2Ckl%2Cklg%2Clqi%3A%3Aqhk%3A%3Aqsu%3A%3Avho%3D.sodlqDg%7Cjdg%3A%3Aho%2Ckl%2Cklg%2Clqi%3A%3Aqhk%3A%3Aqsu%3A%3Avho%3D.sodlqDg%7Cddg%2Cjdg%3A%3Aho%2Ckl%2Cklg%2Clqi%3A%3Aqhk%3A%3Aqsu%3A%3Avho%3D.des_re_halvw%7Cdg%3A%3Adu%2Cklg%2Cvv%3A%3Aqvvs%3A%3Aqsu%7Cdg%3A%3Adu%2Cklg%2Cvv%3A%3Aqvvs%3A%3Aqsu%7Cdg%3A%3Adu%2Cklg%2Cvv%3A%3Aqvvs%3A%3Aqsu%7Cdg%3A%3Adu%2Cklg%2Cvv%3A%3Aqvvs%3A%3Aqsu%7Cdg%3A%3Adu%2Cklg%2Cvv%3A%3Aqvvs%3A%3Aqsu%7Csu%3A%3Aid%3A%3Aquiv%3A%3Aqsu&hu=0&g2=0%3A%3A0%3A%3A0%3A%3A0%3A%3A0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.17.61 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-29-17-61.eu-central-1.compute.amazonaws.com
Software: Jetty(9.2.10.v20150310) /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Tue, 17 Sep 2019 18:38:49 GMT
server: Jetty(9.2.10.v20150310)
access-control-allow-origin: *
content-length: 43
access-control-allow-methods: *
content-type: image/gif

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 128 KB
18 KB 574ms
573ms XHR
text/plain 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2111847478602229&correlator=2048399888195161&output=ldjh&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&json_a=1&eid=21061863%2C21062414%2C21062452%2C21062833%2C21063817%2C21064365%2C21064103&vrg=2019090901&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20190917&iu_parts=8264%2Cuk-zdnet%2Csecurity&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=7x7%7C5x5%2C1x1%2C728x90%7C970x66%7C970x250%2C300x250%7C300x600%7C300x1050%2C320x50%7C11x11%2C300x250%2C300x250%2C641x321%2C728x90%7C970x66%7C970x250%2C371x771&fluid=0%2C0%2C0%2C0%2Cheight%2C0%2C0%2C0%2C0%2C0&ists=256&prev_scp=pos%3Dnav%7C%7Cpos%3Dtop%7Cpos%3Dtop%7Cpos%3Dtop%26strnativekey%3D8ec3a4f3%7Cpos%3Dmiddle%7Cpos%3Dbottom%7Cpos%3Dtop%7Cpos%3Dbottom%7Cpos%3Dtop&eri=1&cust_params=buyingcycle%3Ddiscover%26topic%3Dsecurity%26tag%3Dmalware%252Cransomware%252Ctarget%252Cgovernment-it%26pid%3Dintel%26device%3Ddesktop%26ptype%3Darticle%26cid%3Demotet-todays-most-dangerous-botnet-comes-back-to-life%26env%3Dprod%26firstpg%3D1%26vguid%3D2deadd63-948e-47d6-8788-a047a60ccf51%26session%3Da%26subses%3D1&cookie_enabled=1&bc=31&abxe=1&lmt=1568740872&dt=1568745529055&dlt=1568745526505&idt=687&frm=20&biw=1585&bih=1200&oid=3&adxs=-12245933%2C0%2C-12245933%2C-12245933%2C208%2C-12245933%2C-12245933%2C-12245933%2C-12245933%2C-12245933&adys=-12245933%2C87%2C-12245933%2C-12245933%2C2545%2C-12245933%2C-12245933%2C-12245933%2C-12245933%2C-12245933&adks=4276501510%2C822115416%2C3751347389%2C3131194116%2C296989023%2C3599506208%2C927650050%2C3899376150%2C2606052410%2C3396709396&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life%2F&dssz=110&icsg=0&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1585x7032%7C1585x0%7C1585x0%7C370x0%7C770x11%7C370x0%7C370x250%7C770x5964%7C1210x0%7C370x0&msz=7x7%7C1585x0%7C688x105%7C300x280%7C770x11%7C300x280%7C300x280%7C641x361%7C728x130%7C371x771&ga_vid=763896522.1568745529&ga_sid=1568745529&ga_hid=673264488&fws=132%2C4%2C132%2C132%2C4%2C132%2C132%2C132%2C132%2C132&ohw=1585%2C1585%2C1585%2C1585%2C1585%2C1585%2C1585%2C1585%2C1585%2C1585

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

35ba36539167cac0659019944e599d6de81634ba0673eff4ada655fe31dfa9be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 17589
x-xss-protection: 0
google-lineitem-id: 4745699004,-2,5160351794,5050415262,5050413510,5050545514,241984809,4745327422,5050543438,4825966980
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138245072116,-2,138285768966,138287922418,138273985938,138287513757,75375443409,138239368367,138287513862,138247024569
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.zdnet.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019090901.js Show response
securepubads.g.doubleclick.net/gpt/ 62 KB
24 KB 67ms
67ms Script
text/javascript 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019090901.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019090901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

f92613e18f86a27550aa6d749c835105da1adcb8144563d352341a871cf7e8ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 09 Sep 2019 13:07:13 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 24115
x-xss-protection: 0
expires: Tue, 17 Sep 2019 18:38:49 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ 0
0 6ms
5ms Other
text/html 2a00:1450:4001:825::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019090901.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ 0
337 B 126ms
55ms XHR
text/plain 2.18.234.21
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=182823&u=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life%2F&v=3
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:49 GMT
Server: Apache
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.zdnet.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Tue, 17 Sep 2019 18:38:49 GMT

GET
H2 200 inferredEvents.js Show response
connect.facebook.net/signals/plugins/ 35 KB
10 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.9.4

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

b4e9e9bef19c34422f55a7fdb9d10c4db5e39cff24b8c98a0be0e09b2ee6ac2b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-length: 10218
x-xss-protection: 0
pragma: public
x-fb-debug: R2sYuo4Ll/lTZcallv9jXRt6PBMEtOprxx17km2cPyyFEhOkv3q0wjHoYyP0eTmeMeFZqEnvpAfhQpxPOLnTtA==
x-fb-trip-id: 420120009
x-frame-options: DENY
date: Tue, 17 Sep 2019 18:38:49 GMT
vary: Origin, Accept-Encoding
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1568745529139&ns_c=UTF-8&cv=3.1&c8=Emotet%2C%20today%27s%20most%20dangerous%20botnet%2C%20comes%20back%20to%20life%20%7C%20Z...
https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1568745529139&ns_c=UTF-8&cv=3.1&c8=Emotet%2C%20today%27s%20most%20dangerous%20botnet%2C%20comes%20back%20to%20life%20%7C%20...

0
248 B

39ms
39ms

Image
text/plain

2.19.43.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1568745529139&ns_c=UTF-8&cv=3.1&c8=Emotet%2C%20today%27s%20most%20dangerous%20botnet%2C%20comes%20back%20to%20life%20%7C%20ZDNet&c7=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life%2F&c9=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.43.224 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-19-43-224.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:49 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1568745529139&ns_c=UTF-8&cv=3.1&c8=Emotet%2C%20today%27s%20most%20dangerous%20botnet%2C%20comes%20back%20to%20life%20%7C%20ZDNet&c7=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life%2F&c9=
Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:49 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vglnk.js Show response
cdn.viglink.com/api/ 78 KB
27 KB 33ms
32ms Script
text/javascript 2606:4700::6810:a10d
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viglink.com/api/vglnk.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:a10d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1e3d2c14e73d02c96b42ade56dfbb0535e4cf0537161c2b5bce2e149a09384b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:49 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 84198
cf-ray: 517d330588bdcbcc-VIE
status: 200
content-length: 27719
x-amz-id-2: HNEV4caKoOdziBrXGZIDp4CzG6boiBMb4TLu65nU6otYm4+p2OQwr1vWix1CX0FBodMy916W6w4=
last-modified: Mon, 16 Sep 2019 19:15:01 GMT
server: cloudflare
etag: "1545d811432c0074356408ee8f6c1e23"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: FB54A2C70C0BB866
cache-control: public, max-age=1800
accept-ranges: bytes
content-type: text/javascript
expires: Tue, 17 Sep 2019 19:08:49 GMT

GET
H/1.1 200
OK 0.5000425901231672
saa.cbsi.com/b/ss/cbsib2bleadgen/1/G.4--NS/ 43 B
520 B 101ms
101ms Image
image/gif 52.0.145.219
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saa.cbsi.com/b/ss/cbsib2bleadgen/1/G.4--NS/0.5000425901231672?AQB=1&ce=UTF%2D8&events=event66&v0=ftag_cd:LGN22ef1e6&v2=en&v3=desktop&v4=right-rail&v5=zdnet&v10=article&v20=emotet%2C+today%27s+most+dangerous+botnet%2C+comes+back+to+life&v22=content_article&v23=&v24=2deadd63-948e-47d6-8788-a047a60ccf51&v30=4f29584f-9b66-438c-b15b-0640eecb2c31&v60=33167553,33165221,33167546&v64=2150&v69=&c0=D%3Dv0&c2=D%3Dv2&c3=D%3Dv3&c4=D%3Dv4&c5=D%3Dv5&c10=D%3Dv10&c20=D%3Dv20&c22=D%3Dv22&c23=D%3Dv23&c24=D%3Dv24&c30=D%3Dv30&c60=D%3Dv60&c64=D%3Dv64&c69=D%3Dv69&pe=lnk_o&pev2=medusa_impression&vid=201909172-leadgen-zdnet&mid=90240133173074011141898988208131324462&aid=2D535D450507F28B-40000106A0001145&AQE=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.145.219 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-0-145-219.compute-1.amazonaws.com
Software: Omniture DC /
Resource Hash: a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:49 GMT
Last-Modified: Wed, 18 Sep 2019 18:38:49 GMT
Server: Omniture DC
xserver: www388
ETag: "3368855371487412224-5658044851619509452"
Vary: *
X-C: ms-6.9.1
P3P: CP="This is not a P3P policy"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, no-transform, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 16 Sep 2019 18:38:49 GMT

GET
H/1.1 200
OK e.gif
dw.cbsi.com/levt/ria/ 43 B
369 B 448ms
148ms Image
image/gif 64.30.230.22
CBS Interactive Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dw.cbsi.com/levt/ria/e.gif?rsid=cnetzdnetglobalsite&sid=2&siteid=2&pagetype=article&assetguid=4f29584f-9b66-438c-b15b-0640eecb2c31&assettitle=emotet%2C%20today%27s%20most%20dangerous%20botnet%2C%20comes%20back%20to%20life&assettype=content_article&pubdate=2019-09-16%2011%3A51%3A00&viewguid=2deadd63-948e-47d6-8788-a047a60ccf51&devicetype=desktop&sitetype=responsive%20web&author=catalin%20cimpanu&authorid=85fd8691-f525-4ea2-a601-af296f629f7f&topicguid=113c25b6-ec91-11e3-95d2-02911863765e&topic=security&topicbrcrm=security&s8=cnetzdnetglobalsite&v23=cnetzdnetglobalsite&v19=article&v17=113c25b6-ec91-11e3-95d2-02911863765e&v20=4f29584f-9b66-438c-b15b-0640eecb2c31&v16=2deadd63-948e-47d6-8788-a047a60ccf51&riaevent=impression&comptyp=spot&mapp=medusa_app&objtyp=medusa&eventt=log&v18=security&comp=ucwc&ts=1568745529178&tcset=utf8&im=dsjs&title=Emotet%2C%20today%27s%20most%20dangerous%20botnet%2C%20comes%20back%20to%20life%20%7C%20ZDNet&srcurl=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.30.230.22 Fremont, United States, ASN6623 (CBSI-1 - CBS Interactive Inc., US),
Reverse DNS: phx2-dw-cbsi-xw-ext-lb.cnet.com
Software: Apache/2.4.25 /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:49 GMT
Server: Apache/2.4.25
Vary: *
Content-Type: image/gif
Cache-Control: no-cache, must-revalidate, no-transform
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=80, max=186
Content-Length: 43
Expires: Fri, 23 Jan 1970 12:12:12 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
250 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=309391486091569&ev=PageView&dl=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life%2F&rl=&if=false&ts=1568745529194&sw=1600&sh=1200&v=2.9.4&r=stable&a=tmtealium&ec=0&o=30&fbp=fb.1.1568745529194.3951902&it=1568745528979&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:49 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Tue, 17 Sep 2019 18:38:49 GMT

POST
H/1.1 200
OK domains Show response
api.viglink.com/api/ 42 B
721 B 99ms
35ms XHR
text/javascript 52.49.176.73
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viglink.com/api/domains
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.176.73 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-49-176-73.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 3aab52a82204425f81066eabf48b5fd22accdea914250f6e6494c3024edbe0a9

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:48 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://www.zdnet.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 pmk-201618008.1.js Show response
widget.perfectmarket.com/cbsinteractive-zdnet/ 323 KB
89 KB 38ms
37ms Script
text/javascript 151.101.13.181
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/cbsinteractive-zdnet/pmk-201618008.1.js
Requested by: Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/cbsinteractive-zdnet/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.181 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4f72e8df44e82a8066b16ca8ab2d59f8f9ef21fa52c07d8554972f48b5105f13

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: bVoOWfmxkMrYwv2s6Uu9D96fE._5IBqu
content-encoding: gzip
etag: "da73fb2066df9f51d08b6688cfb35441"
age: 28449944
x-cache: HIT, HIT
status: 200
content-length: 91236
x-amz-id-2: T2A7wWXMDNgx2Z35EWhae8i8jDSVEo/Aqmbmta3HbEBKVMhwoZJKjGQuEf/CaAEiaINfKwR6uJs=
x-served-by: cache-lax8630-LAX, cache-fra19150-FRA
last-modified: Thu, 20 Oct 2016 17:47:53 GMT
server: AmazonS3
x-timer: S1568745529.275213,VS0,VE0
date: Tue, 17 Sep 2019 18:38:49 GMT
vary: Accept-Encoding,,
x-amz-request-id: 58FF20717A687DE4
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=31536000
accept-ranges: bytes
content-type: text/javascript
x-cache-hits: 386, 13

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 12ms
5ms Script
text/javascript 2a00:1450:4001:825::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/cbsinteractive-zdnet/pmk-201618008.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 6916
date: Tue, 17 Sep 2019 16:43:33 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 17803
expires: Tue, 17 Sep 2019 18:43:33 GMT

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 48ms
42ms Script
application/x-javascript 2.19.43.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/cbsinteractive-zdnet/pmk-201618008.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.43.224 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-19-43-224.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 18:38:49 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 901
Expires: Wed, 18 Sep 2019 18:38:49 GMT

GET
H2 404 tboptevent.html
widget.perfectmarket.com/opt/ Frame 7A90 0
0 40ms
40ms Document
text/plain 151.101.13.181
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/opt/tboptevent.html?v=2&a=u&d=%7B%22stp%22%3A%7B%22a%22%3A1%7D%7D
Requested by: Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/cbsinteractive-zdnet/pmk-201618008.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.181 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

:method: GET
:authority: widget.perfectmarket.com
:scheme: https
:path: /opt/tboptevent.html?v=2&a=u&d=%7B%22stp%22%3A%7B%22a%22%3A1%7D%7D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Response headers

status: 404
server: Varnish
retry-after: 0
accept-ranges: bytes
date: Tue, 17 Sep 2019 18:38:49 GMT
via: 1.1 varnish
x-served-by: cache-fra19150-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1568745529.409342,VS0,VE0
content-length: 0

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
111 B 15ms
13ms Image
image/gif 2a00:1450:4001:825::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=673264488&t=pageview&_s=1&dl=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life&ul=en-us&de=UTF-8&dt=Emotet%2C%20today%27s%20most%20dangerous%20botnet%2C%20comes%20back%20to%20life%20%7C%20ZDNet&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YAhAAEAB~&jid=1286110097&gjid=1744757496&cid=763896522.1568745529&tid=UA-33613588-22&_gid=1575561142.1568745529&_r=1&cd2=other&z=1716507641

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Sep 2019 18:38:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 tboptevent.html
widget.perfectmarket.com/opt/ Frame 8805 0
0 40ms
39ms Document
text/plain 151.101.13.181
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/opt/tboptevent.html?v=2&a=u&d=%7B%22stp%22%3A%7B%22v%22%3A1%7D%7D
Requested by: Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/cbsinteractive-zdnet/pmk-201618008.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.181 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

:method: GET
:authority: widget.perfectmarket.com
:scheme: https
:path: /opt/tboptevent.html?v=2&a=u&d=%7B%22stp%22%3A%7B%22v%22%3A1%7D%7D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Response headers

status: 404
server: Varnish
retry-after: 0
accept-ranges: bytes
date: Tue, 17 Sep 2019 18:38:49 GMT
via: 1.1 varnish
x-served-by: cache-fra19150-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1568745530.651220,VS0,VE0
content-length: 0

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame 7C2D 0
147 B 48ms
47ms Fetch
image/gif 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv8C0GhRsYA899gnY5FgXAejPernj4TR3gII15sKZsj2M6yx8CPGBb9clu7Kh5MORrU0L_g6TcyRb66HazCGGkgmwBYheest_EbpOLH7Ebf66QpVh-LkbMGW6EKGGRjSaRoYHPBoLLX6qrfmIkdsV4wWseuO4IlLW6yW8bUIic0aH3G2cP6yNfY_2QuXlSwi8Qi3ZIX4Ko54eDirugerdNqMPps9BMawTj9kXnjZVARZozFiJs_8osEjqX1OrFcaQUY6EWG2Bx7&sai=AMfl-YQt43LQ0M-2fM5o0vGMmU8M5NaXS1ffejBhzoQppf0iiMYPqdqu5T7iP7QxnPfohdn5c5zQZ32pIi9OGNgBayO5ZlA_vTLh1ViO-cwWRA&sig=Cg0ArKJSzEgkoC1tT1q6EAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Sep 2019 18:38:49 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0
expires: Tue, 17 Sep 2019 18:38:49 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7C2D 78 KB
29 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

bc75cfa9ea1dd6b85931d3637e76b4774ac0c77f55deef27243a7725f51df67f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568632677987726"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 29651
x-xss-protection: 0
expires: Tue, 17 Sep 2019 18:38:49 GMT

GET
H/1.1 200
OK moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame 7C2D 307 KB
103 KB 137ms
57ms Script
application/x-javascript 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019090901.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2b53e383b81263b9e529c236116454190c04d520031d5f4abaf5e4df40805cd5

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 18:38:49 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Aug 2019 14:24:12 GMT
Server: AmazonS3
x-amz-request-id: E0666504BD3BC5C0
ETag: "25556c1ffa69be6c7e1c3ae5e4fe3fb0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=41067
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 104539
x-amz-id-2: j3ST4nTUJtVQdALFxWJWN0r+yyWNfia0N3yoOrhXmvF4Gyo7xeTirTrgbpU0lvcAFtKUw3P1Azs=

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 77 KB
29 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019090901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

31689f8d6eb1b3893de316c482b745b5fc7f0ee5408f7e86ec0e20c320e6b1c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568632677987726"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 29135
x-xss-protection: 0
expires: Tue, 17 Sep 2019 18:38:49 GMT

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame 7C42 0
129 B 46ms
45ms Fetch
image/gif 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstG-NRFSt35kajWgzsW0wbMFYkA12h3wSTECArxrufm1OKWpJRY7kHeAcqq0o9dp-XNeRkM8BlmmCEjcb8zi8uqZqwB4sdfdCD3Q4G-juOENPwkIgnZ6-vYzf-bwr46rWHgbJeow4iAwSNTxZdp0P7EzVnEsF5tYgEzPDlw_hIjtxS1MCoz41ER7jpu-cbpU9gWsllxLH6xtyv8F5LeNL5Ox2ZavjZopsoHd-bd3yAviQgOvg6ZIKJVUYyNafg3hqWh5Mk4O9N7Tw&sai=AMfl-YR2FNPQF2iTuXIgaC3b6c7p6xX4tkf4x6zwy1Nh7sMuxUMquMgHDKF9dL4vAUFmPQmnXIDJxdGsPUNPhI1S5YZCWApFTnU5kop4HxqDUw&sig=Cg0ArKJSzHu2fiGXjR8jEAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Sep 2019 18:38:49 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0
expires: Tue, 17 Sep 2019 18:38:49 GMT

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 7C42 4 KB
2 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

4cbbded69e58ffd516843ca83e654d18df040daa36e54f40daf4b756f52e853b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:06:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Sep 2019 16:06:32 GMT
server: sffe
age: 1915
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 2037
x-xss-protection: 0
expires: Tue, 17 Sep 2019 19:06:54 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7C42 78 KB
29 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

bc75cfa9ea1dd6b85931d3637e76b4774ac0c77f55deef27243a7725f51df67f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568632677987726"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 29651
x-xss-protection: 0
expires: Tue, 17 Sep 2019 18:38:49 GMT

GET
H/1.1 200
OK moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame 7C42 307 KB
103 KB 127ms
56ms Script
application/x-javascript 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019090901.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2b53e383b81263b9e529c236116454190c04d520031d5f4abaf5e4df40805cd5

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 18:38:49 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Aug 2019 14:24:12 GMT
Server: AmazonS3
x-amz-request-id: E0666504BD3BC5C0
ETag: "25556c1ffa69be6c7e1c3ae5e4fe3fb0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=41067
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 104539
x-amz-id-2: j3ST4nTUJtVQdALFxWJWN0r+yyWNfia0N3yoOrhXmvF4Gyo7xeTirTrgbpU0lvcAFtKUw3P1Azs=

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame CB9D 0
129 B 48ms
46ms Fetch
image/gif 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstDZD80O4i5FzrLe3mPRDsGWge14HaPc5EPVjW76x6E0wvYBERguUwPJWb1aNOfmBmjduLuyFB73w3pExaAmMJnH9befEuvUYF059g9xjuleOB8uiyjLsJk1QFd3qRdeRdtwFr5Udaj1Md-6qcKfr0mNs9vvXvGLN9lzbtUkagvx0dwbb5H3DRUZlmnqLOnCmmSJLmjpmXkG2irv0vZvQiON7gmjWuFZSvV5lgFul4SqINaB4ePomZfP0mSwYmgVS_ClySo&sai=AMfl-YQBYPCEhWBh-_i5SIdgDq2X7v_vSGN-KpGtCd1vK-9vRt2BbBqVSRiol_dLZWmQs5bo-2Zhuw5d5aUzOoBCXMcX8y3vOIqIlAQ6lUvCzQ&sig=Cg0ArKJSzPgrc2_9mxg1EAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Sep 2019 18:38:49 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0
expires: Tue, 17 Sep 2019 18:38:49 GMT

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame CB9D 4 KB
2 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

4cbbded69e58ffd516843ca83e654d18df040daa36e54f40daf4b756f52e853b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:06:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Sep 2019 16:06:32 GMT
server: sffe
age: 1915
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 2037
x-xss-protection: 0
expires: Tue, 17 Sep 2019 19:06:54 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame CB9D 78 KB
29 KB 58ms
56ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

bc75cfa9ea1dd6b85931d3637e76b4774ac0c77f55deef27243a7725f51df67f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568632677987726"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 29651
x-xss-protection: 0
expires: Tue, 17 Sep 2019 18:38:49 GMT

GET
H/1.1 200
OK moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame CB9D 307 KB
103 KB 159ms
90ms Script
application/x-javascript 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019090901.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2b53e383b81263b9e529c236116454190c04d520031d5f4abaf5e4df40805cd5

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 18:38:49 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Aug 2019 14:24:12 GMT
Server: AmazonS3
x-amz-request-id: E0666504BD3BC5C0
ETag: "25556c1ffa69be6c7e1c3ae5e4fe3fb0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=41067
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 104539
x-amz-id-2: j3ST4nTUJtVQdALFxWJWN0r+yyWNfia0N3yoOrhXmvF4Gyo7xeTirTrgbpU0lvcAFtKUw3P1Azs=

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame 79B3 0
129 B 48ms
47ms Fetch
image/gif 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsusy035csjQyhakk-z7ZZ6D7oGanaIW38LtZCgJZv2xYHIbMqU6vps_-fub74Y9HusBrkha1mZ2owbbVY32balO1rNTYm2qvX3gWiodIKBqc-re2ZqElAUAZOaqnzZTPqXbSVLqGE4Di1L9EUaxr_udpB1Fb3Rsxdl6NOATYGVcgrrPWMFBbuiGm4kPeE4HFImi5sJW2lCd6TMDxlZFY09GjxN-6Rou4sHoAISMnNQ-s3KG5TFaPA5tuU64oenaHf-dIKgIP7oW3g&sai=AMfl-YSsbcT8PlGaUJ2DPcTbNmKlJ-wksw3RVI4oAirY9iWwPaI6HU4si9jDw9t6bHlsolhfUR5Yx22eJpeAV0L6G40ycA6E9LYnRq6VvbHzKg&sig=Cg0ArKJSzKE95Ana0_7tEAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Sep 2019 18:38:49 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0
expires: Tue, 17 Sep 2019 18:38:49 GMT

GET
H2

200

B22814289.249203913;dc_pre=CNexq8DA2OQCFRAs4AodTXAK6A;dc_trk_aid=445387738;dc_trk_cid=117597040;ord=1449627822;dc_lat=;dc_rdid=;tag_for_child_directed_treatment= Show response
ad.doubleclick.net/ddm/trackimp/N6580.148013.CNET/ Frame 79B3
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N6580.148013.CNET/B22814289.249203913;dc_trk_aid=445387738;dc_trk_cid=117597040;ord=1449627822;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=?
https://ad.doubleclick.net/ddm/trackimp/N6580.148013.CNET/B22814289.249203913;dc_pre=CNexq8DA2OQCFRAs4AodTXAK6A;dc_trk_aid=445387738;dc_trk_cid=117597040;ord=1449627822;dc_lat=;dc_rdid=;tag_for_chi...

43 B
110 B

59ms
58ms

Fetch
image/gif

172.217.21.198
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimp/N6580.148013.CNET/B22814289.249203913;dc_pre=CNexq8DA2OQCFRAs4AodTXAK6A;dc_trk_aid=445387738;dc_trk_cid=117597040;ord=1449627822;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=?

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.198 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s12-in-f198.1e100.net

Software

cafe /

Resource Hash

9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Sep 2019 18:38:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 43
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 17 Sep 2019 18:38:49 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N6580.148013.CNET/B22814289.249203913;dc_pre=CNexq8DA2OQCFRAs4AodTXAK6A;dc_trk_aid=445387738;dc_trk_cid=117597040;ord=1449627822;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=?
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sfp-set-targeting.js Show response
native.sharethrough.com/assets/ Frame 79B3 24 KB
9 KB 51ms
50ms Script
application/javascript 143.204.214.33
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://native.sharethrough.com/assets/sfp-set-targeting.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.214.33 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-214-33.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1d5ebe5969a4fb31560e7b2bd4a84cdee7a536b08fbe18782d0ad8999a15f444

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 17:46:50 GMT
content-encoding: gzip
last-modified: Tue, 17 Sep 2019 16:07:46 GMT
server: AmazonS3
age: 3120
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=3600
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: wr-U4Se3SbmXBUzSTQyLwIP0PXKxYxkfX4DRjHJ7VlS7YcgAyQU2Fg==
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 79B3 78 KB
29 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

bc75cfa9ea1dd6b85931d3637e76b4774ac0c77f55deef27243a7725f51df67f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568632677987726"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 29651
x-xss-protection: 0
expires: Tue, 17 Sep 2019 18:38:49 GMT

GET
H/1.1 200
OK moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame 79B3 307 KB
103 KB 128ms
58ms Script
application/x-javascript 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019090901.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2b53e383b81263b9e529c236116454190c04d520031d5f4abaf5e4df40805cd5

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 18:38:49 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Aug 2019 14:24:12 GMT
Server: AmazonS3
x-amz-request-id: E0666504BD3BC5C0
ETag: "25556c1ffa69be6c7e1c3ae5e4fe3fb0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=41067
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 104539
x-amz-id-2: j3ST4nTUJtVQdALFxWJWN0r+yyWNfia0N3yoOrhXmvF4Gyo7xeTirTrgbpU0lvcAFtKUw3P1Azs=

POST
H2 200 /
www.facebook.com/tr/ Frame BBFD 0
0 6ms
6ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: POST
:authority: www.facebook.com
:scheme: https
:path: /tr/
content-length: 4716
pragma: no-cache
cache-control: no-cache
origin: https://www.zdnet.com
upgrade-insecure-requests: 1
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
accept-encoding: gzip, deflate, br
cookie: fr=0ArfVJQOOoODE4fE2..BdgSg5...1.0.BdgSg5.
Origin: https://www.zdnet.com
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Response headers

status: 200
content-type: text/plain
access-control-allow-origin: https://www.zdnet.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 0
server: proxygen-bolt
date: Tue, 17 Sep 2019 18:38:49 GMT

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame BA75 0
57 B 46ms
45ms Fetch
image/gif 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssccvq-9Dihp5sAS7GwKJV0pos2HXNBKmYIDH0KXDvMvHKPL407Af5qx-znR1VOuR9lm0jsR8vDPXyRk5uYYWVNX36yjDSo9Ply1jTKfsQvLg2SeSlYj9nSLLkTfasuh_FV0VoX2N7rtHs3HzTcmNEk8x-cluEYPfwL0mSoK_BxVUSEd8CBITN7Qi_tcYBYqbNJ1IciwhTxg-m4Ta43APlFUjWGjMS9TbEXqoo9SpZ53zfuERi6gNrL9QBbtkv5J5X-OXau&sai=AMfl-YQN9JIOGnnE01oHKZgDzJO7UFrkzPNPBmgMQUQ8yrmdK11lH4-vtui-2Zc0NoLoMxwc-UhjhGsCohTdRQ4Cny0istw0320_4Gl_3AC7cw&sig=Cg0ArKJSzPFegb8ZzmJUEAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Sep 2019 18:38:49 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame BA75 4 KB
2 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

4cbbded69e58ffd516843ca83e654d18df040daa36e54f40daf4b756f52e853b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:06:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Sep 2019 16:06:32 GMT
server: sffe
age: 1915
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 2037
x-xss-protection: 0
expires: Tue, 17 Sep 2019 19:06:54 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame BA75 78 KB
29 KB 45ms
43ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

bc75cfa9ea1dd6b85931d3637e76b4774ac0c77f55deef27243a7725f51df67f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568632677987726"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 29651
x-xss-protection: 0
expires: Tue, 17 Sep 2019 18:38:49 GMT

GET
H/1.1 200
OK moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame BA75 307 KB
103 KB 129ms
58ms Script
application/x-javascript 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019090901.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2b53e383b81263b9e529c236116454190c04d520031d5f4abaf5e4df40805cd5

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 18:38:49 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Aug 2019 14:24:12 GMT
Server: AmazonS3
x-amz-request-id: E0666504BD3BC5C0
ETag: "25556c1ffa69be6c7e1c3ae5e4fe3fb0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=41067
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 104539
x-amz-id-2: j3ST4nTUJtVQdALFxWJWN0r+yyWNfia0N3yoOrhXmvF4Gyo7xeTirTrgbpU0lvcAFtKUw3P1Azs=

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame B1C4 0
57 B 47ms
45ms Fetch
image/gif 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuojs6KmAC-87kQD5Z2UZMNkx_CGXZiVOEcWk6ATOPj4b5DKU1oQfdgm06MVBS7Arg5H2Zb0n0f2wyF796YUXWEOOKP4YoxHyFYUfr4nHjY5kpEZmyYO7o3zfEv3HixiHqfntVoSv4ayKEgl1J6Scww4nSJw6EbjB26VTU2dYp6andtGOrvUGdzCUvfNGyp4vNRv2LoIgQzg699GT52W3sZjXEr6hZTVSElQRaQSW6zGv1G9T8WMpKoKcI5NNEpB0L7EP4&sai=AMfl-YTxNE56iXRADmnRR9CJehUtY1Bgym9wB08vzgq7-GrffgZtxldYdceoDzKoGqe7f7jYWyJE4G3D-DLPuWyY6Yo0sHliaZnO70Vk6QJIqg&sig=Cg0ArKJSzMOBXTiYiEGjEAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Sep 2019 18:38:49 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK 9818.js Show response
ads.rubiconproject.com/ad/ Frame B1C4 26 KB
8 KB 120ms
39ms Script
text/javascript 2.19.38.84
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/ad/9818.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.38.84 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-19-38-84.deploy.static.akamaitechnologies.com
Software: Apache / PHP/5.3.3
Resource Hash: d02197080b9680999381b5f5337fedd92674e5a1550ddfcc0c70612d3170a5e3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 18:38:49 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=8118
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 7558
Expires: Tue, 17 Sep 2019 20:54:07 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame B1C4 78 KB
29 KB 45ms
43ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

bc75cfa9ea1dd6b85931d3637e76b4774ac0c77f55deef27243a7725f51df67f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568632677987726"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 29651
x-xss-protection: 0
expires: Tue, 17 Sep 2019 18:38:49 GMT

GET
H/1.1 200
OK moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame B1C4 307 KB
103 KB 165ms
92ms Script
application/x-javascript 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019090901.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2b53e383b81263b9e529c236116454190c04d520031d5f4abaf5e4df40805cd5

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 18:38:49 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Aug 2019 14:24:12 GMT
Server: AmazonS3
x-amz-request-id: E0666504BD3BC5C0
ETag: "25556c1ffa69be6c7e1c3ae5e4fe3fb0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=41067
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 104539
x-amz-id-2: j3ST4nTUJtVQdALFxWJWN0r+yyWNfia0N3yoOrhXmvF4Gyo7xeTirTrgbpU0lvcAFtKUw3P1Azs=

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame 9F68 0
48 B 47ms
45ms Fetch
image/gif 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst7fdBdyDyRoYgXkUopHI-HSHMFbE40_SwpAE8DmWkCV_70Z_0uleWih-27DJpPpYunzDs0ogC_ZJJHCOTG5HjDH8o70zgyKVCdOOTaXxKJ1YFWPAMtPN1PTpV2ogORYGY-UVIrMn6JMd6hjY836nCIUl4WlRa20_f7VcXVwmOdlvZ387Z3jG7C2IcABSk9TMQT_qdq127Adut4L7u98RkY9-4tONinahzgGt97RcktJItIJLq37aijtyARHcNZlo86qsw7sAIQ&sai=AMfl-YRQ8r-xlMcKGj83pMzv320ZwK9D2nYS3685OIpl8D9sv4psIh4ubftHJSUp2RYkeDqX3Tih1VznuLLObS5l8Tv2Ix8ja3MheuAn_Pe-zA&sig=Cg0ArKJSzBd-lkIJXtT6EAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Sep 2019 18:38:49 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9F68 78 KB
29 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

bc75cfa9ea1dd6b85931d3637e76b4774ac0c77f55deef27243a7725f51df67f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568632677987726"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 29651
x-xss-protection: 0
expires: Tue, 17 Sep 2019 18:38:49 GMT

GET
H/1.1 200
OK moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame 9F68 307 KB
103 KB 143ms
40ms Script
application/x-javascript 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019090901.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2b53e383b81263b9e529c236116454190c04d520031d5f4abaf5e4df40805cd5

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 18:38:49 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Aug 2019 14:24:12 GMT
Server: AmazonS3
x-amz-request-id: E0666504BD3BC5C0
ETag: "25556c1ffa69be6c7e1c3ae5e4fe3fb0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=41067
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 104539
x-amz-id-2: j3ST4nTUJtVQdALFxWJWN0r+yyWNfia0N3yoOrhXmvF4Gyo7xeTirTrgbpU0lvcAFtKUw3P1Azs=

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame 5EA1 0
57 B 46ms
45ms Fetch
image/gif 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuWoM7nQNFX5Ior8rk6b8mmWqPHDPn_jXoV3kIRK3K7b4w9NXY-QEitj5_vbX7wI_EK49NIatXlA-CX7LQdI-Xv7NplzgYk_ZCcctX5DkDAT2mxnx_yP9IBJsI44RUA6BvDLOvaZ2KE89xUuk3tgV7xf6u8JhahHJhgg2WsOVbB30drUMa_XwGwFNDibHD6yRLHfPnPqC91qLR_LGcRHW6ZQC31CcEQpViNS0DHtXOs9kSAExRR3QY8EbOZZORFX8PjtYnf&sai=AMfl-YSCyTCsX0s7nTTVmW28w7GCJ21pCCiDwRYHhpyR9EubqegYZZkawlygRivCSmKvMBu3rDd43o7H0HjBeJG6Mwi2gzppDrHBgZCGSlfejA&sig=Cg0ArKJSzBzR6CMDaNP3EAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Sep 2019 18:38:49 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 5EA1 4 KB
2 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

4cbbded69e58ffd516843ca83e654d18df040daa36e54f40daf4b756f52e853b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:06:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Sep 2019 16:06:32 GMT
server: sffe
age: 1915
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 2037
x-xss-protection: 0
expires: Tue, 17 Sep 2019 19:06:54 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5EA1 78 KB
29 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

bc75cfa9ea1dd6b85931d3637e76b4774ac0c77f55deef27243a7725f51df67f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568632677987726"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 29651
x-xss-protection: 0
expires: Tue, 17 Sep 2019 18:38:49 GMT

GET
H/1.1 200
OK moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame 5EA1 307 KB
103 KB 138ms
39ms Script
application/x-javascript 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019090901.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2b53e383b81263b9e529c236116454190c04d520031d5f4abaf5e4df40805cd5

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 18:38:49 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Aug 2019 14:24:12 GMT
Server: AmazonS3
x-amz-request-id: E0666504BD3BC5C0
ETag: "25556c1ffa69be6c7e1c3ae5e4fe3fb0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=41067
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 104539
x-amz-id-2: j3ST4nTUJtVQdALFxWJWN0r+yyWNfia0N3yoOrhXmvF4Gyo7xeTirTrgbpU0lvcAFtKUw3P1Azs=

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame 28A4 0
57 B 46ms
45ms Fetch
image/gif 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssN-_NsnLFO_WqgOZuOzLkwfW2ZQTfMc87VDlInpa2JslvS75d7ee4wTvX6K1uKwd__J08zo5HeLghxaPF3R_QHZ3oZsdwCjf7ZxDAE5motWIuHklZdjIVTv3GOJxk4ELhAhtraNfuhpDfHx2CEs5yoZQZ4dxqGpTTnfYYBZa0zkPknt886ost31TbRsE1EH7lYfg4fy-NgIQjAX1Bu1O9j--FcNs4ykImuLp4SESqCqI4loly5lPbmUm9otdNZDeMMFs0NH0GV&sai=AMfl-YQFsS8P9HGBkuYU5J9K5GhQ6Dn1kUS5dC06nlxPsltpSoZjY47gQfvrwyyDdaaVt_U6tXJNoVmyrb-X0PJZiEhuKyR3-7140062SuNvtA&sig=Cg0ArKJSzDt9bAJOTZQZEAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Sep 2019 18:38:49 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK adKit.min.js Show response
rev.cbsi.com/common/js/ Frame 28A4 6 KB
2 KB 251ms
37ms Script
application/x-javascript 2.18.233.143
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://rev.cbsi.com/common/js/adKit.min.js?1260306663
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.143 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-143.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 2bf78db102c9d6e84c8e86cd2bd6134383688ae866a991028728b62f482358ab

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 18:38:50 GMT
Content-Encoding: gzip
Last-Modified: Mon, 13 May 2019 18:29:20 GMT
Server: Apache
ETag: "e524dc608d5c7c30eef57b6ed95dc6a8:1557772160"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2149

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 28A4 78 KB
29 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

bc75cfa9ea1dd6b85931d3637e76b4774ac0c77f55deef27243a7725f51df67f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568632677987726"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 29651
x-xss-protection: 0
expires: Tue, 17 Sep 2019 18:38:49 GMT

GET
H/1.1 200
OK moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame 28A4 307 KB
103 KB 142ms
37ms Script
application/x-javascript 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019090901.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2b53e383b81263b9e529c236116454190c04d520031d5f4abaf5e4df40805cd5

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 18:38:49 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Aug 2019 14:24:12 GMT
Server: AmazonS3
x-amz-request-id: E0666504BD3BC5C0
ETag: "25556c1ffa69be6c7e1c3ae5e4fe3fb0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=41067
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 104539
x-amz-id-2: j3ST4nTUJtVQdALFxWJWN0r+yyWNfia0N3yoOrhXmvF4Gyo7xeTirTrgbpU0lvcAFtKUw3P1Azs=

GET
H2 200 impl_v52.js Show response
www.googletagservices.com/dcm/ Frame 7C42 22 KB
9 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v52.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5f4147d470235edc4e770d186e5abddbafd1ae66fcecd03eaddc751fcbd782ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 16:07:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 26 Aug 2019 14:39:55 GMT
server: sffe
age: 9106
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 9536
x-xss-protection: 0
expires: Wed, 16 Sep 2020 16:07:03 GMT

GET
H2 200 impl_v52.js Show response
www.googletagservices.com/dcm/ Frame CB9D 22 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v52.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5f4147d470235edc4e770d186e5abddbafd1ae66fcecd03eaddc751fcbd782ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 16:07:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 26 Aug 2019 14:39:55 GMT
server: sffe
age: 9106
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 9536
x-xss-protection: 0
expires: Wed, 16 Sep 2020 16:07:03 GMT

GET
H2 200 impl_v52.js Show response
www.googletagservices.com/dcm/ Frame BA75 22 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v52.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5f4147d470235edc4e770d186e5abddbafd1ae66fcecd03eaddc751fcbd782ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 16:07:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 26 Aug 2019 14:39:55 GMT
server: sffe
age: 9106
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 9536
x-xss-protection: 0
expires: Wed, 16 Sep 2020 16:07:03 GMT

GET
H2 200 impl_v52.js Show response
www.googletagservices.com/dcm/ Frame 5EA1 22 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v52.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5f4147d470235edc4e770d186e5abddbafd1ae66fcecd03eaddc751fcbd782ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 16:07:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 26 Aug 2019 14:39:55 GMT
server: sffe
age: 9106
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 9536
x-xss-protection: 0
expires: Wed, 16 Sep 2020 16:07:03 GMT

GET
H2 200 B22783699.255232887;dc_ver=52.141;dc_eid=40004000,50005001;sz=300x600;u_sd=1;dc_adk=3363602819;ord=pzz2qk;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssCk-Lg0H9C2xAMWMj... Show response
ad.doubleclick.net/ddm/adj/N6580.150723.CBSINTERACTIVE/ Frame CB9D 30 KB
12 KB 71ms
70ms Script
text/javascript 172.217.21.198
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N6580.150723.CBSINTERACTIVE/B22783699.255232887;dc_ver=52.141;dc_eid=40004000,50005001;sz=300x600;u_sd=1;dc_adk=3363602819;ord=pzz2qk;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssCk-Lg0H9C2xAMWMjWSlMAs0VYf_iCDZIfQOKKaw3lIneyO9uIdOqqOiP-auLXvifT80SJtMKKldJh7jY0Uf0dibQq-SSyVkMh70LB5c-o6AhVmFCUIQSl9bt-IPOxR2yZ5xnDINkCiskcDDRJtNGxCPY8Ub2OmZzyJIT2WvGXls1asUQuze5ex0k_uAvUi_JLLz7aKvLpLwbz9c3bH1F9qqWVwxjbQ9WXAi2EWc4c9Gcve3_whjLtWHuDIVRkjQC3%26sai%3DAMfl-YQZZvYyMY1qf62fAlOtqwqiAnI3yDGbSwtUYu9SPwJYybJqCbNp9ORofnAnA0N2gvchjHESqaPrijTeBzh7PzwCVESspMw2RJxlX9zydg%26sig%3DCg0ArKJSzAF9IK7vinhiEAE%26urlfix%3D1%26adurl%3D;dc_rfl=1,https%3A%2F%2Fwww.zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life%2F$0;xdt=0;crlt=5)RjfGt4)P;osda=2;sttr=81;prcl=s?

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v52.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.198 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s12-in-f198.1e100.net

Software

cafe /

Resource Hash

382d8c82323678eaeb5f5e8e9f58b79853b99f61bcee61ac8319d18c184b00df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Sep 2019 18:38:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 11736
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 B22848860.249063861;dc_ver=52.141;dc_eid=40004000;sz=970x250;u_sd=1;dc_adk=3235765768;ord=x7y3hm;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssjzoSSL1ZaAILRvTCTKlsmVwM3... Show response
ad.doubleclick.net/ddm/adj/N410401.281526ZDNET/ Frame 7C42 12 KB
8 KB 66ms
65ms Script
text/javascript 172.217.21.198
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N410401.281526ZDNET/B22848860.249063861;dc_ver=52.141;dc_eid=40004000;sz=970x250;u_sd=1;dc_adk=3235765768;ord=x7y3hm;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssjzoSSL1ZaAILRvTCTKlsmVwM33pxIzL_C1SXe8dK8FpXPXxPDNMWjCptPcQKQE7STrdEmlfntbKCtaL46g6tq2jZG_lt2RartVbFXwrEXC-f72rqmOIRHwgCw9_UlqujnYfkQqOcQuBhGU9hk2XmAbwyZuLy3hCPfyB5NJGvMUP78mWFt0oZ0gFLMYmjnIqcSRozDYfpMJyBo4vytaoZKGTV6OTzu3vzU7hFvO4YQOw2yVAChhP2MAhf-vfvcQPORP0I09Q%26sai%3DAMfl-YQ1NamMeMfYb52hlyoR43uavrNsMD1wLRmSG0o6ld7WQGENBriXrk5RP-os-xPeuZ60EXGmsWYW3_s1gdwiJ45W05D_i2QN7RYpQqAYew%26sig%3DCg0ArKJSzGt8YfgjI0OZEAE%26urlfix%3D1%26adurl%3D;dc_rfl=1,https%3A%2F%2Fwww.zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life%2F$0;xdt=0;crlt=5)RjfGt4)P;osda=2;sttr=85;prcl=s?

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v52.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.198 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s12-in-f198.1e100.net

Software

cafe /

Resource Hash

81b5838108409e0aaa8839b60332638338caaf6afa47a896011695df56a8faaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Sep 2019 18:38:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 7808
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 79B3 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0d7d0ed0fee84fbf8ed8b911757cd973b649c6ddd9905df86708d6e2e88b244b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 B22783699.254773847;dc_ver=52.141;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=2625420078;ord=6hzrjs;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssr8NunHT1vaR32c3dvesBWwQQE... Show response
ad.doubleclick.net/ddm/adj/N6580.150723.CBSINTERACTIVE/ Frame BA75 29 KB
12 KB 76ms
76ms Script
text/javascript 172.217.21.198
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N6580.150723.CBSINTERACTIVE/B22783699.254773847;dc_ver=52.141;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=2625420078;ord=6hzrjs;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssr8NunHT1vaR32c3dvesBWwQQEFzN5zmJmFkf-yyTkQzdINGnJfaV6fjz5I0zXSr39vh6-MZPrnO1OXje_uG6yKyx2PQkAJJeRLQx_R7NwtwgbcVdqf7usTWHeW-EHXVqUpHe6NJmtTxSJOLZCPOj9o6ca2XOVhqLB_IOJCSVyxaiSBTnl6Mng4E6URs_bUzrgbLcx1krt9ED2wuOus5EiejxTE3L8nN8Kya6XSkYsoG_R_maG1jS3pHmXH_TmAh8P%26sai%3DAMfl-YRzs4SvOCN6FPvEIo8UkqHOXqMp5lS-Pf7xT5JagWxmUs1fcf7ByxU8Ar_uMhd3lo5GQdSXPIEuuw1_WqnJutEKqGxfxAqNdN52RQlXUA%26sig%3DCg0ArKJSzIeaa5N9nLcUEAE%26urlfix%3D1%26adurl%3D;dc_rfl=1,https%3A%2F%2Fwww.zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life%2F$0;xdt=0;crlt=5)RjfGt4)P;osda=2;sttr=51;prcl=s?

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v52.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.198 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s12-in-f198.1e100.net

Software

cafe /

Resource Hash

b78b4a6fa8438ce4776f2b79ff7850a444b6e6a8f572d69e085d67a7010e532b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Sep 2019 18:38:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 11820
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK tag.aspx Show response
ml314.com/ Frame 7C2D 26 KB
12 KB 101ms
35ms Script
application/javascript 34.247.144.106
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?1782019
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.144.106 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-247-144-106.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7d655e8cd62ba58d86b3bc9c8e1e04a76506a4dfc852c3b3813deb0aef284548

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 18:38:49 GMT
Content-Encoding: gzip
Last-Modified: Mon, 16 Sep 2019 23:27:23 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=17313
Connection: keep-alive
Content-Length: 11933
Expires: Tue, 17 Sep 2019 23:27:23 GMT

GET
H/1.1 200
OK n.js Show response
geo.moatads.com/ Frame 7C2D 107 B
365 B 114ms
34ms Script
text/html 18.130.64.138
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBny6BsNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF6GfC6Jn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=c%3FgD3W%3CA&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&i=CBSDFPCW2&hp=1&wf=1&vb=10&cm=21&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1568745529881&de=330134191562&m=0&ar=ab397f9-clean&q=2&cb=0&ym=0&cu=1568745529881&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=25477209%3A2356361194%3A4745699004%3A138245072116&zMoatPS=nav&zMoatPT=article&zMoatW=5&zMoatH=5&zMoatVGUID=2deadd63-948e-47d6-8788-a047a60ccf51&zMoatSN=a&zMoatCURL=zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life&zMoatDev=Desktop&zMoatAType=content_article&zMoatTest=zdnet&zMoatMMV_MAX=na&qs=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life%2F&id=1&bo=23605329&bp=23619609&bd=nav&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatFT=Not%20Specified&zMoatSZ=5x5&zMoatSZPS=5x5%20%7C%20nav&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAB=content_article-zdnet&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&gw=cbsdfp5832910442&fd=1&ac=1&it=500&ti=0&ih=1&iq=na&tt=na&tu=&tp=&fs=170499&na=1436134471&cs=0&callback=MoatSuperV26.gna254092
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.130.64.138 London, United Kingdom, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-130-64-138.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: d01d089bf68f5dabbd6416291cb9de217fe91f450dd2f76eef700a7bc64ddbd0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 18:38:50 GMT
Server: nginx
Etag: "d3a3d17f3a48dc976f850ebb8475e08fe986e387"
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=900
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 107

GET
H/1.1 200
OK n.js Show response
geo.moatads.com/ 103 B
361 B 113ms
33ms Script
text/html 18.130.64.138
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBny6BsNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF6GfC6Jn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=c%3FgD3W%3CA&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&i=CBSDFPCW2&hp=1&wf=1&vb=10&cm=21&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1568745529881&de=330134191562&m=0&ar=ab397f9-clean&q=3&cb=0&ym=0&cu=1568745529881&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=25477209%3A2356361194%3A4745699004%3A138245072116&zMoatPS=nav&zMoatPT=article&zMoatW=5&zMoatH=5&zMoatVGUID=2deadd63-948e-47d6-8788-a047a60ccf51&zMoatSN=a&zMoatCURL=zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life&zMoatDev=Desktop&zMoatAType=content_article&zMoatTest=zdnet&zMoatMMV_MAX=na&qs=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life%2F&id=1&bo=23605329&bp=23619609&bd=nav&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatFT=Not%20Specified&zMoatSZ=5x5&zMoatSZPS=5x5%20%7C%20nav&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAB=content_article-zdnet&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&gw=cbsdfp5832910442&fd=1&ac=1&it=500&ti=0&ih=1&iq=na&tt=na&tu=&tp=&fs=170499&na=1115509928&cs=0&callback=MoatDataJsonpRequest
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.130.64.138 London, United Kingdom, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-130-64-138.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 4dfab07dcb6940901424cceb24e6622e2c52bd6953cacab9386977b17ebf3af0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 18:38:50 GMT
Server: nginx
Etag: "968d0648b31e7fd16b2d562b5b4fd7e1918f3ad8"
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=900
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 103

GET
H2 200 B22783699.254773775;dc_ver=52.141;sz=970x250;u_sd=1;dc_adk=2294628007;ord=epbkhr;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuiRvMMyXYoaXsYz8N07j7uTPoKUXpMDetNAGi9vDUS... Show response
ad.doubleclick.net/ddm/adj/N6580.150723.CBSINTERACTIVE/ Frame 5EA1 30 KB
12 KB 77ms
76ms Script
text/javascript 172.217.21.198
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N6580.150723.CBSINTERACTIVE/B22783699.254773775;dc_ver=52.141;sz=970x250;u_sd=1;dc_adk=2294628007;ord=epbkhr;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuiRvMMyXYoaXsYz8N07j7uTPoKUXpMDetNAGi9vDUSQdXoOgbGcQpLYG_lsZHqvcwygt_cWJcuWJy8Pkiapjxog-yajOGjMln-WtkbEl5sZZAq3iu6FOMVGY0t1nLlJJwRSCkGgCSvW7mfDRJbDmsBWiB1z15P801_s_qqhneYgIDV1-S-pWUEXrLIAArchMwX2fYjDCwunfkQnbhGq9BzC253-rWUFz8Ci5-LG7rLj04KSMlV7Pr63T-XHuBceJLw%26sai%3DAMfl-YRICPdU9oWQR4HBrhyLr3dFvDjj4YKy1yH-0oto0KjjXdhUTrG1zF-7LoLTpMKlJjh23wZDDuBwqBSndsBXx5_mHV2xtB_ENcFciM8tWw%26sig%3DCg0ArKJSzPJDUDHaUiaZEAE%26urlfix%3D1%26adurl%3D;dc_rfl=1,https%3A%2F%2Fwww.zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life%2F$0;xdt=0;crlt=5)RjfGt4)P;osda=2;sttr=102;prcl=s?

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v52.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.198 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s12-in-f198.1e100.net

Software

cafe /

Resource Hash

91419194eee0c5a46ad1a14c095cf3c2624e38b2951d52b8fc9ef5793fb1c83d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Sep 2019 18:38:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 11863
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK n.js Show response
geo.moatads.com/ Frame 79B3 106 B
364 B 97ms
27ms Script
text/html 18.130.64.138
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBny6BsNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF6GfC6Jn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=c%3FgD3W%3CA&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&i=CBSDFPCW2&hp=1&wf=1&vb=10&cm=13&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1568745529947&de=664148441997&m=0&ar=ab397f9-clean&q=7&cb=0&ym=0&cu=1568745529947&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=29604729%3A2535697826%3A5050413510%3A138273985938&zMoatPS=top&zMoatPT=article&zMoatW=11&zMoatH=11&zMoatVGUID=2deadd63-948e-47d6-8788-a047a60ccf51&zMoatSN=a&zMoatCURL=zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life&zMoatDev=Desktop&zMoatAType=content_article&zMoatTest=zdnet&zMoatMMV_MAX=na&qs=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life%2F&id=1&bo=23605329&bp=23619609&bd=top&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatFT=Not%20Specified&zMoatSZ=11x11&zMoatSZPS=11x11%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAB=content_article-zdnet&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&gw=cbsdfp5832910442&fd=1&ac=1&it=500&ti=0&ih=1&iq=na&tt=na&tu=&tp=&fs=170499&na=943693786&cs=0&callback=MoatSuperV26.gna868636
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.130.64.138 London, United Kingdom, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-130-64-138.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: cfe299a7ca7de71498beaad92c6acff7820a996abd382f0f11d9c4206297e330

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 18:38:50 GMT
Server: nginx
Etag: "7f128ec37d5e2c1b828b4cf0c2d0aa77c38e0f40"
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=900
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 106

GET
H/1.1 200
OK 283812-15.js Show response
optimized-by.rubiconproject.com/a/9818/59604/ Frame B1C4 2 KB
1 KB 279ms
155ms Script
text/javascript 69.173.144.141
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: https://optimized-by.rubiconproject.com/a/9818/59604/283812-15.js?&cb=0.1792822825542777&tk_st=1&rf=https%3A//www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/&rp_s=c&p_pos=btf&p_screen_res=1600x1200&ad_slot=59604_15&rp_secure=1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/9818.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: d30738c153f680effc05b06103c6619f540d1554f447542d88fa3238a8af8144

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:50 GMT
Content-Encoding: gzip
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: Keep-Alive
Content-Type: text/javascript
Keep-Alive: timeout=5, max=232
Content-Length: 916
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK n.js Show response
geo.moatads.com/ Frame 9F68 106 B
364 B 30ms
26ms Script
text/html 18.130.64.138
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBny6BsNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF6GfC6Jn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=c%3FgD3W%3CA&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&i=CBSDFPCW2&hp=1&wf=1&vb=10&cm=15&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1568745530018&de=638898785662&m=0&ar=ab397f9-clean&q=12&cb=0&ym=0&cu=1568745530018&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=25477209%3A2356361194%3A4745327422%3A138239368367&zMoatPS=top&zMoatPT=article&zMoatW=641&zMoatH=321&zMoatVGUID=2deadd63-948e-47d6-8788-a047a60ccf51&zMoatSN=a&zMoatCURL=zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life&zMoatDev=Desktop&zMoatAType=content_article&zMoatTest=zdnet&zMoatMMV_MAX=na&qs=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life%2F&id=1&bo=23605329&bp=23619609&bd=top&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatFT=Not%20Specified&zMoatSZ=641x321&zMoatSZPS=641x321%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAB=content_article-zdnet&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&gw=cbsdfp5832910442&fd=1&ac=1&it=500&ti=0&ih=1&iq=na&tt=na&tu=&tp=&fs=170499&na=1073007819&cs=0&callback=MoatSuperV26.gna922874
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.130.64.138 London, United Kingdom, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-130-64-138.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: f74a250a8ce82df1311be49975b1df72a66a6399cc8d1a1b29002e471eca000c

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 18:38:50 GMT
Server: nginx
Etag: "2b7d1b89e71d231ff13b6e38d2eb615d7d01e41c"
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=900
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 106

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7C42 56 KB
17 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N410401.281526ZDNET/B22848860.249063861;dc_ver=52.141;dc_eid=40004000;sz=970x250;u_sd=1;dc_adk=3235765768;ord=x7y3hm;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssjzoSSL1ZaAILRvTCTKlsmVwM33pxIzL_C1SXe8dK8FpXPXxPDNMWjCptPcQKQE7STrdEmlfntbKCtaL46g6tq2jZG_lt2RartVbFXwrEXC-f72rqmOIRHwgCw9_UlqujnYfkQqOcQuBhGU9hk2XmAbwyZuLy3hCPfyB5NJGvMUP78mWFt0oZ0gFLMYmjnIqcSRozDYfpMJyBo4vytaoZKGTV6OTzu3vzU7hFvO4YQOw2yVAChhP2MAhf-vfvcQPORP0I09Q%26sai%3DAMfl-YQ1NamMeMfYb52hlyoR43uavrNsMD1wLRmSG0o6ld7WQGENBriXrk5RP-os-xPeuZ60EXGmsWYW3_s1gdwiJ45W05D_i2QN7RYpQqAYew%26sig%3DCg0ArKJSzGt8YfgjI0OZEAE%26urlfix%3D1%26adurl%3D;dc_rfl=1,https%3A%2F%2Fwww.zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life%2F$0;xdt=0;crlt=5)RjfGt4)P;osda=2;sttr=85;prcl=s?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c6375668f35c7d47585591a1d0542f386d8d1067e7747e7184bb540000c75177

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568632680286949"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 16780
x-xss-protection: 0
expires: Tue, 17 Sep 2019 18:38:50 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 7C42 41 KB
15 KB 8ms
5ms Script
text/javascript 2a00:1450:4001:825::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 17:57:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 May 2018 20:45:00 GMT
server: sffe
age: 2483
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 15207
x-xss-protection: 0
expires: Wed, 16 Sep 2020 17:57:27 GMT

GET
H2 200 970x250_CDM.png
s0.2mdn.net/6357919/ Frame 7C42 22 KB
22 KB 20ms
5ms Image
image/png 2a00:1450:4001:809::2006
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/6357919/970x250_CDM.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c400e833c536c14553c64e96d837575b14c4bda6bf71984b1b5587d583fd2af3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 02:07:25 GMT
x-content-type-options: nosniff
last-modified: Fri, 17 May 2019 10:08:36 GMT
server: sffe
age: 59485
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 22708
x-xss-protection: 0
expires: Wed, 18 Sep 2019 02:07:25 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7C42 0
119 B 48ms
45ms Image
image/gif 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv73sPxsdPWJ3Jr9OkBgWXNfKbzdFWuva3cmmjLdX9FNwxd3QFicsS3IdPFKx6YxJhg9aif8PHS-dtlUhh-5qWTTd6K4aiJJWsCbDvKS4yi45N4seHvoEsdy629MP4t5WwLML1w21A8IA&sig=Cg0ArKJSzCN0VxQPHhzVEAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Sep 2019 18:38:50 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0

GET
H2 200 html_inpage_rendering_lib_200_260.js Show response
s0.2mdn.net/879366/ Frame CB9D 183 KB
63 KB 25ms
14ms Script
text/javascript 2a00:1450:4001:809::2006
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_260.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

61aa815692e9edf603f12550ad0976ccde355df6e118e42f018a691738997d40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
Origin: https://www.zdnet.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 16:08:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9012
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 64774
x-xss-protection: 0
last-modified: Wed, 31 Jul 2019 21:01:39 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Sep 2019 16:08:38 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame CB9D 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:825::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 17:57:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 May 2018 20:45:00 GMT
server: sffe
age: 2483
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 15207
x-xss-protection: 0
expires: Wed, 16 Sep 2020 17:57:27 GMT

GET
H2 200 html_inpage_rendering_lib_200_260.js Show response
s0.2mdn.net/879366/ Frame BA75 183 KB
64 KB 14ms
6ms Script
text/javascript 2a00:1450:4001:809::2006
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_260.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

61aa815692e9edf603f12550ad0976ccde355df6e118e42f018a691738997d40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
Origin: https://www.zdnet.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 16:08:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9012
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 64774
x-xss-protection: 0
last-modified: Wed, 31 Jul 2019 21:01:39 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Sep 2019 16:08:38 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame BA75 41 KB
15 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:825::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 17:57:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 May 2018 20:45:00 GMT
server: sffe
age: 2483
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 15207
x-xss-protection: 0
expires: Wed, 16 Sep 2020 17:57:27 GMT

GET
H2 200 html_inpage_rendering_lib_200_260.js Show response
s0.2mdn.net/879366/ Frame 5EA1 183 KB
63 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:809::2006
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_260.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

61aa815692e9edf603f12550ad0976ccde355df6e118e42f018a691738997d40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
Origin: https://www.zdnet.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 16:08:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9012
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 64774
x-xss-protection: 0
last-modified: Wed, 31 Jul 2019 21:01:39 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Sep 2019 16:08:38 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 5EA1 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:825::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 17:57:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 May 2018 20:45:00 GMT
server: sffe
age: 2483
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 15207
x-xss-protection: 0
expires: Wed, 16 Sep 2020 17:57:27 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 28A4 41 KB
13 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: rev.cbsi.com
URL: https://rev.cbsi.com/common/js/adKit.min.js?1260306663

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

b845f2d1f90649b1f179899e2655575fe42f844a32206ae95e864c1723541acf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "282 / 987 of 1000 / last-modified: 1568744087"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 13148
x-xss-protection: 0
expires: Tue, 17 Sep 2019 18:38:50 GMT

GET
DATA 200
OK truncated
/ Frame 7C42 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e43906bce3c76dbdc47d80944eb4bca86ac920ed9264f9f3e252dbcae983f80

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame CB9D 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8cdb1d0e89659dc70d362e8b83fca57781bc9b6c831ddb1986a0f21b4a130a87

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame BA75 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1d8ee10cbd81d771ed90a9ecc88124d9ecfbcf5f5a89636e0e54f77fc4dc693c

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 2F32 0
0 6ms
6ms Document
text/html 2a00:1450:4001:825::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 8395
date: Tue, 17 Sep 2019 17:57:02 GMT
expires: Wed, 16 Sep 2020 17:57:02 GMT
last-modified: Wed, 09 May 2018 20:45:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2508
alt-svc: quic=":443"; ma=2592000; v="46,43,39"

GET
H/1.1 200
OK n.js Show response
geo.moatads.com/ Frame 7C42 107 B
365 B 28ms
27ms Script
text/html 18.130.64.138
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBny6BsNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF6GfC6Jn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=c%3FgD3W%3CA&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&i=CBSDFPCW2&hp=1&wf=1&vb=10&cm=24&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1568745530078&de=775609886180&m=0&ar=ab397f9-clean&q=17&cb=0&ym=0&cu=1568745530078&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4557104557%3A2594531971%3A5160351794%3A138285768966&zMoatPS=top&zMoatPT=article&zMoatW=970&zMoatH=250&zMoatVGUID=2deadd63-948e-47d6-8788-a047a60ccf51&zMoatSN=a&zMoatCURL=zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life&zMoatDev=Desktop&zMoatAType=content_article&zMoatTest=zdnet&zMoatMMV_MAX=na&qs=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life%2F&id=1&bo=23605329&bp=23619609&bd=top&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatFT=Not%20Specified&zMoatSZ=970x250&zMoatSZPS=970x250%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAB=content_article-zdnet&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&gw=cbsdfp5832910442&fd=1&ac=1&it=500&ti=0&ih=1&iq=na&tt=na&tu=&tp=&fs=170499&na=1862530501&cs=0&callback=MoatSuperV26.gna324836
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.130.64.138 London, United Kingdom, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-130-64-138.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 3c5d25e1ef877754b0808d46f35dff155c611fbcd40c4ec03344438b8fa18ca3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 18:38:50 GMT
Server: nginx
Etag: "c130ca8d54907e1ace7f3e2b0b240504f4c4989e"
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=900
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 107

GET
DATA 200
OK truncated
/ Frame 5EA1 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a3387633e45d15591d53fa26ae7681d03e5c1686837a95a9d165cbf0b1146a9

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
409 B 145ms
44ms Image
image/gif 23.58.219.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=3&fi=0&apd=5&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=29604729&L2id=2535697826&L3id=5050415262&L4id=138287922418&S1id=23605329&S2id=23619609&ord=1568745530124&r=990226233695&t=meas&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=2deadd63-948e-47d6-8788-a047a60ccf51&zMoatCURL=zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life&zMoatPS=top&zMoatPT=article&bedc=1&q=1&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.58.219.40 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-58-219-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:50 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 17 Sep 2019 18:38:50 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
409 B 145ms
44ms Image
image/gif 23.58.219.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=3&fi=0&apd=5&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=29604729&L2id=2535697826&L3id=5050415262&L4id=138287922418&S1id=23605329&S2id=23619609&ord=1568745530124&r=990226233695&t=nht&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=2deadd63-948e-47d6-8788-a047a60ccf51&zMoatCURL=zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life&zMoatPS=top&zMoatPT=article&bedc=1&q=2&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.58.219.40 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-58-219-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:50 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 17 Sep 2019 18:38:50 GMT

GET
H2 200 Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 450E 0
0 6ms
6ms Document
text/html 2a00:1450:4001:825::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 8395
date: Tue, 17 Sep 2019 17:57:02 GMT
expires: Wed, 16 Sep 2020 17:57:02 GMT
last-modified: Wed, 09 May 2018 20:45:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2508
alt-svc: quic=":443"; ma=2592000; v="46,43,39"

GET
H2 200 Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame BD87 0
0 6ms
5ms Document
text/html 2a00:1450:4001:825::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 8395
date: Tue, 17 Sep 2019 17:57:02 GMT
expires: Wed, 16 Sep 2020 17:57:02 GMT
last-modified: Wed, 09 May 2018 20:45:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2508
alt-svc: quic=":443"; ma=2592000; v="46,43,39"

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
409 B 131ms
43ms Image
image/gif 23.58.219.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=5&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=29604729&L2id=2535697826&L3id=5050545514&L4id=138287513757&S1id=23605329&S2id=23619609&ord=1568745530160&r=891406096398&t=meas&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=2deadd63-948e-47d6-8788-a047a60ccf51&zMoatCURL=zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life&zMoatPS=middle&zMoatPT=article&bedc=1&q=1&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.58.219.40 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-58-219-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:50 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 17 Sep 2019 18:38:50 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
409 B 132ms
44ms Image
image/gif 23.58.219.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=5&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=29604729&L2id=2535697826&L3id=5050545514&L4id=138287513757&S1id=23605329&S2id=23619609&ord=1568745530160&r=891406096398&t=nht&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=2deadd63-948e-47d6-8788-a047a60ccf51&zMoatCURL=zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life&zMoatPS=middle&zMoatPT=article&bedc=1&q=2&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.58.219.40 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-58-219-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:50 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 17 Sep 2019 18:38:50 GMT

GET
H/1.1 200
OK moatad.js Show response
z.moatads.com/essenceukeedcmdisplay403072119649/ Frame BA75 288 KB
96 KB 45ms
44ms Script
application/x-javascript 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/essenceukeedcmdisplay403072119649/moatad.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_260.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 4527b821beb7e04c4e079373ebc7df95ebf93108ed05307b1e1e806127a61348

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 18:38:50 GMT
Content-Encoding: gzip
Last-Modified: Fri, 23 Aug 2019 10:51:44 GMT
Server: AmazonS3
x-amz-request-id: D2206B11D1F8D431
ETag: "465b724804ecb5a15ca040464e0322bc"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=40963
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 97786
x-amz-id-2: wErPL4N0eHWixbhVu1p1uonjotv00Q4M2NolCtf4HpTqdbFrPo4Ih/jnI71hAFSwD2wZ14W+CVI=

GET
H/1.1 200
OK event Show response
eecouk.demdex.net/ Frame BA75 42 B
783 B 152ms
44ms Script
image/gif 52.30.7.139
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://eecouk.demdex.net/event?d_event=imp&d_src=164555&d_placement=254773847&d_campaign=22783699&d_site=1120261&d_creative=121098204
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_260.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.7.139 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-30-7-139.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v042-08cd70d84.edge-irl1.demdex.com 5.59.0.20190904135845 11ms (+0ms)
Pragma: no-cache
X-TID: WVsIJawXR40=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BA75 80 KB
29 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/lidar.js?cache=r20110914

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_260.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8835d63170fc9a604877c9734b6b2f573b1a275901947b5c9d9ce645efd894e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568632677987726"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 29494
x-xss-protection: 0
expires: Tue, 17 Sep 2019 18:38:50 GMT

GET
H2 200 index.html
s0.2mdn.net/ads/richmedia/studio/pv2/61225247/20190912072447544/ Frame 5462 0
0 72ms
71ms Document
text/html 2a00:1450:4001:809::2006
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61225247/20190912072447544/index.html?e=69&leftOffset=0&topOffset=0&c=4zcialji99&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_260.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /ads/richmedia/studio/pv2/61225247/20190912072447544/index.html?e=69&leftOffset=0&topOffset=0&c=4zcialji99&t=1&renderingType=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
timing-allow-origin: *
content-length: 1127
date: Tue, 17 Sep 2019 18:38:50 GMT
expires: Wed, 18 Sep 2019 18:38:50 GMT
cache-control: public, max-age=86400
last-modified: Thu, 12 Sep 2019 14:24:47 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: quic=":443"; ma=2592000; v="46,43,39"

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame BA75 0
57 B 47ms
47ms Image
image/gif 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsufM5a2Dw-GetSQBDduwyNDM2aA4WWxRqd-1qZ2QMQMzRGMuWn6vR-6ARP276cVYX9cl7HC9Mj6zfkKpR8XMrn7loWCZSat8fMjylwfygWk42wrM2bpzefiCyKpwryR9exgpaaQy2E4fKU&sig=Cg0ArKJSzE0hZXfd02e_EAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Sep 2019 18:38:50 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK public.json Show response
platform-cdn.sharethrough.com/api/external/v1/placements/8ec3a4f3/ 3 KB
2 KB 134ms
44ms XHR
application/json 13.32.218.95
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://platform-cdn.sharethrough.com/api/external/v1/placements/8ec3a4f3/public.json

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.32.218.95 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-13-32-218-95.fra56.r.cloudfront.net

Software

nginx/1.14.2 /

Resource Hash

dc586a3b52526c7da4aab5a7d652832306c141deae71784882d150766db361f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Date: Fri, 13 Sep 2019 18:09:22 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
User-Cache-Control: no-cache, must-revalidate
Age: 459
X-Cache: Hit from cloudfront
Status: 200 OK
Connection: keep-alive
Content-Length: 1404
X-XSS-Protection: 1; mode=block
X-Request-Id: 2827141b-8124-421f-abcb-9ef118b7dcc7
X-Runtime: 0.030264
Access-Control-Allow-Origin: *
User-Header: Expires: Sat, 26 Jul 1997 05:00:00 GMT
Server: nginx/1.14.2
ETag: W/"dc586a3b52526c7da4aab5a7d6528323"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET
Content-Type: application/json; charset=utf-8
Via: 1.1 bce55e537f8dfcf0127f649d11fd1821.cloudfront.net (CloudFront)
Cache-Control: max-age=900, public
X-Amz-Cf-Pop: FRA56
X-Amz-Cf-Id: 0fqr7OCMN9OYyiTotRhwmE45bqC7WkP01fRNbPtzFgpi5Xiz0xC7Fg==

GET
H2 200 json Show response
trc.taboola.com/cbsinteractive-zdnet/trc/3/ 12 KB
5 KB 312ms
312ms Script
application/javascript 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/cbsinteractive-zdnet/trc/3/json?tim=20%3A38%3A50.237&lti=deflated&data=%7B%22id%22%3A402%2C%22ii%22%3A%22%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22vi%22%3A1568745530235%2C%22cv%22%3A%2220190911-24-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22cmps%22%3A3%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1585%2C%22dh%22%3A7606%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A8%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22ZDNETarticleDesktop%2FTablet-Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22ZDNETarticleDesktop%2FTablet-Below%20Article%20Thumbnails%22%2C%22cd%22%3A6886.234375%2C%22mw%22%3A770%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20190911-24-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: f9216c532e4034c6449b0fd6b3f25119cc1ac8061e4e996e2e7312a4246d9efd

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:50 GMT
content-encoding: gzip
server: nginx
x-timer: S1568745530.258752,VS0,VE261
status: 200
x-served-by: cache-hhn4021-HHN
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 73FD 0
0 6ms
5ms Document
text/html 2a00:1450:4001:825::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 8395
date: Tue, 17 Sep 2019 17:57:02 GMT
expires: Wed, 16 Sep 2020 17:57:02 GMT
last-modified: Wed, 09 May 2018 20:45:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2508
alt-svc: quic=":443"; ma=2592000; v="46,43,39"

GET
H/1.1 200
OK moatad.js Show response
z.moatads.com/essenceukeedcmdisplay403072119649/ Frame CB9D 288 KB
96 KB 40ms
38ms Script
application/x-javascript 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/essenceukeedcmdisplay403072119649/moatad.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_260.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 4527b821beb7e04c4e079373ebc7df95ebf93108ed05307b1e1e806127a61348

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 18:38:50 GMT
Content-Encoding: gzip
Last-Modified: Fri, 23 Aug 2019 10:51:44 GMT
Server: AmazonS3
x-amz-request-id: D2206B11D1F8D431
ETag: "465b724804ecb5a15ca040464e0322bc"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=40963
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 97786
x-amz-id-2: wErPL4N0eHWixbhVu1p1uonjotv00Q4M2NolCtf4HpTqdbFrPo4Ih/jnI71hAFSwD2wZ14W+CVI=

GET
H/1.1 200
OK event Show response
eecouk.demdex.net/ Frame CB9D 42 B
782 B 152ms
50ms Script
image/gif 52.30.7.139
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://eecouk.demdex.net/event?d_event=imp&d_src=164555&d_placement=255232887&d_campaign=22783699&d_site=1120261&d_creative=121098198
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_260.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.7.139 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-30-7-139.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v042-01310c00a.edge-irl1.demdex.com 5.59.0.20190904135845 8ms (+1ms)
Pragma: no-cache
X-TID: Mv62TBRpR3Y=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CB9D 80 KB
29 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/lidar.js?cache=r20110914

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_260.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8835d63170fc9a604877c9734b6b2f573b1a275901947b5c9d9ce645efd894e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568632677987726"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 29494
x-xss-protection: 0
expires: Tue, 17 Sep 2019 18:38:50 GMT

GET
H2 200 index.html
s0.2mdn.net/ads/richmedia/studio/pv2/61234842/20190912072840302/ Frame B575 0
0 72ms
72ms Document
text/html 2a00:1450:4001:809::2006
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61234842/20190912072840302/index.html?e=69&leftOffset=0&topOffset=0&c=5WV268Zzpz&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_260.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /ads/richmedia/studio/pv2/61234842/20190912072840302/index.html?e=69&leftOffset=0&topOffset=0&c=5WV268Zzpz&t=1&renderingType=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
timing-allow-origin: *
content-length: 1141
date: Tue, 17 Sep 2019 18:38:50 GMT
expires: Wed, 18 Sep 2019 18:38:50 GMT
cache-control: public, max-age=86400
last-modified: Thu, 12 Sep 2019 14:28:40 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: quic=":443"; ma=2592000; v="46,43,39"

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame CB9D 0
57 B 48ms
45ms Image
image/gif 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsucHYUZON_cpuX1PNfsVDVc6kYqIWjGh4MrWKcTScD7NjogK2onrXbzxxMJRN-5vrfBDgk715SIcTKK8M8LKTLLWm0TEgyujfpyNV3O-aFvOKcMAvFFo4_rlz5jRAwARzoPl9dPfDyo-WI&sig=Cg0ArKJSzLC3c2Y5NCupEAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Sep 2019 18:38:50 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK event Show response
eecouk.demdex.net/ Frame 5EA1 42 B
783 B 121ms
54ms Script
image/gif 52.30.7.139
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://eecouk.demdex.net/event?d_event=imp&d_src=164555&d_placement=254773775&d_campaign=22783699&d_site=1120261&d_creative=121138465
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_260.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.7.139 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-30-7-139.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v042-0a38490fe.edge-irl1.demdex.com 5.59.0.20190904135845 10ms (+1ms)
Pragma: no-cache
X-TID: QaaLSaubRoo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK moatad.js Show response
z.moatads.com/essenceukeedcmdisplay403072119649/ Frame 5EA1 288 KB
96 KB 40ms
39ms Script
application/x-javascript 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/essenceukeedcmdisplay403072119649/moatad.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_260.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 4527b821beb7e04c4e079373ebc7df95ebf93108ed05307b1e1e806127a61348

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 18:38:50 GMT
Content-Encoding: gzip
Last-Modified: Fri, 23 Aug 2019 10:51:44 GMT
Server: AmazonS3
x-amz-request-id: D2206B11D1F8D431
ETag: "465b724804ecb5a15ca040464e0322bc"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=40963
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 97786
x-amz-id-2: wErPL4N0eHWixbhVu1p1uonjotv00Q4M2NolCtf4HpTqdbFrPo4Ih/jnI71hAFSwD2wZ14W+CVI=

GET
H2 200 lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5EA1 80 KB
29 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/lidar.js?cache=r20110914

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_260.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8835d63170fc9a604877c9734b6b2f573b1a275901947b5c9d9ce645efd894e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568632677987726"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 29494
x-xss-protection: 0
expires: Tue, 17 Sep 2019 18:38:50 GMT

GET
H2 200 index.html
s0.2mdn.net/ads/richmedia/studio/pv2/61226303/20190912072502532/ Frame 5206 0
0 76ms
76ms Document
text/html 2a00:1450:4001:809::2006
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61226303/20190912072502532/index.html?e=69&leftOffset=0&topOffset=0&c=2kS920FJoa&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_260.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /ads/richmedia/studio/pv2/61226303/20190912072502532/index.html?e=69&leftOffset=0&topOffset=0&c=2kS920FJoa&t=1&renderingType=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
timing-allow-origin: *
content-length: 1142
date: Tue, 17 Sep 2019 18:38:50 GMT
expires: Wed, 18 Sep 2019 18:38:50 GMT
cache-control: public, max-age=86400
last-modified: Thu, 12 Sep 2019 14:25:02 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: quic=":443"; ma=2592000; v="46,43,39"

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5EA1 0
48 B 47ms
47ms Image
image/gif 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssH0SPtsEd82Mhr6XiPxkaNEv7dUrDGQb7_dobr0r28auylVC8hOvZso14VXpQopRBGzXm9CgrQlip4Jtpkm1j7UgETmzAy4VAlCPCCvaE3rBS36PGHweFDMY4gk9taYZ3Xb-e_vJlV00g&sig=Cg0ArKJSzNrhYIQBgYrNEAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Sep 2019 18:38:50 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
409 B 47ms
46ms Image
image/gif 23.58.219.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=6&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=29604729&L2id=2535697826&L3id=5050543438&L4id=138287513862&S1id=23605329&S2id=23619609&ord=1568745530269&r=762540426808&t=meas&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=2deadd63-948e-47d6-8788-a047a60ccf51&zMoatCURL=zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life&zMoatPS=bottom&zMoatPT=article&bedc=1&q=1&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.58.219.40 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-58-219-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:50 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 17 Sep 2019 18:38:50 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
409 B 46ms
44ms Image
image/gif 23.58.219.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=6&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=29604729&L2id=2535697826&L3id=5050543438&L4id=138287513862&S1id=23605329&S2id=23619609&ord=1568745530269&r=762540426808&t=nht&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=2deadd63-948e-47d6-8788-a047a60ccf51&zMoatCURL=zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life&zMoatPS=bottom&zMoatPT=article&bedc=1&q=2&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.58.219.40 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-58-219-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:50 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 17 Sep 2019 18:38:50 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 28A4 109 B
171 B 17ms
16ms Script
application/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.zdnet.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Sep 2019 18:38:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 28A4 109 B
171 B 19ms
19ms Script
application/javascript 2a00:1450:4001:809::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.zdnet.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Sep 2019 18:38:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2019090901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 28A4 157 KB
58 KB 84ms
84ms Script
text/javascript 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019090901.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

d2064583dc074f40b117a6e11043ea853c50bc49954b5ac936a48d9482d36fa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 09 Sep 2019 13:07:13 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 59061
x-xss-protection: 0
expires: Tue, 17 Sep 2019 18:38:50 GMT

GET
H/1.1 200
OK v4 Show response
btlr.sharethrough.com/ 5 KB
2 KB 238ms
126ms XHR
application/json 3.120.6.212
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/v4?placement_key=8ec3a4f3&campaign_key=DSQasnTB3mo5czP5yHE3kE66H1&mrid=64387590-d97a-11e9-8117-219be1c6cca7
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.6.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-3-120-6-212.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.1 / Express
Resource Hash: 9d6eae70cc739ecb59fc502fcdf654675c318e1bf0ec679e63d84761470ce1d2

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Date: Tue, 17 Sep 2019 18:38:50 GMT
content-encoding: gzip
ETag: W/"1297-EbIH54N03G5JD024TkPHqSCMPZI"
Server: nginx/1.14.1
X-Powered-By: Express
Vary: Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.zdnet.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 2136

GET
H/1.1 200
OK butler
b.sharethrough.com/ 0
154 B 402ms
100ms Image
image/gif 3.223.151.89
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b.sharethrough.com/butler?type=networkImpressionRequest&pkey=8ec3a4f3&placementIndex=1&networkKey=stxnetwork&networkOrder=1&bwidth=1600&bheight=1200&byscroll=0&ploc=https%253A%252F%252Fwww.zdnet.com%252Farticle%252Femotet-todays-most-dangerous-botnet-comes-back-to-life%252F&umtime=1568745530558&version=746-176aa931-eu&mrid=64387590-d97a-11e9-8117-219be1c6cca7&bidId=NO_BID_ID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.151.89 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-3-223-151-89.compute-1.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 18:38:50 GMT
Server: nginx/1.4.6 (Ubuntu)
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
409 B 133ms
43ms Image
image/gif 23.58.219.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=399&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=29604729&L2id=2535697826&L3id=5050545514&L4id=138287513757&S1id=23605329&S2id=23619609&ord=1568745530160&r=891406096398&t=hdn&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=2deadd63-948e-47d6-8788-a047a60ccf51&zMoatCURL=zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life&zMoatPS=middle&zMoatPT=article&bedc=1&q=3&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.58.219.40 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-58-219-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:50 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 17 Sep 2019 18:38:50 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
409 B 129ms
43ms Image
image/gif 23.58.219.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=444&fi=0&apd=446&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=29604729&L2id=2535697826&L3id=5050415262&L4id=138287922418&S1id=23605329&S2id=23619609&ord=1568745530124&r=990226233695&t=hdn&os=1&fi2=0&div1=0&ait=221&zMoatVGUID=2deadd63-948e-47d6-8788-a047a60ccf51&zMoatCURL=zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life&zMoatPS=top&zMoatPT=article&bedc=1&q=3&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.58.219.40 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-58-219-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:50 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 17 Sep 2019 18:38:50 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
409 B 130ms
43ms Image
image/gif 23.58.219.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=4&fi=1&apd=8&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=4557104557&L2id=2594531971&L3id=5160351794&L4id=138285768966&S1id=23605329&S2id=23619609&ord=1568745530078&r=775609886180&t=meas&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=2deadd63-948e-47d6-8788-a047a60ccf51&zMoatCURL=zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life&zMoatPS=top&zMoatPT=article&bedc=1&q=1&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.58.219.40 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-58-219-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:50 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 17 Sep 2019 18:38:50 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
409 B 130ms
43ms Image
image/gif 23.58.219.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=4&fi=1&apd=8&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=4557104557&L2id=2594531971&L3id=5160351794&L4id=138285768966&S1id=23605329&S2id=23619609&ord=1568745530078&r=775609886180&t=fv&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=2deadd63-948e-47d6-8788-a047a60ccf51&zMoatCURL=zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life&zMoatPS=top&zMoatPT=article&bedc=1&q=2&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.58.219.40 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-58-219-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:50 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 17 Sep 2019 18:38:50 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
409 B 130ms
43ms Image
image/gif 23.58.219.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=425&fi=1&apd=429&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=4557104557&L2id=2594531971&L3id=5160351794&L4id=138285768966&S1id=23605329&S2id=23619609&ord=1568745530078&r=775609886180&t=hdn&os=1&fi2=0&div1=0&ait=211&zMoatVGUID=2deadd63-948e-47d6-8788-a047a60ccf51&zMoatCURL=zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life&zMoatPS=top&zMoatPT=article&bedc=1&q=3&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.58.219.40 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-58-219-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:50 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 17 Sep 2019 18:38:50 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
409 B 130ms
44ms Image
image/gif 23.58.219.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=327&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=29604729&L2id=2535697826&L3id=5050543438&L4id=138287513862&S1id=23605329&S2id=23619609&ord=1568745530269&r=762540426808&t=hdn&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=2deadd63-948e-47d6-8788-a047a60ccf51&zMoatCURL=zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life&zMoatPS=bottom&zMoatPT=article&bedc=1&q=3&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.58.219.40 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-58-219-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:50 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 17 Sep 2019 18:38:50 GMT

GET
H/1.1 200
OK s.js Show response
mb.moatads.com/ 207 B
465 B 168ms
62ms Script
text/html 3.9.25.189
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/s.js?url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life%2F&confidence=2&pcode=essenceukeedcmdisplay403072119649&callback=MoatBSJsonpRequest_54105723
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/essenceukeedcmdisplay403072119649/moatad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.9.25.189 London, United Kingdom, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-3-9-25-189.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ac54e160c68131d16f18f0cb0b14d1e55353258aabaca2c0c745fa60589b405

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 18:38:50 GMT
Server: nginx
Etag: "bece5a2e1ef3c81e8e24d546eb6d2ce9abf2f244"
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=900
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 207

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 111ms
36ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=ESSENCE_UK_EE_DCM_DISPLAY1&hp=1&wf=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1568745530613&de=398327156354&m=0&ar=813bf25-clean&q=38&cb=0&ym=0&cu=1568745530613&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=22783699%3A1120261%3A254773847%3A121098204&zMoatENV=j&qs=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life%2F&id=1&bo=zdnet.com&bd=zdnet.com&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&gw=essenceukeedcmdisplay403072119649&fd=1&ac=1&it=500&ti=0&ih=1&fs=170265&na=1757011298&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:50 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 17 Sep 2019 18:38:50 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame B1C4 67 KB
25 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: optimized-by.rubiconproject.com
URL: https://optimized-by.rubiconproject.com/a/9818/59604/283812-15.js?&cb=0.1792822825542777&tk_st=1&rf=https%3A//www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/&rp_s=c&p_pos=btf&p_screen_res=1600x1200&ad_slot=59604_15&rp_secure=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0b4236cb4eb3f87c386e433be2f2b627b78c3f95364f77465ebb9e959d9e83a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 25843
x-xss-protection: 0
server: cafe
etag: 16430765735156960285
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 17 Sep 2019 18:38:50 GMT

GET
H/1.1 200
OK be22dbdb-c2f4-4842-959a-a54f9c22fc87
beacon-eu2.rubiconproject.com/beacon/d/ Frame B1C4 43 B
268 B 159ms
37ms Image
image/webp 69.173.144.153
The Rubicon Project

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon-eu2.rubiconproject.com/beacon/d/be22dbdb-c2f4-4842-959a-a54f9c22fc87?oo=51&accountId=9818&siteId=59604&zoneId=283812&sizeId=15&e=6A1E40E384DA563B7286AEECBB15C36A764EF9710A013DE135DC9BAA07FD70B5CE9857A8366FE65E497FF1A1169516EF172DB22D3B21A9B5D119F1691193486294237DFE066A75DF3570ECD3831C9446AC237D6FA0EBFC9A6240B348FC26EBCF9657252D90587B3D83009FDB9DE7981633F8630F2FDB6069
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.153 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: Rubicon Project /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:50 GMT
Cache-Control: private, max-age=0, no-cache
Server: Rubicon Project
Content-Type: image/webp
Content-Length: 43
Expires: 01 Jan 1970 10:00:00 GMT

GET
H/1.1 200
OK count-data.js Show response
zdnet-1.disqus.com/ 243 B
768 B 40ms
39ms Script
application/javascript 151.101.112.134
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet-1.disqus.com/count-data.js?1=4f29584f-9b66-438c-b15b-0640eecb2c31

Requested by

Host: zdnet-1.disqus.com
URL: https://zdnet-1.disqus.com/count.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

nginx /

Resource Hash

23fd50e468e335f8d26efbc1f6454743d06fd0bb80755e8ded1b2306800e8a8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 18:38:50 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Age: 994
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Vary: Accept-Encoding
Cache-Control: public, max-age=600
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=UTF-8
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 205
X-XSS-Protection: 1; mode=block

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 28A4 29 KB
7 KB 129ms
129ms XHR
text/plain 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1249150477884295&correlator=1015318734421151&output=ldjh&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&json_a=1&eid=21062833%2C21063202%2C21063817%2C21064591&vrg=2019090901&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20190917&iu_parts=8264%2Cuk-zdnet%2Csecurity&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=372x142%2C372x142&prev_scp=env%3Dprod%26session%3Da%26subses%3D1%26ptype%3Darticle%26vguid%3D2deadd63-948e-47d6-8788-a047a60ccf51%7Cenv%3Dprod%26session%3Da%26subses%3D1%26ptype%3Darticle%26vguid%3D2deadd63-948e-47d6-8788-a047a60ccf51&cookie_enabled=1&cdm=www.zdnet.com&bc=31&abxe=1&lmt=1568745530&dt=1568745530732&dlt=1568745529762&idt=962&frm=23&biw=1585&bih=1200&isw=371&ish=771&oid=3&adxs=-12245933%2C-12245933&adys=-12245933%2C-12245933&adks=3261246841%2C3261246840&ucis=5m3igvll5t2f%7Cj66yt469kztc&ifi=1&ifk=3748693386&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life%2F&top=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life%2F&dssz=16&icsg=10888&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0%7C0x0&msz=0x0%7C0x0&ga_vid=1902066637.1568745531&ga_sid=1568745531&ga_hid=1885084423&fws=384%2C384&ohw=0%2C0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019090901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

a584ab11d05df18a0b578c929247a6193fadbffd51d600dfa3f4d39ab3e3ec8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:50 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 7284
x-xss-protection: 0
google-lineitem-id: 4746066197,4746066197
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138239375180,138239479696
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.zdnet.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019090901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 28A4 62 KB
24 KB 70ms
69ms Script
text/javascript 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019090901.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019090901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

f92613e18f86a27550aa6d749c835105da1adcb8144563d352341a871cf7e8ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 09 Sep 2019 13:07:13 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 24115
x-xss-protection: 0
expires: Tue, 17 Sep 2019 18:38:50 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ Frame 28A4 0
0 6ms
5ms Other
text/html 2a00:1450:4001:825::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019090901.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
409 B 45ms
44ms Image
image/gif 23.58.219.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=699&fi=1&apd=703&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=4557104557&L2id=2594531971&L3id=5160351794&L4id=138285768966&S1id=23605329&S2id=23619609&ord=1568745530078&r=775609886180&t=nht&os=1&fi2=0&div1=0&ait=485&zMoatVGUID=2deadd63-948e-47d6-8788-a047a60ccf51&zMoatCURL=zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life&zMoatPS=top&zMoatPT=article&bedc=1&q=4&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.58.219.40 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-58-219-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:50 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 17 Sep 2019 18:38:50 GMT

GET
H2 200 userx.20190911-24-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 22 KB
8 KB 41ms
41ms Script
application/javascript 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20190911-24-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/cbsinteractive-zdnet/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3240c7e00ccd21fbdd141f58cb238c68bb59180a35dfb79df8bbe57e0d13b0fc

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: FIROvmzvTvRsNpeDMFHG0FOuavH8QxIQ
content-encoding: gzip
etag: "0a4a3b57760282f54d71c05d1bf0b50c"
age: 29
x-cache: HIT
status: 200
x-amz-replication-status: COMPLETED
content-length: 7736
x-amz-id-2: XFlx3p8weZn+wiUlEE8ZynhUsKgBYb3vtS/VZ2l7y0XScoPeK1ALn9QstYbSXoG1vTQ9pj+omb0=
x-served-by: cache-hhn4021-HHN
last-modified: Wed, 11 Sep 2019 13:42:26 GMT
server: AmazonS3
x-timer: S1568745531.832378,VS0,VE0
date: Tue, 17 Sep 2019 18:38:50 GMT
vary: Accept-Encoding
x-amz-request-id: 07DC2D26E0B4B9D3
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 47
x-cache-hits: 55

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame B1C4 109 B
171 B 26ms
26ms Script
application/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.zdnet.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Sep 2019 18:38:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame B1C4 109 B
171 B 25ms
25ms Script
application/javascript 2a00:1450:4001:809::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.zdnet.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Sep 2019 18:38:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190916/r20190131/ Frame B1C4 218 KB
80 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20190916/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

c2ff48bcbf9eadb11a5db2905263a74dfce1f4d3067910bfa74c4284a2ee7055

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 82154
x-xss-protection: 0
server: cafe
etag: 11959035575636662538
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Sep 2019 18:38:50 GMT

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190916/r20190131/ Frame 2571 218 KB
80 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20190916/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

c2ff48bcbf9eadb11a5db2905263a74dfce1f4d3067910bfa74c4284a2ee7055

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 82154
x-xss-protection: 0
server: cafe
etag: 11959035575636662538
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Sep 2019 18:38:50 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20190916/r20190131/ Frame 0AC7 0
0 15ms
14ms Document
text/html 2a00:1450:4001:809::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20190916/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20190916/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Mon, 16 Sep 2019 14:13:40 GMT
expires: Mon, 30 Sep 2019 14:13:40 GMT
content-type: text/html; charset=UTF-8
etag: 14866779439905550351
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 7273
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 102310
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame 4DAC 0
0 124ms
40ms Document
text/html 104.109.78.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=uk
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.78.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Wed, 11 Sep 2019 18:27:19 GMT
Content-Encoding: gzip
Content-Length: 7616
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=78366
Expires: Wed, 18 Sep 2019 16:24:56 GMT
Date: Tue, 17 Sep 2019 18:38:50 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK moatad.js Show response
z.moatads.com/sharethroughv2465247317527/ 288 KB
96 KB 37ms
37ms Script
application/x-javascript 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/sharethroughv2465247317527/moatad.js?moatClientLevel1=2ac18247&moatClientLevel2=DSQasnTB3mo5czP5yHE3kE66H1&moatClientLevel3=sfp-DSLY5QiXAsXVXyVmDKFNvksoZz&moatClientLevel4=DSFtXKkiaqXteD5VgQnNspHWdB&moatClientSlicer1=aec2767996d7a4df64f4df7e&moatClientSlicer2=8ec3a4f3&zMoatDSP=sfp&zMoatURLFunc=str-third-party-sfp-DSLY5QiXAsXVXyVmDKFNvksoZz-8ec3a4f3-1&zMoatIsInView=str-visibility-sfp-DSLY5QiXAsXVXyVmDKFNvksoZz-8ec3a4f3-1&zMoatTimeInView=str-time-sfp-DSLY5QiXAsXVXyVmDKFNvksoZz-8ec3a4f3-1
Requested by: Host: native.sharethrough.com
URL: https://native.sharethrough.com/assets/sfp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 26483e9b516dc3f54cb5c0c9da80606d9e4c30fe419bcbaf1b516f9954bc0ccf

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 18:38:50 GMT
Content-Encoding: gzip
Last-Modified: Thu, 22 Aug 2019 20:18:37 GMT
Server: AmazonS3
x-amz-request-id: 069A3F531460826A
ETag: "504bc41681b08e6dcd821e2f7456648a"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=41187
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 98217
x-amz-id-2: nrK0wYmND2Nf5nYmBnTaTQYtX7AMGuq82H52jREK09gGfOlpoIRzeqNQvydsgy/u2NfdpEYVvmU=

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 /
www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/ 64 KB
64 KB 201ms
201ms Image
text/html 23.210.249.64
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Requested by

Host: native.sharethrough.com
URL: https://native.sharethrough.com/assets/sfp.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.210.249.64 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a23-210-249-64.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .zdnet.com .ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' *.zdnet.com *.ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding, User-Agent
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 17 Sep 2019 17:21:12 GMT
server: nginx
x-frame-options: SAMEORIGIN
date: Tue, 17 Sep 2019 18:38:51 GMT
expect-ct: max-age=0, report-uri="https://7a8f8748a40805618a61b617481a6ebc.report-uri.com/r/d/ct/reportOnly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-tx-id: 9efc2b2d-1045-479d-a9a6-026752a50932
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.zdnet.com
cache-control: max-age=5400, private
accept-ranges: bytes
x-akamai-transformed: 9 - 0 pmb=mTOE,4
expires: Tue, 17 Sep 2019 18:51:12 GMT

GET
H2 200 native.JPG
str-assets.imgix.net/creative_workflow/creative_thumbnails/427124/images/original/ 6 KB
6 KB 173ms
153ms Image
image/webp 2a04:4e42:1b::720
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://str-assets.imgix.net/creative_workflow/creative_thumbnails/427124/images/original/native.JPG?w=170&h=89&auto=format&fit=crop&dpr=1&auto=format

Requested by

Host: native.sharethrough.com
URL: https://native.sharethrough.com/assets/sfp.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

imgix /

Resource Hash

a7c68e6285a6b129d697f9a220220e02e0ecd8969b8aa57e2ddeb057d3841490

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:51 GMT
x-content-type-options: nosniff
last-modified: Tue, 17 Sep 2019 18:14:59 GMT
server: imgix
age: 1433
vary: Accept, User-Agent
x-cache: HIT, MISS
content-type: image/webp
status: 200
cache-control: public, max-age=600
x-imgix-id: 92e3934c8c1ff8e9d00d522f34370856403b01e7
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6170
x-served-by: cache-lax8633-LAX, cache-hhn4032-HHN

GET
H/1.1 200
OK butler
b.sharethrough.com/ 0
154 B 176ms
102ms Image
image/gif 3.223.151.89
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b.sharethrough.com/butler?type=impressionReceived&pkey=8ec3a4f3&placementIndex=1&ckey=sfp-DSLY5QiXAsXVXyVmDKFNvksoZz&vkey=DSFtXKkiaqXteD5VgQnNspHWdB&arid=d946daa71-97df-499e-a9ab-75568ecd48b3&awid=fb0be6c6-cefe-40ec-a4d3-bcce539e562e&renderOffset=0&bootTime=1170.34&benchmarkBoot=2978.9900006726384&responseTime=310&butlerLatency=310.69499999284744&bwidth=1600&bheight=1200&byscroll=0&ploc=https%253A%252F%252Fwww.zdnet.com%252Farticle%252Femotet-todays-most-dangerous-botnet-comes-back-to-life%252F&umtime=1568745530870&version=746-176aa931-eu&mrid=64387590-d97a-11e9-8117-219be1c6cca7&bidId=NO_BID_ID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.151.89 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-3-223-151-89.compute-1.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 18:38:51 GMT
Server: nginx/1.4.6 (Ubuntu)
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif

GET
H/1.1 200
OK butler
b.sharethrough.com/ 0
154 B 278ms
101ms Image
image/gif 3.223.151.89
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b.sharethrough.com/butler?bwidth=1600&bheight=1200&pwidth=770&pheight=131&pxoff=208&pyoff=2810&pkey=8ec3a4f3&ckey=sfp-DSLY5QiXAsXVXyVmDKFNvksoZz&tkey=bqSbBKSUnnhMPViET2buaJ7u&vkey=DSFtXKkiaqXteD5VgQnNspHWdB&arid=d946daa71-97df-499e-a9ab-75568ecd48b3&awid=fb0be6c6-cefe-40ec-a4d3-bcce539e562e&sourceId=sfp&renderInPlace=false&placementIndex=1&twidth=170&theight=89&action=clickout&isVast=false&renderOffset=0&renderLatency=328.770000487566&type=impression&byscroll=0&ploc=https%253A%252F%252Fwww.zdnet.com%252Farticle%252Femotet-todays-most-dangerous-botnet-comes-back-to-life%252F&umtime=1568745530887&version=746-176aa931-eu&mrid=64387590-d97a-11e9-8117-219be1c6cca7&bidId=NO_BID_ID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.151.89 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-3-223-151-89.compute-1.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 18:38:51 GMT
Server: nginx/1.4.6 (Ubuntu)
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif

GET
H2 204 social
trc.taboola.com/cbsinteractive-zdnet/log/3/ 0
195 B 47ms
46ms Image
image/gif 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/cbsinteractive-zdnet/log/3/social?route=AM:AM:V&lti=deflated&ri=94d424fe4da67a88dc32de5ad60f8249&sd=v2_2a760d474cb939c5eca3b20f4ceb7d19_01b05eb3-b1e4-413f-88d4-146efaa2c788-tuct47aadba_1568745530_1568745530_CNawjgYQzro_GPvGlITULSABKAEwTTin8g1AsI0QSOe-HlC9tTJYAWAA&pi=/article/emotet-todays-most-dangerous-botnet-comes-back-to-life&wi=4189212775641716614&pt=text&vi=1568745530235&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22w%22%2C%22tp%22%3A%22custom-share%22%2C%22nm%22%3A%22facebook%22%2C%22c%22%3A2%2C%22m%22%3A%22stp%22%7D%2C%7B%22i%22%3A%22w%22%2C%22tp%22%3A%22custom-link%22%2C%22nm%22%3A%22twitter%22%2C%22c%22%3A2%2C%22m%22%3A%22stp%22%7D%2C%7B%22i%22%3A%22w%22%2C%22tp%22%3A%22widget%22%2C%22nm%22%3A%22twitter%22%2C%22c%22%3A6%2C%22m%22%3A%22stp%22%7D%2C%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22%22%2C%22sec%22%3A%22%22%2C%22aut%22%3A%22%22%2C%22img%22%3A%22%22%2C%22v%22%3A13%7D%5D%7D&tim=20%3A38%3A50.889&id=4855&llvl=1&cv=20190911-24-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Sep 2019 18:38:50 GMT
via: 1.1 varnish
server: nginx
x-timer: S1568745531.910954,VS0,VE9
x-served-by: cache-hhn4021-HHN
status: 204
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 social
trc.taboola.com/cbsinteractive-zdnet/log/3/ 0
121 B 46ms
46ms Image
image/gif 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/cbsinteractive-zdnet/log/3/social?route=AM:AM:V&lti=deflated&ri=94d424fe4da67a88dc32de5ad60f8249&sd=v2_2a760d474cb939c5eca3b20f4ceb7d19_01b05eb3-b1e4-413f-88d4-146efaa2c788-tuct47aadba_1568745530_1568745530_CNawjgYQzro_GPvGlITULSABKAEwTTin8g1AsI0QSOe-HlC9tTJYAWAA&pi=/article/emotet-todays-most-dangerous-botnet-comes-back-to-life&wi=4189212775641716614&pt=text&vi=1568745530235&st=social-visible&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22w%22%2C%22tp%22%3A%22custom-share%22%2C%22nm%22%3A%22facebook%22%2C%22c%22%3A1%2C%22ln%22%3A%22above-fold%22%2C%22lx%22%3A362%2C%22ly%22%3A413%2C%22m%22%3A%22stp%22%2C%22v%22%3A3%7D%5D%7D&tim=20%3A38%3A50.890&id=8587&llvl=1&cv=20190911-24-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Sep 2019 18:38:50 GMT
via: 1.1 varnish
server: nginx
x-timer: S1568745531.910924,VS0,VE8
x-served-by: cache-hhn4021-HHN
status: 204
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 social
trc.taboola.com/cbsinteractive-zdnet/log/3/ 0
54 B 46ms
46ms Image
image/gif 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/cbsinteractive-zdnet/log/3/social?route=AM:AM:V&lti=deflated&ri=94d424fe4da67a88dc32de5ad60f8249&sd=v2_2a760d474cb939c5eca3b20f4ceb7d19_01b05eb3-b1e4-413f-88d4-146efaa2c788-tuct47aadba_1568745530_1568745530_CNawjgYQzro_GPvGlITULSABKAEwTTin8g1AsI0QSOe-HlC9tTJYAWAA&pi=/article/emotet-todays-most-dangerous-botnet-comes-back-to-life&wi=4189212775641716614&pt=text&vi=1568745530235&st=social-visible&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22w%22%2C%22tp%22%3A%22custom-link%22%2C%22nm%22%3A%22twitter%22%2C%22c%22%3A1%2C%22ln%22%3A%22above-fold%22%2C%22lx%22%3A670%2C%22ly%22%3A413%2C%22m%22%3A%22stp%22%2C%22v%22%3A3%7D%5D%7D&tim=20%3A38%3A50.890&id=8959&llvl=1&cv=20190911-24-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Sep 2019 18:38:50 GMT
via: 1.1 varnish
server: nginx
x-timer: S1568745531.910945,VS0,VE9
x-served-by: cache-hhn4021-HHN
status: 204
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

POST
H2 204 available Show response
trc.taboola.com/cbsinteractive-zdnet/log/3/ 0
82 B 46ms
46ms XHR
image/gif 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/cbsinteractive-zdnet/log/3/available?route=AM%3AAM%3AV&lti=deflated
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 17 Sep 2019 18:38:50 GMT
via: 1.1 varnish
server: nginx
x-timer: S1568745531.918694,VS0,VE9
x-served-by: cache-hhn4021-HHN
status: 204
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.zdnet.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 36705651170b1a00587d64d584ad7fd9.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 9 KB
9 KB 39ms
38ms Image
image/jpeg 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/36705651170b1a00587d64d584ad7fd9.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 38ac677259acf6e4ab4f2c6ae18c0e5736e28e7c0f5bd4f3275f9cf7060a5c2c

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:50 GMT
via: 1.1 varnish, 1.1 varnish
age: 1759791
edge-cache-tag: 405506049484672556970173829928655332151,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Sun, 08 Sep 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/36705651170b1a00587d64d584ad7fd9.jpg
content-length: 9036
x-served-by: cache-hhn4067-HHN, cache-hhn4021-HHN
last-modified: Thu, 08 Aug 2019 03:02:56 GMT
server: cloudinary
x-timer: S1568745531.925381,VS0,VE0
etag: "8de99b0ed1ace1eb0df8547cd4f815cd"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1

GET
H2 200 201906271700079201_birthcert.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//assets.1010010010.com/ad_images/img/ 27 KB
27 KB 39ms
39ms Image
image/jpeg 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//assets.1010010010.com/ad_images/img/201906271700079201_birthcert.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 6fd389bc57a3f801c93b2e616ed078169e90fc0875c166c044eea31874972b86

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:50 GMT
via: 1.1 varnish, 1.1 varnish
age: 179632
edge-cache-tag: 516714403944199811404806462690498596545,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Mon, 30 Sep 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//assets.1010010010.com/ad_images/img/201906271700079201_birthcert.jpg
content-length: 27566
x-served-by: cache-hhn4037-HHN, cache-hhn4021-HHN
last-modified: Fri, 30 Aug 2019 15:45:31 GMT
server: cloudinary
x-timer: S1568745531.952961,VS0,VE2
etag: "93158460c3ec78d19c15d1c63e3f0b40"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1

GET
H2 200 fcbc9e3f309b8f8e7e17552351a0afc2.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 6 KB
6 KB 55ms
53ms Image
image/jpeg 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fcbc9e3f309b8f8e7e17552351a0afc2.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cloudinary /
Resource Hash: bfd599ee1f86c272e87264dd3c4212359b55961c8765ebaa00c56f66470be5e3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:50 GMT
via: 1.1 varnish, 1.1 varnish
age: 1546890
edge-cache-tag: 432106443340093673500684119394127610470,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Mon, 30 Sep 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fcbc9e3f309b8f8e7e17552351a0afc2.jpg
content-length: 5735
x-served-by: cache-hhn4047-HHN, cache-hhn4021-HHN
last-modified: Fri, 30 Aug 2019 20:18:48 GMT
server: cloudinary
x-timer: S1568745531.959842,VS0,VE1
etag: "ed0b0d0ae0544f72f2bdefb2d18d64e2"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1

GET
H2 200 153d1219-ab16-4738-a397-7ac38d7aa8c8.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//storage.googleapis.com/caw-uploads/ 9 KB
9 KB 54ms
52ms Image
image/jpeg 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//storage.googleapis.com/caw-uploads/153d1219-ab16-4738-a397-7ac38d7aa8c8.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 3115fefaa6ca69c5e4b9348eeb09b6c8d2c447a2585069a8611313de0d8cd9b3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:50 GMT
via: 1.1 varnish, 1.1 varnish
age: 2048142
edge-cache-tag: 562745226484170933798080233422305021973,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Tue, 17 Sep 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//storage.googleapis.com/caw-uploads/153d1219-ab16-4738-a397-7ac38d7aa8c8.png
content-length: 8850
x-served-by: cache-hhn4045-HHN, cache-hhn4021-HHN
last-modified: Sat, 17 Aug 2019 18:02:38 GMT
server: cloudinary
x-timer: S1568745531.959828,VS0,VE1
etag: "ca2f33dc3cfa50453156d5dd849840cf"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1

GET
H2 200 ec9c7b25-b5fa-4f0c-bcc7-30d98bf5d4f1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/static/ec/ 22 KB
22 KB 55ms
53ms Image
image/jpeg 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/static/ec/ec9c7b25-b5fa-4f0c-bcc7-30d98bf5d4f1.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 4e12f8f802c581205b51d331d2c8109bbc078201451771004bc909b68ce31bca

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:50 GMT
via: 1.1 varnish, 1.1 varnish
age: 1763040
edge-cache-tag: 518885605217764317005711606514604109049,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Sat, 28 Sep 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/static/ec/ec9c7b25-b5fa-4f0c-bcc7-30d98bf5d4f1.jpg
content-length: 22508
x-served-by: cache-hhn4027-HHN, cache-hhn4021-HHN
last-modified: Wed, 28 Aug 2019 08:54:20 GMT
server: cloudinary
x-timer: S1568745531.959843,VS0,VE1
etag: "6eb46f37bb227fd6266989b087d3f4c0"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1

GET
H2 200 demo2.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.nch.com.au/wavepad/screenshots/ 13 KB
14 KB 52ms
52ms Image
image/jpeg 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.nch.com.au/wavepad/screenshots/demo2.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 5d571ac4ffe7f33b48a9bcd9b20647658982b7901f2f268ecc075a0e5d9b27c0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:50 GMT
via: 1.1 varnish, 1.1 varnish
age: 736616
edge-cache-tag: 574880663819506811546297298753132946098,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Tue, 10 Sep 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.nch.com.au/wavepad/screenshots/demo2.jpg
content-length: 13452
x-served-by: cache-hhn4078-HHN, cache-hhn4021-HHN
last-modified: Sat, 10 Aug 2019 21:02:47 GMT
server: cloudinary
x-timer: S1568745531.964497,VS0,VE1
etag: "6e848f3340f1fd553796de39cfb4aa3f"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1

GET
H2 200 She%2520Went%2520Too%2520Far%2520With%2520This%2520Revealing%2520Dress%252C%252C.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//smart-system.s3.amazonaws.com/creatives/taboola/httprfvtgb.articlesvally.comworld... 16 KB
16 KB 40ms
40ms Image
image/jpeg 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//smart-system.s3.amazonaws.com/creatives/taboola/httprfvtgb.articlesvally.comworldwideoscar-dresses/She%2520Went%2520Too%2520Far%2520With%2520This%2520Revealing%2520Dress%252C%252C.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 7b3098678b479ec0d9c6716af95d4d645cf42162d65de8067d2a8068e99d2874

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:50 GMT
via: 1.1 varnish, 1.1 varnish
age: 1972007
edge-cache-tag: 504561563630864332784854144404228134057,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Mon, 23 Sep 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//smart-system.s3.amazonaws.com/creatives/taboola/httprfvtgb.articlesvally.comworldwideoscar-dresses/She%2520Went%2520Too%2520Far%2520With%2520This%2520Revealing%2520Dress%252C%252C.png
content-length: 16159
x-served-by: cache-hhn4050-HHN, cache-hhn4021-HHN
last-modified: Fri, 23 Aug 2019 18:29:31 GMT
server: cloudinary
x-timer: S1568745531.982570,VS0,VE1
etag: "eb83262e5f8ceb122a590a7cbcc16ec7"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1

GET
H2 200 iStock-476018262_1000x600_7fa4c910efc99f00b7c27af88088ad28.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a54d8613-525c-43e2-bfbe-4a5d2fb48335/ 10 KB
10 KB 39ms
38ms Image
image/jpeg 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a54d8613-525c-43e2-bfbe-4a5d2fb48335/iStock-476018262_1000x600_7fa4c910efc99f00b7c27af88088ad28.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cloudinary /
Resource Hash: aa5ed4ff4e8496dd27def7febbed2608fb9bbad340665fb316e2680695873019

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:50 GMT
via: 1.1 varnish, 1.1 varnish
age: 2047289
edge-cache-tag: 327211753775464028678123440247850361999,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Thu, 05 Sep 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a54d8613-525c-43e2-bfbe-4a5d2fb48335/iStock-476018262_1000x600_7fa4c910efc99f00b7c27af88088ad28.png
content-length: 10065
x-served-by: cache-hhn4020-HHN, cache-hhn4021-HHN
last-modified: Mon, 05 Aug 2019 08:07:04 GMT
server: cloudinary
x-timer: S1568745531.995747,VS0,VE1
etag: "b4239eaebdbe6e6e012b6aea53c1599d"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 358ms
356ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&qs=1&ak=https%3A%2F%2Fs0.2mdn.net%2Fads%2Frichmedia%2Fstudio%2Fpv2%2F61225247%2F20190912072447544%2Findex.html%3Fe%3D69%26leftOffset%3D0%26topOffset%3D0%26c%3D4zcialji99%26t%3D1%26renderingType%3D2&i=ESSENCE_UK_EE_DCM_DISPLAY1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBny6BsNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF6GfC6Jn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=c%3FgD3W%3CA&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life%2F&id=1&f=0&j=&t=1568745530613&de=398327156354&cu=1568745530613&m=57&ar=813bf25-clean&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=7606&le=1&lf=0&lg=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=0&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=8&cd=0&ah=8&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=22783699%3A1120261%3A254773847%3A121098204&bo=zdnet.com&bd=zdnet.com&gw=essenceukeedcmdisplay403072119649&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatENV=j&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=170265&na=148403098&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:51 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 17 Sep 2019 18:38:51 GMT

GET
DATA 200
OK truncated
/ Frame B1C4 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f9a64e9d9b930d8235d699f805ed4768676e3e1ef5099032104186d2c5a510c

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame 9F3D 0
254 B 47ms
47ms Fetch
image/gif 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsunjTh0FfTjobzfPxECCxczEMyagt-9WQ18Y2k2U7Ma18XxhXPeLCg1WEc6zisYJ0dkTOs5BW8akTUWskyN2Pg5sZ83ZgFtzYtGk9MNe6wSq5swX2s3wafsGhgXyvrpyYzMaPUEaWA85LG0zrXztMgKCk0yPlwfYsplRL1xUpGMWFHsiIZMsV67bGK_TTopE-KAxb40xhi3bmGF3bVT6z7XCeB1nKTfd1cn3V4PHEgOSAfeVfjsZy9eZ8-fW1C7PkWv5G1J1kV4&sai=AMfl-YSqcM7R_ayVdG17m_YrFuQWXF2BGC-KyoQSGOywT5HSuM92VuzCKivrQ2NwQMmze3jFirTaM-D-8FBGmdHUxtnzXHoGIEb_aDFHC2IcQA&sig=Cg0ArKJSzEIU8rGnFvf0EAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Sep 2019 18:38:50 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0
expires: Tue, 17 Sep 2019 18:38:50 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9F3D 78 KB
29 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

bc75cfa9ea1dd6b85931d3637e76b4774ac0c77f55deef27243a7725f51df67f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568632677987726"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 29651
x-xss-protection: 0
expires: Tue, 17 Sep 2019 18:38:50 GMT

GET
H/1.1 200
OK moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame 9F3D 307 KB
103 KB 36ms
36ms Script
application/x-javascript 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019090901.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2b53e383b81263b9e529c236116454190c04d520031d5f4abaf5e4df40805cd5

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 18:38:50 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Aug 2019 14:24:12 GMT
Server: AmazonS3
x-amz-request-id: E0666504BD3BC5C0
ETag: "25556c1ffa69be6c7e1c3ae5e4fe3fb0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=41066
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 104539
x-amz-id-2: j3ST4nTUJtVQdALFxWJWN0r+yyWNfia0N3yoOrhXmvF4Gyo7xeTirTrgbpU0lvcAFtKUw3P1Azs=

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame C0B5 0
254 B 44ms
43ms Fetch
image/gif 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu7QlXBzZYIpSn7452fAS_wozXv1DaJnANCMMV8FBXoSKtVcTN6f9pVonZNo8mI3nvWUgZeASOmTNfR-mv2-ISt8Uojf20ggrPT7ekwuvzeyZFKsKTEjNEuN-rJrHvpQcmgxgooYGoK8_bspjgH_S-pC9ZJ-30gHDUJA5vQhpHp0rBELjXJpJIT9t_RDtmYGYMLU0IOz1eWgZ8zJenyREUItvBHPm7_jYvtzQbf87D6GP4Ut2TpGGw_k-5w_oodUOFTxiYhp7yN&sai=AMfl-YSbjcXEJpCr0a_268tLlhraN4-0JnkT5sfkkXbjErDlF-yIJ7mLw71EcRvyU0ok3yQFjpqEvGkGzfEGdP4hwTjNyBK1cz5tMxmBBf7wQQ&sig=Cg0ArKJSzGNpJV4Uob9DEAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Sep 2019 18:38:50 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0
expires: Tue, 17 Sep 2019 18:38:50 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame C0B5 78 KB
29 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

bc75cfa9ea1dd6b85931d3637e76b4774ac0c77f55deef27243a7725f51df67f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568632677987726"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 29651
x-xss-protection: 0
expires: Tue, 17 Sep 2019 18:38:50 GMT

GET
H/1.1 200
OK moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame C0B5 307 KB
103 KB 40ms
40ms Script
application/x-javascript 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019090901.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2b53e383b81263b9e529c236116454190c04d520031d5f4abaf5e4df40805cd5

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 18:38:50 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Aug 2019 14:24:12 GMT
Server: AmazonS3
x-amz-request-id: E0666504BD3BC5C0
ETag: "25556c1ffa69be6c7e1c3ae5e4fe3fb0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=41066
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 104539
x-amz-id-2: j3ST4nTUJtVQdALFxWJWN0r+yyWNfia0N3yoOrhXmvF4Gyo7xeTirTrgbpU0lvcAFtKUw3P1Azs=

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 28A4 77 KB
29 KB 44ms
42ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019090901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

31689f8d6eb1b3893de316c482b745b5fc7f0ee5408f7e86ec0e20c320e6b1c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568632677987726"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 29135
x-xss-protection: 0
expires: Tue, 17 Sep 2019 18:38:51 GMT

POST
H/1.1 200
OK domains Show response
api.viglink.com/api/ 100 B
780 B 103ms
37ms XHR
text/javascript 52.49.176.73
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viglink.com/api/domains
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.176.73 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-49-176-73.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: dd9d61a6981817359f9429d8f5e8fa4752da39a18cda2b528e633b9174a01af0

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:50 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://www.zdnet.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 100
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK pixel.gif
essenceukeedcmdisplay403072119649.s.moatpixel.com/ 43 B
409 B 155ms
44ms Image
image/gif 23.58.219.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://essenceukeedcmdisplay403072119649.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=8&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=22783699&L2id=1120261&L3id=254773847&L4id=121098204&S1id=zdnet.com&S2id=zdnet.com&ord=1568745530613&r=398327156354&t=meas&os=0&fi2=0&div1=0&ait=0&bedc=1&q=1&BSD=Unsafe%20-%20Inappropriate%20Content&BSC=moat_unsafe,gv_crime,gv_download,gs_tech_computing&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.58.219.40 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-58-219-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:51 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 17 Sep 2019 18:38:51 GMT

GET
H/1.1 200
OK pixel.gif
essenceukeedcmdisplay403072119649.s.moatpixel.com/ 43 B
409 B 154ms
43ms Image
image/gif 23.58.219.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://essenceukeedcmdisplay403072119649.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=8&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=22783699&L2id=1120261&L3id=254773847&L4id=121098204&S1id=zdnet.com&S2id=zdnet.com&ord=1568745530613&r=398327156354&t=nht&os=0&fi2=0&div1=0&ait=0&bedc=1&q=2&BSD=Unsafe%20-%20Inappropriate%20Content&BSC=moat_unsafe,gv_crime,gv_download,gs_tech_computing&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.58.219.40 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-58-219-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:51 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 17 Sep 2019 18:38:51 GMT

GET
H/1.1 200
OK pixel.gif
essenceukeedcmdisplay403072119649.s.moatpixel.com/ 43 B
409 B 155ms
44ms Image
image/gif 23.58.219.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://essenceukeedcmdisplay403072119649.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=8&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=22783699&L2id=1120261&L3id=254773847&L4id=121098204&S1id=zdnet.com&S2id=zdnet.com&ord=1568745530613&r=398327156354&t=bs&os=0&fi2=0&div1=0&ait=0&bedc=1&q=3&BSD=Unsafe%20-%20Inappropriate%20Content&BSC=moat_unsafe,gv_crime,gv_download,gs_tech_computing&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.58.219.40 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-58-219-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:51 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 17 Sep 2019 18:38:51 GMT

GET
H/1.1 200
OK pixel.gif
essenceukeedcmdisplay403072119649.s.moatpixel.com/ 43 B
409 B 156ms
45ms Image
image/gif 23.58.219.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://essenceukeedcmdisplay403072119649.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=2&fi=0&apd=3&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=22783699&L2id=1120261&L3id=255232887&L4id=121098198&S1id=zdnet.com&S2id=zdnet.com&ord=1568745530684&r=764739222998&t=meas&os=1&fi2=0&div1=0&ait=0&bedc=1&q=1&BSD=Unsafe%20-%20Inappropriate%20Content&BSC=moat_unsafe,gv_crime,gv_download,gs_tech_computing&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.58.219.40 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-58-219-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:51 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 17 Sep 2019 18:38:51 GMT

GET
H/1.1 200
OK pixel.gif
essenceukeedcmdisplay403072119649.s.moatpixel.com/ 43 B
409 B 156ms
44ms Image
image/gif 23.58.219.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://essenceukeedcmdisplay403072119649.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=2&fi=0&apd=3&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=22783699&L2id=1120261&L3id=255232887&L4id=121098198&S1id=zdnet.com&S2id=zdnet.com&ord=1568745530684&r=764739222998&t=nht&os=1&fi2=0&div1=0&ait=0&bedc=1&q=2&BSD=Unsafe%20-%20Inappropriate%20Content&BSC=moat_unsafe,gv_crime,gv_download,gs_tech_computing&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.58.219.40 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-58-219-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:51 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 17 Sep 2019 18:38:51 GMT

GET
H/1.1 200
OK pixel.gif
essenceukeedcmdisplay403072119649.s.moatpixel.com/ 43 B
409 B 145ms
44ms Image
image/gif 23.58.219.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://essenceukeedcmdisplay403072119649.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=2&fi=0&apd=3&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=22783699&L2id=1120261&L3id=255232887&L4id=121098198&S1id=zdnet.com&S2id=zdnet.com&ord=1568745530684&r=764739222998&t=bs&os=1&fi2=0&div1=0&ait=0&bedc=1&q=3&BSD=Unsafe%20-%20Inappropriate%20Content&BSC=moat_unsafe,gv_crime,gv_download,gs_tech_computing&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.58.219.40 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-58-219-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:51 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 17 Sep 2019 18:38:51 GMT

GET
H/1.1 200
OK pixel.gif
essenceukeedcmdisplay403072119649.s.moatpixel.com/ 43 B
409 B 49ms
48ms Image
image/gif 23.58.219.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://essenceukeedcmdisplay403072119649.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=3&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=22783699&L2id=1120261&L3id=254773775&L4id=121138465&S1id=zdnet.com&S2id=zdnet.com&ord=1568745530763&r=184510489852&t=meas&os=0&fi2=0&div1=0&ait=0&bedc=1&q=1&BSD=Unsafe%20-%20Inappropriate%20Content&BSC=moat_unsafe,gv_crime,gv_download,gs_tech_computing&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.58.219.40 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-58-219-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:51 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 17 Sep 2019 18:38:51 GMT

GET
H/1.1 200
OK pixel.gif
essenceukeedcmdisplay403072119649.s.moatpixel.com/ 43 B
409 B 49ms
47ms Image
image/gif 23.58.219.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://essenceukeedcmdisplay403072119649.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=3&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=22783699&L2id=1120261&L3id=254773775&L4id=121138465&S1id=zdnet.com&S2id=zdnet.com&ord=1568745530763&r=184510489852&t=nht&os=0&fi2=0&div1=0&ait=0&bedc=1&q=2&BSD=Unsafe%20-%20Inappropriate%20Content&BSC=moat_unsafe,gv_crime,gv_download,gs_tech_computing&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.58.219.40 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-58-219-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:51 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 17 Sep 2019 18:38:51 GMT

GET
H/1.1 200
OK pixel.gif
essenceukeedcmdisplay403072119649.s.moatpixel.com/ 43 B
409 B 48ms
47ms Image
image/gif 23.58.219.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://essenceukeedcmdisplay403072119649.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=3&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=22783699&L2id=1120261&L3id=254773775&L4id=121138465&S1id=zdnet.com&S2id=zdnet.com&ord=1568745530763&r=184510489852&t=bs&os=0&fi2=0&div1=0&ait=0&bedc=1&q=3&BSD=Unsafe%20-%20Inappropriate%20Content&BSC=moat_unsafe,gv_crime,gv_download,gs_tech_computing&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.58.219.40 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-58-219-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:51 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 17 Sep 2019 18:38:51 GMT

GET
H/1.1 200
OK pixel.gif
essenceukeedcmdisplay403072119649.s.moatpixel.com/ 43 B
409 B 48ms
47ms Image
image/gif 23.58.219.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://essenceukeedcmdisplay403072119649.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=256&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=22783699&L2id=1120261&L3id=254773847&L4id=121098204&S1id=zdnet.com&S2id=zdnet.com&ord=1568745530613&r=398327156354&t=hdn&os=0&fi2=0&div1=0&ait=0&bedc=1&q=4&BSD=Unsafe%20-%20Inappropriate%20Content&BSC=moat_unsafe,gv_crime,gv_download,gs_tech_computing&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.58.219.40 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-58-219-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:51 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 17 Sep 2019 18:38:51 GMT

GET
H/1.1 200
OK pixel.gif
essenceukeedcmdisplay403072119649.s.moatpixel.com/ 43 B
409 B 49ms
48ms Image
image/gif 23.58.219.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://essenceukeedcmdisplay403072119649.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=250&fi=0&apd=251&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=22783699&L2id=1120261&L3id=255232887&L4id=121098198&S1id=zdnet.com&S2id=zdnet.com&ord=1568745530684&r=764739222998&t=hdn&os=1&fi2=0&div1=0&ait=124&bedc=1&q=4&BSD=Unsafe%20-%20Inappropriate%20Content&BSC=moat_unsafe,gv_crime,gv_download,gs_tech_computing&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.58.219.40 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-58-219-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:51 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 17 Sep 2019 18:38:51 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
409 B 136ms
45ms Image
image/gif 23.58.219.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=5&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=25299489&L2id=251370729&L3id=241984809&L4id=75375443409&S1id=23605329&S2id=23619609&ord=1568745531051&r=86978328756&t=meas&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=2deadd63-948e-47d6-8788-a047a60ccf51&zMoatCURL=zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life&zMoatPS=bottom&zMoatPT=article&bedc=1&q=1&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.58.219.40 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-58-219-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:51 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 17 Sep 2019 18:38:51 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
409 B 104ms
43ms Image
image/gif 23.58.219.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=5&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=25299489&L2id=251370729&L3id=241984809&L4id=75375443409&S1id=23605329&S2id=23619609&ord=1568745531051&r=86978328756&t=nht&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=2deadd63-948e-47d6-8788-a047a60ccf51&zMoatCURL=zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life&zMoatPS=bottom&zMoatPT=article&bedc=1&q=2&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.58.219.40 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-58-219-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:51 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 17 Sep 2019 18:38:51 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame BD60 0
0 256ms
256ms Document
text/html 2a00:1450:4001:809::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1991679624331369&output=html&h=250&slotname=8385808081&adk=418362401&adf=1742708721&w=300&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life%2F&ea=0&flash=0&wgl=1&dt=1568745530820&bpp=15&bdt=1081&fdt=254&idt=254&shv=r20190916&cbv=r20190131&saldr=sa&correlator=3451259352070&frm=23&ife=5&pv=2&ga_vid=1326555442.1568745531&ga_sid=1568745531&ga_hid=166527605&ga_fc=0&iag=3&icsg=10600&nhd=1&dssz=18&mdo=0&mso=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1043&ady=3523&biw=1585&bih=1200&isw=300&ish=250&ifk=3897452198&scr_x=0&scr_y=0&eid=21064339%2C21064505&oid=3&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=20&bc=31&ifi=1&uci=1.dvobn4d90bco&fsb=1&dtd=270

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190916/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1991679624331369&output=html&h=250&slotname=8385808081&adk=418362401&adf=1742708721&w=300&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life%2F&ea=0&flash=0&wgl=1&dt=1568745530820&bpp=15&bdt=1081&fdt=254&idt=254&shv=r20190916&cbv=r20190131&saldr=sa&correlator=3451259352070&frm=23&ife=5&pv=2&ga_vid=1326555442.1568745531&ga_sid=1568745531&ga_hid=166527605&ga_fc=0&iag=3&icsg=10600&nhd=1&dssz=18&mdo=0&mso=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1043&ady=3523&biw=1585&bih=1200&isw=300&ish=250&ifk=3897452198&scr_x=0&scr_y=0&eid=21064339%2C21064505&oid=3&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=20&bc=31&ifi=1&uci=1.dvobn4d90bco&fsb=1&dtd=270
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUmLL_fA7Fx1Mu4qcoz_MAy24aIkUkqglmbJ0EOfJI1YOFaubeg11EwV93D_
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 17 Sep 2019 18:38:51 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame B1C4 77 KB
29 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190916/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

31689f8d6eb1b3893de316c482b745b5fc7f0ee5408f7e86ec0e20c320e6b1c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568632677987726"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 29135
x-xss-protection: 0
expires: Tue, 17 Sep 2019 18:38:51 GMT

GET
H/1.1 200
OK butler
b.sharethrough.com/ 0
154 B 142ms
141ms Image
image/gif 3.223.151.89
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b.sharethrough.com/butler?bwidth=1600&bheight=1200&pwidth=770&pheight=131&pxoff=208&pyoff=2810&pkey=8ec3a4f3&ckey=sfp-DSLY5QiXAsXVXyVmDKFNvksoZz&tkey=bqSbBKSUnnhMPViET2buaJ7u&vkey=DSFtXKkiaqXteD5VgQnNspHWdB&arid=d946daa71-97df-499e-a9ab-75568ecd48b3&awid=fb0be6c6-cefe-40ec-a4d3-bcce539e562e&sourceId=sfp&renderInPlace=false&placementIndex=1&twidth=170&theight=89&action=clickout&isVast=false&responseTime=59.92500018328428&type=moatLatency&byscroll=0&ploc=https%253A%252F%252Fwww.zdnet.com%252Farticle%252Femotet-todays-most-dangerous-botnet-comes-back-to-life%252F&umtime=1568745531157&version=746-176aa931-eu&mrid=64387590-d97a-11e9-8117-219be1c6cca7&bidId=NO_BID_ID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.151.89 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-3-223-151-89.compute-1.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 18:38:51 GMT
Server: nginx/1.4.6 (Ubuntu)
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif

GET
H/1.1 200
OK pixel.gif
essenceukeedcmdisplay403072119649.s.moatpixel.com/ 43 B
409 B 49ms
48ms Image
image/gif 23.58.219.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://essenceukeedcmdisplay403072119649.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=405&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=22783699&L2id=1120261&L3id=254773775&L4id=121138465&S1id=zdnet.com&S2id=zdnet.com&ord=1568745530763&r=184510489852&t=hdn&os=0&fi2=0&div1=0&ait=0&bedc=1&q=4&BSD=Unsafe%20-%20Inappropriate%20Content&BSC=moat_unsafe,gv_crime,gv_download,gs_tech_computing&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.58.219.40 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-58-219-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:51 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 17 Sep 2019 18:38:51 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
409 B 86ms
49ms Image
image/gif 23.58.219.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=703&tet=1085&fi=1&apd=1089&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=4557104557&L2id=2594531971&L3id=5160351794&L4id=138285768966&S1id=23605329&S2id=23619609&ord=1568745530078&r=775609886180&t=iv&os=1&fi2=0&div1=1&ait=871&zMoatVGUID=2deadd63-948e-47d6-8788-a047a60ccf51&zMoatCURL=zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life&zMoatPS=top&zMoatPT=article&bedc=1&q=5&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.58.219.40 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-58-219-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:51 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 17 Sep 2019 18:38:51 GMT

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
740 B 42ms
41ms Image
image/png 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20190911-24-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 11443
x-cache: HIT
status: 200
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: grODyaFUyHwi27S6u2hd746yPHwUf+y1im5Wn93DxT7wozhn8KMFUP712WAAG3eD1t2rnF4k3Bs=
x-served-by: cache-hhn4021-HHN
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1568745531.279713,VS0,VE0
date: Tue, 17 Sep 2019 18:38:51 GMT
x-amz-request-id: 29D722C296265892
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 47
x-cache-hits: 21319

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
409 B 47ms
47ms Image
image/gif 23.58.219.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=738&tet=1078&fi=0&apd=1080&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=29604729&L2id=2535697826&L3id=5050415262&L4id=138287922418&S1id=23605329&S2id=23619609&ord=1568745530124&r=990226233695&t=iv&os=1&fi2=0&div1=1&ait=855&zMoatVGUID=2deadd63-948e-47d6-8788-a047a60ccf51&zMoatCURL=zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life&zMoatPS=top&zMoatPT=article&bedc=1&q=4&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.58.219.40 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-58-219-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:51 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 17 Sep 2019 18:38:51 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
409 B 88ms
50ms Image
image/gif 23.58.219.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=50&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=29604729&L2id=2535697826&L3id=5050413510&L4id=138273985938&S1id=23605329&S2id=23619609&ord=1568745529947&r=664148441997&t=meas&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=2deadd63-948e-47d6-8788-a047a60ccf51&zMoatCURL=zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life&zMoatPS=top&zMoatPT=article&bedc=1&q=1&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.58.219.40 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-58-219-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:51 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 17 Sep 2019 18:38:51 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
409 B 88ms
49ms Image
image/gif 23.58.219.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=50&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=29604729&L2id=2535697826&L3id=5050413510&L4id=138273985938&S1id=23605329&S2id=23619609&ord=1568745529947&r=664148441997&t=nht&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=2deadd63-948e-47d6-8788-a047a60ccf51&zMoatCURL=zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life&zMoatPS=top&zMoatPT=article&bedc=1&q=2&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.58.219.40 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-58-219-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:51 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 17 Sep 2019 18:38:51 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/36705651170b1a00587d64d584ad7fd9.jpg
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/essenceukeedcmdisplay403072119649/moatad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 38ac677259acf6e4ab4f2c6ae18c0e5736e28e7c0f5bd4f3275f9cf7060a5c2c

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:51 GMT
via: 1.1 varnish, 1.1 varnish
age: 1759791
edge-cache-tag: 405506049484672556970173829928655332151,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Sun, 08 Sep 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/36705651170b1a00587d64d584ad7fd9.jpg
content-length: 9036
x-served-by: cache-hhn4067-HHN, cache-hhn4021-HHN
last-modified: Thu, 08 Aug 2019 03:02:56 GMT
server: cloudinary
x-timer: S1568745531.295545,VS0,VE0
etag: "8de99b0ed1ace1eb0df8547cd4f815cd"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//assets.1010010010.com/ad_images/img/201906271700079201_birthcert.jpg
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/essenceukeedcmdisplay403072119649/moatad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 6fd389bc57a3f801c93b2e616ed078169e90fc0875c166c044eea31874972b86

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:51 GMT
via: 1.1 varnish, 1.1 varnish
age: 179632
edge-cache-tag: 516714403944199811404806462690498596545,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Mon, 30 Sep 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//assets.1010010010.com/ad_images/img/201906271700079201_birthcert.jpg
content-length: 27566
x-served-by: cache-hhn4037-HHN, cache-hhn4021-HHN
last-modified: Fri, 30 Aug 2019 15:45:31 GMT
server: cloudinary
x-timer: S1568745531.316654,VS0,VE0
etag: "93158460c3ec78d19c15d1c63e3f0b40"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fcbc9e3f309b8f8e7e17552351a0afc2.jpg
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/essenceukeedcmdisplay403072119649/moatad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cloudinary /
Resource Hash: bfd599ee1f86c272e87264dd3c4212359b55961c8765ebaa00c56f66470be5e3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:51 GMT
via: 1.1 varnish, 1.1 varnish
age: 1546890
edge-cache-tag: 432106443340093673500684119394127610470,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Mon, 30 Sep 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fcbc9e3f309b8f8e7e17552351a0afc2.jpg
content-length: 5735
x-served-by: cache-hhn4047-HHN, cache-hhn4021-HHN
last-modified: Fri, 30 Aug 2019 20:18:48 GMT
server: cloudinary
x-timer: S1568745531.316601,VS0,VE0
etag: "ed0b0d0ae0544f72f2bdefb2d18d64e2"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//storage.googleapis.com/caw-uploads/153d1219-ab16-4738-a397-7ac38d7aa8c8.png
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/essenceukeedcmdisplay403072119649/moatad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 3115fefaa6ca69c5e4b9348eeb09b6c8d2c447a2585069a8611313de0d8cd9b3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:51 GMT
via: 1.1 varnish, 1.1 varnish
age: 2048142
edge-cache-tag: 562745226484170933798080233422305021973,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Tue, 17 Sep 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//storage.googleapis.com/caw-uploads/153d1219-ab16-4738-a397-7ac38d7aa8c8.png
content-length: 8850
x-served-by: cache-hhn4045-HHN, cache-hhn4021-HHN
last-modified: Sat, 17 Aug 2019 18:02:38 GMT
server: cloudinary
x-timer: S1568745531.322631,VS0,VE0
etag: "ca2f33dc3cfa50453156d5dd849840cf"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/static/ec/ec9c7b25-b5fa-4f0c-bcc7-30d98bf5d4f1.jpg
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/essenceukeedcmdisplay403072119649/moatad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 4e12f8f802c581205b51d331d2c8109bbc078201451771004bc909b68ce31bca

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:51 GMT
via: 1.1 varnish, 1.1 varnish
age: 1763040
edge-cache-tag: 518885605217764317005711606514604109049,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Sat, 28 Sep 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/static/ec/ec9c7b25-b5fa-4f0c-bcc7-30d98bf5d4f1.jpg
content-length: 22508
x-served-by: cache-hhn4027-HHN, cache-hhn4021-HHN
last-modified: Wed, 28 Aug 2019 08:54:20 GMT
server: cloudinary
x-timer: S1568745531.322680,VS0,VE0
etag: "6eb46f37bb227fd6266989b087d3f4c0"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.nch.com.au/wavepad/screenshots/demo2.jpg
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/essenceukeedcmdisplay403072119649/moatad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 5d571ac4ffe7f33b48a9bcd9b20647658982b7901f2f268ecc075a0e5d9b27c0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:51 GMT
via: 1.1 varnish, 1.1 varnish
age: 736616
edge-cache-tag: 574880663819506811546297298753132946098,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Tue, 10 Sep 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.nch.com.au/wavepad/screenshots/demo2.jpg
content-length: 13452
x-served-by: cache-hhn4078-HHN, cache-hhn4021-HHN
last-modified: Sat, 10 Aug 2019 21:02:47 GMT
server: cloudinary
x-timer: S1568745531.327164,VS0,VE0
etag: "6e848f3340f1fd553796de39cfb4aa3f"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//smart-system.s3.amazonaws.com/creatives/taboola/httprfvtgb.articlesvally.comworldwideoscar-dresses/She%2520Went%2520Too%2520Far%2520With%2520This%2520Revealing%2520Dress%252C%252C.png
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 7b3098678b479ec0d9c6716af95d4d645cf42162d65de8067d2a8068e99d2874

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:51 GMT
via: 1.1 varnish, 1.1 varnish
age: 1972007
edge-cache-tag: 504561563630864332784854144404228134057,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Mon, 23 Sep 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//smart-system.s3.amazonaws.com/creatives/taboola/httprfvtgb.articlesvally.comworldwideoscar-dresses/She%2520Went%2520Too%2520Far%2520With%2520This%2520Revealing%2520Dress%252C%252C.png
content-length: 16159
x-served-by: cache-hhn4050-HHN, cache-hhn4021-HHN
last-modified: Fri, 23 Aug 2019 18:29:31 GMT
server: cloudinary
x-timer: S1568745531.377018,VS0,VE0
etag: "eb83262e5f8ceb122a590a7cbcc16ec7"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a54d8613-525c-43e2-bfbe-4a5d2fb48335/iStock-476018262_1000x600_7fa4c910efc99f00b7c27af88088ad28.png
Requested by: Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cloudinary /
Resource Hash: aa5ed4ff4e8496dd27def7febbed2608fb9bbad340665fb316e2680695873019

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:51 GMT
via: 1.1 varnish, 1.1 varnish
age: 2047289
edge-cache-tag: 327211753775464028678123440247850361999,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Thu, 05 Sep 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a54d8613-525c-43e2-bfbe-4a5d2fb48335/iStock-476018262_1000x600_7fa4c910efc99f00b7c27af88088ad28.png
content-length: 10065
x-served-by: cache-hhn4020-HHN, cache-hhn4021-HHN
last-modified: Mon, 05 Aug 2019 08:07:04 GMT
server: cloudinary
x-timer: S1568745531.377096,VS0,VE0
etag: "b4239eaebdbe6e6e012b6aea53c1599d"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 7C42 42 B
110 B 15ms
14ms Image
image/gif 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssi45w3QSKqK4ZZUaWaKqorUVSSRKlV6XH-J6jx3y2P0325TXULW4hkEMdG_sPe3_B14Rl3MCYhDQKnj7nfH41IdGArXzTYI_dkZs966LU&sig=Cg0ArKJSzFX_vsIoLEnXEAE&adk=3751347389&tt=-1&bs=1585%2C1200&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&p=393,308,643,1278&cm=1&mcvt=1001&rs=3&ht=0&tfs=135&tls=1136&mc=1&lte=1&bas=0&bac=0&met=3&la=1&avms=nio&exg=1&md=2&lm=2&xdi=0&ps=1585%2C8270&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-1-5-3-4-4-0-0-0&tvt=1134&is=970%2C250&iframe_loc=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life%2F&r=v&id=osdim&vs=4&za&uc=5&upc=1&tgt=DIV&cl=1&lop=1&tslp=772&cec=2&clc=1&cac=1&cd=0x0&itpl=19&v=20190916

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Sep 2019 18:38:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 7C42 42 B
110 B 15ms
15ms Image
image/gif 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstNVClwhifzM7-AXTuorgeCXEW9vDi3weE735nd4O463LZ_VXlfxwcU1_KZ8N-MfDab6qC45fN9BNCFv4NWXmo&sig=Cg0ArKJSzK_NW-c1ux3WEAE&adk=3751347389&tt=-1&bs=1585%2C1200&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&p=393,308,643,1278&cm=1&mcvt=1001&rs=3&ht=0&tfs=135&tls=1136&mc=1&lte=1&bas=0&bac=0&met=3&la=1&avms=nio&exg=1&md=2&lm=2&xdi=0&ps=1585%2C8270&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-1-5-3-4-4-0-0-0&tvt=1134&is=970%2C250&iframe_loc=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life%2F&r=v&id=osdim&vs=4&za&uc=5&upc=1&tgt=DIV&cl=1&lop=1&tslp=772&cec=2&clc=1&cac=1&cd=0x0&itpl=19&v=20190916

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Sep 2019 18:38:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
409 B 44ms
43ms Image
image/gif 23.58.219.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=336&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=25299489&L2id=251370729&L3id=241984809&L4id=75375443409&S1id=23605329&S2id=23619609&ord=1568745531051&r=86978328756&t=hdn&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=2deadd63-948e-47d6-8788-a047a60ccf51&zMoatCURL=zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life&zMoatPS=bottom&zMoatPT=article&bedc=1&q=3&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.58.219.40 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-58-219-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:51 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 17 Sep 2019 18:38:51 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
409 B 58ms
57ms Image
image/gif 23.58.219.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=386&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=29604729&L2id=2535697826&L3id=5050413510&L4id=138273985938&S1id=23605329&S2id=23619609&ord=1568745529947&r=664148441997&t=hdn&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=2deadd63-948e-47d6-8788-a047a60ccf51&zMoatCURL=zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life&zMoatPS=top&zMoatPT=article&bedc=1&q=3&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.58.219.40 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-58-219-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:51 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 17 Sep 2019 18:38:51 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame CB9D 42 B
110 B 16ms
15ms Image
image/gif 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvcCZVXfNrBt540XLZ5im5-17wQgVZWGrLyk8ZKjMuYfJZncJ3B-gnCapXVER8T4lcm74MJ0_KL2UmVOOBhJaZS_OrNmTe3kdWTBFG3P0c&sig=Cg0ArKJSzPi1qNsyT2giEAE&adk=3131194116&tt=-1&bs=1585%2C1200&mtos=0,1174,1174,1174,1174&tos=0,1174,0,0,0&p=673,1043,1273,1343&cm=1&mcvt=1174&rs=0&ht=0&tfs=193&tls=1367&mc=0.87&lte=1&bas=0&bac=0&met=3&avms=nio&exg=1&md=2&lm=2&rst=1568745529694&dlt=0&rpt=358&isd=0&msd=0&xdi=0&ps=1585%2C8270&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-0-7-3-6-6-0-0-0&tvt=1365&is=300%2C600&iframe_loc=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life%2F&r=v&id=osdim&vs=4&za&uc=7&upc=1&tgt=DIV&cl=1&lop=1&tslp=493&cec=1&clc=1&cac=1&cd=0x0&itpl=19&v=20190916

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Sep 2019 18:38:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame CB9D 42 B
110 B 15ms
14ms Image
image/gif 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv8T_50XRzP59isHYQlcRwfmP4ljdqzbq0vzYmxiMVTF_3lcLv_PBRs1ZBmbTlgauTROQngqdmlRVgGViF9iiKgWw&sig=Cg0ArKJSzOw8_UPzF9gDEAE&adk=3131194116&tt=-1&bs=1585%2C1200&mtos=0,1174,1174,1174,1174&tos=0,1174,0,0,0&p=673,1043,1273,1343&cm=1&mcvt=1174&rs=0&ht=0&tfs=193&tls=1367&mc=0.87&lte=1&bas=0&bac=0&met=3&avms=nio&exg=1&md=2&lm=2&rst=1568745529694&dlt=0&rpt=358&isd=0&msd=0&xdi=0&ps=1585%2C8270&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-0-7-3-6-6-0-0-0&tvt=1365&is=300%2C600&iframe_loc=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life%2F&r=v&id=osdim&vs=4&za&uc=7&upc=1&tgt=DIV&cl=1&lop=1&tslp=494&cec=1&clc=1&cac=1&cd=0x0&itpl=19&v=20190916

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Sep 2019 18:38:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 settings.js Show response
www.lightboxcdn.com/vendor/a1583f50-579b-41d0-8c4e-1cd1790d945c/variation/var-8bfb225b-f103-49ab-955c-32d3183cf24c/ 7 KB
5 KB 19ms
17ms Script
application/javascript 2606:4700::6810:50a5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/a1583f50-579b-41d0-8c4e-1cd1790d945c/variation/var-8bfb225b-f103-49ab-955c-32d3183cf24c/settings.js?cb=637040096056673955
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/a1583f50-579b-41d0-8c4e-1cd1790d945c/user.js?cb=637040096062454060
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:50a5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe074214a9c301f8c3ba319d4bab7cba8d65164dcc2077272a9cacedf8941ae2

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 17 Sep 2019 18:38:51 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: 2VqL9ACwktkYsY/Ec2Z++Q==
age: 332598
cf-polished: origSize=7074
status: 200
last-modified: Fri, 13 Sep 2019 22:13:16 GMT
x-ms-lease-status: unlocked
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: 66634b7c-b01e-0112-5480-6a2788000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 517d3314e9978c74-VIE
expires: Wed, 16 Sep 2020 18:38:51 GMT

GET
H2 200 lightbox_builder.js Show response
www.lightboxcdn.com/vendor/a1583f50-579b-41d0-8c4e-1cd1790d945c/ Frame 5AD0 200 KB
27 KB 21ms
21ms Script
application/javascript 2606:4700::6810:50a5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/a1583f50-579b-41d0-8c4e-1cd1790d945c/lightbox_builder.js?cb=637040096056673955
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/a1583f50-579b-41d0-8c4e-1cd1790d945c/user.js?cb=637040096062454060
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:50a5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35f3de772fc88b09b9f866de6d38f50d8716aecc446bb10456585f61834ae2c8

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 17 Sep 2019 18:38:51 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: DPY02gsPpNVzBSyytYwMZw==
age: 332657
cf-polished: origSize=326600
status: 200
last-modified: Fri, 13 Sep 2019 22:13:25 GMT
x-ms-lease-status: unlocked
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: 6587d795-601e-0132-2280-6a4b44000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 517d3314f9ac8c74-VIE
expires: Wed, 16 Sep 2020 18:38:51 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 36ms
35ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=ESSENCE_UK_EE_DCM_DISPLAY1&hp=1&wf=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1568745530684&de=764739222998&m=0&ar=813bf25-clean&q=41&cb=0&ym=0&cu=1568745530684&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=22783699%3A1120261%3A255232887%3A121098198&zMoatENV=j&qs=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life%2F&id=1&bo=zdnet.com&bd=zdnet.com&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&gw=essenceukeedcmdisplay403072119649&fd=1&ac=1&it=500&ti=0&ih=1&fs=170265&na=2097783259&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:51 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 17 Sep 2019 18:38:51 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 59ms
35ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&qs=1&ak=https%3A%2F%2Fs0.2mdn.net%2Fads%2Frichmedia%2Fstudio%2Fpv2%2F61234842%2F20190912072840302%2Findex.html%3Fe%3D69%26leftOffset%3D0%26topOffset%3D0%26c%3D5WV268Zzpz%26t%3D1%26renderingType%3D2&i=ESSENCE_UK_EE_DCM_DISPLAY1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBny6BsNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF6GfC6Jn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=c%3FgD3W%3CA&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=600&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life%2F&id=1&f=0&j=&t=1568745530684&de=764739222998&cu=1568745530684&m=15&ar=813bf25-clean&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=7606&le=1&lf=0&lg=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=88&vx=88%3A-%3A-&as=0&ag=2&an=0&gf=0&gg=0&ix=0&ic=0&ez=1&aj=1&pg=88&pf=0&ib=1&cc=0&bw=2&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=3&cd=0&ah=3&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=22783699%3A1120261%3A255232887%3A121098198&bo=zdnet.com&bd=zdnet.com&gw=essenceukeedcmdisplay403072119649&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatENV=j&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=170265&na=1195874229&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:51 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 17 Sep 2019 18:38:51 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 5AD0 783 B
440 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:81a::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway

Requested by

Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/a1583f50-579b-41d0-8c4e-1cd1790d945c/lightbox_builder.js?cb=637040096056673955

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

3147026ff99804131affcb3cadbdfd49c0a07583682aefcc1198f57e2614d5b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 17 Sep 2019 18:38:51 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Tue, 17 Sep 2019 18:38:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection: 0
expires: Tue, 17 Sep 2019 18:38:51 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 351ms
350ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=ESSENCE_UK_EE_DCM_DISPLAY1&hp=1&wf=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1568745530763&de=184510489852&m=0&ar=813bf25-clean&q=44&cb=0&ym=0&cu=1568745530763&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=22783699%3A1120261%3A254773775%3A121138465&zMoatENV=j&qs=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life%2F&id=1&bo=zdnet.com&bd=zdnet.com&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&gw=essenceukeedcmdisplay403072119649&fd=1&ac=1&it=500&ti=0&ih=1&fs=170265&na=667498410&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:51 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 17 Sep 2019 18:38:51 GMT

GET
H2 200 fancybox_sprite.png
cdn.jsdelivr.net/fancybox/2.1.5/ 1 KB
1 KB 7ms
7ms Image
image/png 2a04:4e42:1b::621
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/fancybox/2.1.5/fancybox_sprite.png

Requested by

Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/a1583f50-579b-41d0-8c4e-1cd1790d945c/user.js?cb=637040096062454060

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

b9d6fddb0988440902fcfc72f371ecfa80ee2eb36073f9eebc17449ee41c886f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
status: 200
etag: W/"552-F98Z+XYo53vgnDUr8nQl+uokglE"
vary: Accept-Encoding
x-cache: HIT, HIT
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
date: Tue, 17 Sep 2019 18:38:51 GMT
accept-ranges: bytes
timing-allow-origin: *
content-length: 1362
x-served-by: cache-ams21020-AMS, cache-hhn4048-HHN

GET
H2 200 1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
fonts.gstatic.com/s/raleway/v14/ Frame 5AD0 13 KB
13 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v14/1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2

Requested by

Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/a1583f50-579b-41d0-8c4e-1cd1790d945c/user.js?cb=637040096062454060

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

7e347b66fb1145f780600551e06778b33ecaca5c45897ac90eb96eb4b6afd082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Raleway
Origin: https://www.zdnet.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 03 Sep 2019 18:08:35 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:48:04 GMT
server: sffe
age: 1211416
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 13428
x-xss-protection: 0
expires: Wed, 02 Sep 2020 18:08:35 GMT

GET
H/1.1 200
OK pixel.gif
essenceukeedcmdisplay403072119649.s.moatpixel.com/ 43 B
409 B 45ms
44ms Image
image/gif 23.58.219.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://essenceukeedcmdisplay403072119649.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=935&tet=1209&fi=0&apd=1210&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=22783699&L2id=1120261&L3id=255232887&L4id=121098198&S1id=zdnet.com&S2id=zdnet.com&ord=1568745530684&r=764739222998&t=iv&os=1&fi2=0&div1=1&ait=1083&bedc=1&q=5&BSD=Unsafe%20-%20Inappropriate%20Content&BSC=moat_unsafe,gv_crime,gv_download,gs_tech_computing&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.58.219.40 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-58-219-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:51 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 17 Sep 2019 18:38:51 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 38ms
38ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&qs=1&ak=https%3A%2F%2Fs0.2mdn.net%2Fads%2Frichmedia%2Fstudio%2Fpv2%2F61226303%2F20190912072502532%2Findex.html%3Fe%3D69%26leftOffset%3D0%26topOffset%3D0%26c%3D2kS920FJoa%26t%3D1%26renderingType%3D2&i=ESSENCE_UK_EE_DCM_DISPLAY1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBny6BsNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF6GfC6Jn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=c%3FgD3W%3CA&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=970&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life%2F&id=1&f=0&j=&t=1568745530763&de=184510489852&cu=1568745530763&m=11&ar=813bf25-clean&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=7606&le=1&lf=0&lg=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&el=1&em=0&en=0&st=0&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=3&cd=0&ah=3&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=22783699%3A1120261%3A254773775%3A121138465&bo=zdnet.com&bd=zdnet.com&gw=essenceukeedcmdisplay403072119649&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatENV=j&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=170265&na=704149481&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:52 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 17 Sep 2019 18:38:52 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 39ms
39ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&qs=1&ak=-&i=ESSENCE_UK_EE_DCM_DISPLAY1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBny6BsNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF6GfC6Jn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=c%3FgD3W%3CA&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=600&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life%2F&id=1&f=0&j=&t=1568745530684&de=764739222998&cu=1568745530684&m=1215&ar=813bf25-clean&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8270&le=1&lf=0&lg=1&lh=34&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=88&vx=88%3A88%3A-&as=1&ag=1209&an=2&gf=0&gg=0&ix=0&ic=0&ez=1&ck=1209&kw=935&aj=1&pg=88&pf=88&ib=1&cc=1&bw=1209&bx=2&ci=1209&jz=935&dj=1&aa=1&ad=1083&cn=0&gk=0&gl=0&ik=0&co=1083&cp=935&cq=1&im=0&in=0&pd=0&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=935&cd=3&ah=935&am=3&rf=0&re=1&ft=1083&fv=0&fw=1083&wb=1&cl=0&at=0&d=22783699%3A1120261%3A255232887%3A121098198&bo=zdnet.com&bd=zdnet.com&gw=essenceukeedcmdisplay403072119649&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatENV=j&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=170265&na=1725657561&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:52 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 17 Sep 2019 18:38:52 GMT

GET
H2 200 t.gif
www.lightboxcdn.com/z9g/ 35 B
323 B 16ms
15ms Image
image/gif 2606:4700::6810:50a5
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.lightboxcdn.com/z9g/t.gif?c=1568745532390&h=www.zdnet.com&e=i&u=40913&b=193988&v=2544&s=2836
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:50a5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 17 Sep 2019 18:38:52 GMT
cf-cache-status: HIT
content-md5: KNaBTzCeoon4R8ac+RGUxg==
age: 992259
cf-polished: status=not_needed
x-ms-meta-cbmodifiedtime: Tue, 26 Feb 2019 00:59:40 GMT
status: 200
content-length: 35
x-ms-lease-status: unlocked
last-modified: Tue, 26 Feb 2019 01:15:02 GMT
server: cloudflare
etag: 0x8D69B87D5A1B25F
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
x-ms-request-id: 48b7eafb-401e-010c-457d-f6fd65000000
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 517d33197dba8c74-VIE
cf-bgj: imgq:85

GET
H/1.1 200
OK utsync.ashx Show response
ml314.com/ Frame 7C2D 793 B
1 KB 108ms
42ms Script
application/javascript 34.247.144.106
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=50070&ct=js&pi=&fp=&clid=&if=1&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life%2F&pv=1568745530064_ksvmcwukh&bl=en-us&cb=7110252&return=&ht=&d=&dc=&si=1568745530064_ksvmcwukh&cid=&s=1600x1200&rp=
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?1782019
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.144.106 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-247-144-106.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 950ce64ffdbf507d05cdde79fb4b8fb07e6d8638b6449c5ddf7230a95dc1df03

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:53 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
p3P: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control: private
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 484
Expires: 0

GET
H/1.1 200
OK ud.ashx Show response
in.ml314.com/ Frame 7C2D 20 B
698 B 383ms
180ms Script
application/javascript 35.175.13.58
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://in.ml314.com/ud.ashx?topiclimit=&cb=1782019
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?1782019
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.175.13.58 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-175-13-58.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 18:38:52 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, no-cache="set-cookie"
Connection: keep-alive
Content-Length: 138
Expires: Wed, 18 Sep 2019 18:38:53 GMT

GET
H/1.1

200
OK

csync.ashx
ml314.com/ Frame 7C2D
Redirect Chain

https://tags.bluekai.com/site/20486?limit=0&id=5978151498354675946&redir=https://ml314.com/csync.ashx%3Ffp=$_BK_UUID%26person_id=5978151498354675946%26eid=50056
https://ml314.com/csync.ashx?fp=mhmBvQ99999fK%2Fa5&person_id=5978151498354675946&eid=50056

43 B
312 B

58ms
36ms

Image
image/gif

34.247.144.106
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=mhmBvQ99999fK%2Fa5&person_id=5978151498354675946&eid=50056
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.144.106 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-247-144-106.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 18:38:52 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Content-Length: 43
Expires: Wed, 18 Sep 2019 14:38:53 GMT

Redirect headers

Location: https://ml314.com/csync.ashx?fp=mhmBvQ99999fK%2Fa5&person_id=5978151498354675946&eid=50056
Date: Tue, 17 Sep 2019 18:38:53 GMT
Connection: keep-alive
Content-Length: 0
BK-Server: 9b47
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1

200
OK

csync.ashx
ml314.com/ Frame 7C2D
Redirect Chain

https://idsync.rlcdn.com/395886.gif?partner_uid=5978151498354675946
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTNTk3ODE1MTQ5ODM1NDY3NTk0NhAAGg0IvdCE7AUSBQjoBxAAQgBKAA
https://ml314.com/csync.ashx?fp=&person_id=5978151498354675946&eid=50082

43 B
312 B

34ms
34ms

Image
image/gif

34.247.144.106
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=&person_id=5978151498354675946&eid=50082
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.144.106 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-247-144-106.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 18:38:52 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Content-Length: 43
Expires: Wed, 18 Sep 2019 14:38:53 GMT

Redirect headers

date: Tue, 17 Sep 2019 18:38:53 GMT
via: 1.1 google
status: 307
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ml314.com/csync.ashx?fp=&person_id=5978151498354675946&eid=50082
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H/1.1

200
OK

csync.ashx
ml314.com/ Frame 7C2D
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https://ml314.com/csync.ashx%3Ffp=[MM_UUID]%26person_id=5978151498354675946%26eid=50220
https://pixel.mathtag.com/sync/img?redir=https://ml314.com/csync.ashx%3Ffp=[MM_UUID]%26person_id=5978151498354675946%26eid=50220&mm_bnc&mm_bct&UUID=b7f15d81-2273-4200-be6f-034dbfae528d
https://ml314.com/csync.ashx?fp=b7f15d81-2273-4200-be6f-034dbfae528d&person_id=5978151498354675946&eid=50220

43 B
312 B

46ms
45ms

Image
image/gif

34.247.144.106
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=b7f15d81-2273-4200-be6f-034dbfae528d&person_id=5978151498354675946&eid=50220
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.144.106 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-247-144-106.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 18:38:53 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Content-Length: 43
Expires: Wed, 18 Sep 2019 14:38:53 GMT

Redirect headers

Date: Tue, 17 Sep 2019 18:38:53 GMT
Server: MT3 1710 796a9e3 master zrh-pixel-x23
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://ml314.com/csync.ashx?fp=b7f15d81-2273-4200-be6f-034dbfae528d&person_id=5978151498354675946&eid=50220
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Tue, 17 Sep 2019 18:38:52 GMT

GET
H/1.1

200
OK

csync.ashx
ml314.com/ Frame 7C2D
Redirect Chain

https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D5978151498354675946
https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D5978151498354675946
https://ml314.com/csync.ashx?fp=54a1289d7cc772f1b362e0b6201ea5b2&eid=50146&person_id=5978151498354675946

43 B
312 B

34ms
34ms

Image
image/gif

34.247.144.106
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=54a1289d7cc772f1b362e0b6201ea5b2&eid=50146&person_id=5978151498354675946
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.144.106 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-247-144-106.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 18:38:53 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Content-Length: 43
Expires: Wed, 18 Sep 2019 14:38:53 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:53 GMT
P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Location: https://ml314.com/csync.ashx?fp=54a1289d7cc772f1b362e0b6201ea5b2&eid=50146&person_id=5978151498354675946
Cache-Control: no-cache
X-Server: 10.45.1.50
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame 7C2D
Redirect Chain

https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif
https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif
https://ml314.com/utsync.ashx?eid=50052&et=0&fp=218mhpPjlMmKCGGfB9GkKysOSSQ4PIuc570xlOSQWdfM&gdpr=1&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil
https://ml314.com/csync.ashx?fp=218mhpPjlMmKCGGfB9GkKysOSSQ4PIuc570xlOSQWdfM&person_id=5978151498354675946&eid=50052&return=https%3a%2f%2fps.eyeota.net%2fmatch%3fbid%3dr8hrb20%26uid%3dnil
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil

70 B
171 B

136ms
136ms

Image
image/gif

18.195.52.121
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=r8hrb20&uid=nil
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.195.52.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-195-52-121.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 18:38:53 GMT
Content-Length: 70
Content-Type: image/gif

Redirect headers

Date: Tue, 17 Sep 2019 18:38:52 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/html; charset=utf-8
Location: https://ps.eyeota.net/match?bid=r8hrb20&uid=nil
Cache-Control: private
Connection: keep-alive
Content-Length: 168
Expires: Wed, 18 Sep 2019 14:38:53 GMT

GET
H/1.1 200
OK pixel.gif
essenceukeedcmdisplay403072119649.s.moatpixel.com/ 43 B
409 B 89ms
89ms Image
image/gif 23.58.219.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://essenceukeedcmdisplay403072119649.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=5107&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=22783699&L2id=1120261&L3id=254773847&L4id=121098204&S1id=zdnet.com&S2id=zdnet.com&ord=1568745530613&r=398327156354&t=page5&os=0&fi2=0&div1=0&ait=0&bedc=1&q=5&BSD=Unsafe%20-%20Inappropriate%20Content&BSC=moat_unsafe,gv_crime,gv_download,gs_tech_computing&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.58.219.40 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-58-219-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:55 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 17 Sep 2019 18:38:55 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 86ms
74ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&qs=1&ak=-&i=ESSENCE_UK_EE_DCM_DISPLAY1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBny6BsNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF6GfC6Jn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=c%3FgD3W%3CA&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=600&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life%2F&id=1&f=0&j=&t=1568745530684&de=764739222998&cu=1568745530684&m=5077&ar=813bf25-clean&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8270&le=1&lf=0&lg=1&lh=34&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=88&vx=88%3A88%3A-&as=1&ag=5071&an=1209&gf=0&gg=0&ix=0&ic=0&ez=1&ck=1209&kw=935&aj=1&pg=88&pf=88&ib=1&cc=1&bw=5071&bx=1209&ci=1209&jz=935&dj=1&aa=1&ad=4945&cn=1083&gk=0&gl=0&ik=0&co=1083&cp=935&cq=1&im=0&in=0&pd=0&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4864&cd=935&ah=4864&am=935&rf=0&re=1&ft=4945&fv=1083&fw=1083&wb=1&cl=0&at=0&d=22783699%3A1120261%3A255232887%3A121098198&bo=zdnet.com&bd=zdnet.com&gw=essenceukeedcmdisplay403072119649&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatENV=j&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=170265&na=296482020&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:55 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 17 Sep 2019 18:38:55 GMT

GET
H/1.1 200
OK pixel.gif
essenceukeedcmdisplay403072119649.s.moatpixel.com/ 43 B
409 B 86ms
74ms Image
image/gif 23.58.219.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://essenceukeedcmdisplay403072119649.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=935&tet=5071&fi=0&apd=5072&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=22783699&L2id=1120261&L3id=255232887&L4id=121098198&S1id=zdnet.com&S2id=zdnet.com&ord=1568745530684&r=764739222998&t=page5&os=1&fi2=0&div1=1&ait=4945&bedc=1&q=6&BSD=Unsafe%20-%20Inappropriate%20Content&BSC=moat_unsafe,gv_crime,gv_download,gs_tech_computing&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.58.219.40 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-58-219-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:55 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 17 Sep 2019 18:38:55 GMT

GET
H/1.1 200
OK pixel.gif
essenceukeedcmdisplay403072119649.s.moatpixel.com/ 43 B
409 B 60ms
60ms Image
image/gif 23.58.219.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://essenceukeedcmdisplay403072119649.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=5121&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=22783699&L2id=1120261&L3id=254773775&L4id=121138465&S1id=zdnet.com&S2id=zdnet.com&ord=1568745530763&r=184510489852&t=page5&os=0&fi2=0&div1=0&ait=0&bedc=1&q=5&BSD=Unsafe%20-%20Inappropriate%20Content&BSC=moat_unsafe,gv_crime,gv_download,gs_tech_computing&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.58.219.40 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-58-219-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:55 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 17 Sep 2019 18:38:55 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 36ms
35ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&qs=1&ak=-&i=ESSENCE_UK_EE_DCM_DISPLAY1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBny6BsNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF6GfC6Jn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=c%3FgD3W%3CA&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life%2F&id=1&f=0&j=&t=1568745530613&de=398327156354&cu=1568745530613&m=5348&ar=813bf25-clean&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8270&le=1&lf=0&lg=1&lh=62&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5107&cd=8&ah=5107&am=8&rf=0&re=1&wb=1&cl=0&at=0&d=22783699%3A1120261%3A254773847%3A121098204&bo=zdnet.com&bd=zdnet.com&gw=essenceukeedcmdisplay403072119649&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatENV=j&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=170265&na=1522229546&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:55 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 17 Sep 2019 18:38:55 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 36ms
36ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&qs=1&ak=-&i=ESSENCE_UK_EE_DCM_DISPLAY1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBny6BsNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF6GfC6Jn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=c%3FgD3W%3CA&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=970&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life%2F&id=1&f=0&j=&t=1568745530763&de=184510489852&cu=1568745530763&m=5331&ar=813bf25-clean&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8270&le=1&lf=0&lg=1&lh=98&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5121&cd=3&ah=5121&am=3&rf=0&re=1&wb=1&cl=0&at=0&d=22783699%3A1120261%3A254773775%3A121138465&bo=zdnet.com&bd=zdnet.com&gw=essenceukeedcmdisplay403072119649&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatENV=j&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=170265&na=735820768&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:56 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 17 Sep 2019 18:38:56 GMT

GET
H2 200 / Show response
www.zdnet.com/homepage/xhr/ 258 KB
28 KB 186ms
186ms XHR
application/json 23.210.249.64
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/homepage/xhr/

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.210.249.64 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a23-210-249-64.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

bce545729cb1ecd38b9f1c1d0aecd4da6b5f2a73c7d2bfc39506d7e21fb12a2e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .zdnet.com .ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
X-NewRelic-ID: UQIHWFZXGwIDXFdRAAYDVw==
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
X-Requested-With: XMLHttpRequest
Sec-Fetch-Mode: cors

Response headers

content-security-policy: frame-ancestors 'self' *.zdnet.com *.ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding, User-Agent
content-length: 27479
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 17 Sep 2019 18:08:53 GMT
server: nginx
x-frame-options: SAMEORIGIN
date: Tue, 17 Sep 2019 18:38:58 GMT
expect-ct: max-age=0, report-uri="https://7a8f8748a40805618a61b617481a6ebc.report-uri.com/r/d/ct/reportOnly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-tx-id: b5398c72-3700-44c1-b942-c6195f22cff9
content-type: application/json
access-control-allow-origin: https://www.zdnet.com
cache-control: max-age=5400, private
accept-ranges: bytes
expires: Tue, 17 Sep 2019 19:38:53 GMT

GET
H2 200 ring.gif
zdnet1.cbsistatic.com/fly/1568650970-fly/bundles/zdnetcss/images/logos/ 16 KB
9 KB 6ms
6ms Image
image/gif 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet1.cbsistatic.com/fly/1568650970-fly/bundles/zdnetcss/images/logos/ring.gif

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

309e20d540054848c2bee4268a2ec8e37656da9e7d5f8084c6f66f4fd711aed6

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://zdnet1.cbsistatic.com/fly/1805-fly/css/core/main-0c0ec5e7a8-rev.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 93631
status: 200
vary: Accept-Encoding
content-length: 9039
x-xss-protection: 1; mode=block
last-modified: Mon, 16 Sep 2019 16:22:50 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5d7fb6da-3f75"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 23 Sep 2019 16:38:22 GMT

GET
H2 200 ZDLogoMicroRed-x2.png
zdnet4.cbsistatic.com/fly/1568650970-fly/bundles/zdnetcss/images/logos/ 2 KB
2 KB 7ms
6ms Image
image/png 2a04:4e42:3::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet4.cbsistatic.com/fly/1568650970-fly/bundles/zdnetcss/images/logos/ZDLogoMicroRed-x2.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

d6f28c2ecc7e7b603cead026b3febaa53ef60ef1ee17095ccaa5bfd465565e5e

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://zdnet1.cbsistatic.com/fly/1805-fly/css/core/main-0c0ec5e7a8-rev.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 93631
status: 200
vary: Accept-Encoding
content-length: 1513
x-xss-protection: 1; mode=block
last-modified: Mon, 16 Sep 2019 16:22:50 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5d7fb6da-6fa"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 23 Sep 2019 16:38:22 GMT

GET
H2 200 ZDLogoMicroWhite-x2.png
zdnet2.cbsistatic.com/fly/1568650970-fly/bundles/zdnetcss/images/logos/ 2 KB
2 KB 7ms
7ms Image
image/png 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet2.cbsistatic.com/fly/1568650970-fly/bundles/zdnetcss/images/logos/ZDLogoMicroWhite-x2.png

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/1805-fly/js/main.default.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

d4bf85df37940345c4a0795bcc6556e480751e36f503425c25b1993071e90c9c

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://zdnet1.cbsistatic.com/fly/1805-fly/css/core/main-0c0ec5e7a8-rev.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 93631
status: 200
vary: Accept-Encoding
content-length: 1398
x-xss-protection: 1; mode=block
last-modified: Mon, 16 Sep 2019 16:22:50 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5d7fb6da-691"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 23 Sep 2019 16:38:22 GMT

GET
H2 200 river-time-ago-f2210a157b-rev.js Show response
zdnet4.cbsistatic.com/fly/js/components/ 753 B
568 B 6ms
6ms Script
application/javascript 2a04:4e42:3::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet4.cbsistatic.com/fly/js/components/river-time-ago-f2210a157b-rev.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1805-fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

2d3e9015bb665cc4e62a0aada26a74311bf87ba40e12b896724f447a98e68a89

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 218791
status: 200
vary: Accept-Encoding
content-length: 426
x-xss-protection: 1; mode=block
last-modified: Thu, 12 Sep 2019 10:22:02 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "5d7a1c4a-2f1"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 22 Sep 2019 05:52:28 GMT

GET
H2 200 tr-premium-promo-49ebdaab89-rev.js Show response
zdnet2.cbsistatic.com/fly/js/components/ 461 B
582 B 6ms
6ms Script
application/javascript 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet2.cbsistatic.com/fly/js/components/tr-premium-promo-49ebdaab89-rev.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1805-fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

f0c8ad030a90f1ee3cdcd5910587eab25da7bb0ec6f942d979bba4d506b38380

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 304052
status: 200
vary: Accept-Encoding
content-length: 287
x-xss-protection: 1; mode=block
last-modified: Thu, 12 Sep 2019 10:22:03 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "5d7a1c4b-1cd"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Sep 2019 06:11:26 GMT

GET
H2 200 load-more-34f6119ea4-rev.js Show response
zdnet3.cbsistatic.com/fly/js/components/ 5 KB
2 KB 6ms
6ms Script
application/javascript 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet3.cbsistatic.com/fly/js/components/load-more-34f6119ea4-rev.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1805-fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

f1f493f2418d851d9c9d5a6522417b0faa8e54fc93255abe5939b309a6e1465e

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 325251
status: 200
vary: Accept-Encoding
content-length: 1803
x-xss-protection: 1; mode=block
last-modified: Thu, 12 Sep 2019 10:22:02 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5d7a1c4a-12a2"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Sep 2019 00:18:07 GMT

GET
H2 200 / Show response
www.zdnet.com/newsletter/xhr/widget-login/ 2 KB
2 KB 555ms
555ms XHR
application/json 23.210.249.64
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/newsletter/xhr/widget-login/?topic=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.210.249.64 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a23-210-249-64.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

92adf05d7b9edde89c7884a2925875069ce0c2da2839b757b684d5a86b623f2d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .zdnet.com .ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
X-NewRelic-ID: UQIHWFZXGwIDXFdRAAYDVw==
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
X-Requested-With: XMLHttpRequest
Sec-Fetch-Mode: cors

Response headers

content-security-policy: frame-ancestors 'self' *.zdnet.com *.ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding, User-Agent
content-length: 733
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: nginx
x-frame-options: SAMEORIGIN
date: Tue, 17 Sep 2019 18:38:59 GMT
expect-ct: max-age=0, report-uri="https://7a8f8748a40805618a61b617481a6ebc.report-uri.com/r/d/ct/reportOnly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-tx-id: 0d702b8c-3c08-4903-9cc2-be81ca7f6cce
content-type: application/json
access-control-allow-origin: https://www.zdnet.com
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Tue, 17 Sep 2019 18:38:59 GMT

POST
H2 200 / Show response
www.zdnet.com/m3d0s1/xhr/horizontal/ 14 KB
3 KB 564ms
564ms XHR
application/json 23.210.249.64
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/m3d0s1/xhr/horizontal/

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.210.249.64 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a23-210-249-64.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

90a006c36c34ba47c8b86830d58323c7984e216b9ad6ff0f808721d0b86d819d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .zdnet.com .ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
X-NewRelic-ID: UQIHWFZXGwIDXFdRAAYDVw==
X-Requested-With: XMLHttpRequest
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

content-security-policy: frame-ancestors 'self' *.zdnet.com *.ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding, User-Agent
content-length: 1795
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: nginx
x-frame-options: SAMEORIGIN
date: Tue, 17 Sep 2019 18:38:59 GMT
expect-ct: max-age=0, report-uri="https://7a8f8748a40805618a61b617481a6ebc.report-uri.com/r/d/ct/reportOnly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-tx-id: 2c152ffb-39dc-4c51-bd7c-acd4104ab179
content-type: application/json
access-control-allow-origin: https://www.zdnet.com
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Tue, 17 Sep 2019 18:38:59 GMT

GET
H2 200 / Show response
www.zdnet.com/components/tr-promo-asset/xhr/ 2 KB
2 KB 185ms
185ms XHR
application/json 23.210.249.64
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/components/tr-promo-asset/xhr/?topic=0

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.210.249.64 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a23-210-249-64.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

89c33f4c524ac98f71e2e010ecd0f9254dd60def27937af93983d99510e41992

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .zdnet.com .ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
X-NewRelic-ID: UQIHWFZXGwIDXFdRAAYDVw==
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
X-Requested-With: XMLHttpRequest
Sec-Fetch-Mode: cors

Response headers

content-security-policy: frame-ancestors 'self' *.zdnet.com *.ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding, User-Agent
content-length: 630
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 17 Sep 2019 18:28:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
date: Tue, 17 Sep 2019 18:38:59 GMT
expect-ct: max-age=0, report-uri="https://7a8f8748a40805618a61b617481a6ebc.report-uri.com/r/d/ct/reportOnly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-tx-id: 041a45bd-d176-4b7d-816b-ff5e154eb5ec
content-type: application/json
access-control-allow-origin: https://www.zdnet.com
cache-control: max-age=5400, private
accept-ranges: bytes
expires: Tue, 17 Sep 2019 19:58:47 GMT

GET
H2 200 load-more-1.0.js Show response
zdnet4.cbsistatic.com/fly/bundles/flyjs/js/components/ 8 KB
3 KB 6ms
6ms Script
application/javascript 2a04:4e42:3::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet4.cbsistatic.com/fly/bundles/flyjs/js/components/load-more-1.0.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1805-fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

da52af54b0a90f89c3b6c3482a53119a588e68f99f3cb4d7af0e4460ff8e5016

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1901
status: 200
vary: Accept-Encoding
content-length: 2472
x-xss-protection: 1; mode=block
last-modified: Mon, 16 Sep 2019 16:25:00 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5d7fb75c-1f51"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Sep 2019 18:07:18 GMT

GET
H2 200 trp-promo-thumb.jpg
zdnet1.cbsistatic.com/fly/bundles/zdnetcss/images/core/ 4 KB
4 KB 7ms
6ms Image
image/jpeg 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet1.cbsistatic.com/fly/bundles/zdnetcss/images/core/trp-promo-thumb.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

41e1b82b530a565f139da63948d96402471dadea6e3e912578cc2de4426bbe41

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2289559
status: 200
vary: Accept-Encoding
content-length: 3552
x-xss-protection: 1; mode=block
last-modified: Tue, 20 Aug 2019 17:44:39 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5d5c3187-f53"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Aug 2019 06:39:29 GMT

GET
H2 200 json Show response
trc.taboola.com/cbsinteractive-zdnet/trc/3/ 6 KB
3 KB 301ms
301ms Script
application/javascript 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/cbsinteractive-zdnet/trc/3/json?tim=20%3A38%3A59.704&lti=deflated&data=%7B%22id%22%3A525%2C%22ii%22%3A%22%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22vi%22%3A1568745530235%2C%22cv%22%3A%2220190911-24-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life%2F%22%2C%22bv%22%3A%221%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22cmps%22%3A3%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1585%2C%22dh%22%3A12402%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A4%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22ZDNETfront_doorDesktop%2FTablet-Bottom%20Page%20Thumbnails%22%2C%22orig_uip%22%3A%22ZDNETfront_doorDesktop%2FTablet-Bottom%20Page%20Thumbnails%22%2C%22cd%22%3A11846.640625%2C%22mw%22%3A770%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_2%22%2C%22lt%22%3A%22deflated%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20190911-24-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: ebe554559e9a5090efc5fd68d41f2560bee894fb4415b2bdacb70705285962c5

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:59 GMT
content-encoding: gzip
server: nginx
x-timer: S1568745540.725854,VS0,VE263
status: 200
x-served-by: cache-hhn4021-HHN
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 vglnk.js Show response
cdn.viglink.com/api/ 78 KB
27 KB 26ms
25ms Script
text/javascript 2606:4700::6810:a10d
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viglink.com/api/vglnk.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:a10d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1e3d2c14e73d02c96b42ade56dfbb0535e4cf0537161c2b5bce2e149a09384b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:38:59 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 84208
cf-ray: 517d33478d2fcbcc-VIE
status: 200
content-length: 27719
x-amz-id-2: HNEV4caKoOdziBrXGZIDp4CzG6boiBMb4TLu65nU6otYm4+p2OQwr1vWix1CX0FBodMy916W6w4=
last-modified: Mon, 16 Sep 2019 19:15:01 GMT
server: cloudflare
etag: "1545d811432c0074356408ee8f6c1e23"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: FB54A2C70C0BB866
cache-control: public, max-age=1800
accept-ranges: bytes
content-type: text/javascript
expires: Tue, 17 Sep 2019 19:08:59 GMT

GET
H/1.1 200
OK 0.8856683135086507
saa.cbsi.com/b/ss/cbsib2bleadgen/1/G.4--NS/ 43 B
520 B 100ms
99ms Image
image/gif 52.0.145.219
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saa.cbsi.com/b/ss/cbsib2bleadgen/1/G.4--NS/0.8856683135086507?AQB=1&ce=UTF%2D8&events=event66&v0=&v2=en&v3=desktop&v4=horizontal&v5=zdnet&v10=article&v20=emotet%2C+today%27s+most+dangerous+botnet%2C+comes+back+to+life&v22=content_article&v23=&v24=2deadd63-948e-47d6-8788-a047a60ccf51&v30=4f29584f-9b66-438c-b15b-0640eecb2c31&v60=33164635,253082,33163870,328335&v64=22149&v69=&c0=D%3Dv0&c2=D%3Dv2&c3=D%3Dv3&c4=D%3Dv4&c5=D%3Dv5&c10=D%3Dv10&c20=D%3Dv20&c22=D%3Dv22&c23=D%3Dv23&c24=D%3Dv24&c30=D%3Dv30&c60=D%3Dv60&c64=D%3Dv64&c69=D%3Dv69&pe=lnk_o&pev2=medusa_impression&vid=201909172-leadgen-zdnet&mid=90240133173074011141898988208131324462&aid=2D535D450507F28B-40000106A0001145&AQE=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.145.219 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-0-145-219.compute-1.amazonaws.com
Software: Omniture DC /
Resource Hash: a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:38:59 GMT
Last-Modified: Wed, 18 Sep 2019 18:38:59 GMT
Server: Omniture DC
xserver: www469
ETag: "3368855392962248704-8570994244712518276"
Vary: *
X-C: ms-6.9.1
P3P: CP="This is not a P3P policy"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, no-transform, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 16 Sep 2019 18:38:59 GMT

GET
H/1.1 200
OK e.gif
dw.cbsi.com/levt/ria/ 43 B
369 B 458ms
149ms Image
image/gif 64.30.230.22
CBS Interactive Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dw.cbsi.com/levt/ria/e.gif?rsid=cnetzdnetglobalsite&sid=2&siteid=2&pagetype=article&assetguid=4f29584f-9b66-438c-b15b-0640eecb2c31&assettitle=emotet%2C%20today%27s%20most%20dangerous%20botnet%2C%20comes%20back%20to%20life&assettype=content_article&pubdate=2019-09-16%2011%3A51%3A00&viewguid=2deadd63-948e-47d6-8788-a047a60ccf51&devicetype=desktop&sitetype=responsive%20web&author=catalin%20cimpanu&authorid=85fd8691-f525-4ea2-a601-af296f629f7f&topicguid=113c25b6-ec91-11e3-95d2-02911863765e&topic=security&topicbrcrm=security&s8=cnetzdnetglobalsite&v23=cnetzdnetglobalsite&v19=article&v17=113c25b6-ec91-11e3-95d2-02911863765e&v20=4f29584f-9b66-438c-b15b-0640eecb2c31&v16=2deadd63-948e-47d6-8788-a047a60ccf51&riaevent=impression&comptyp=spot&mapp=medusa_app&objtyp=medusa&eventt=log&v18=security&comp=ucwc&ts=1568745539757&tcset=utf8&im=dsjs&title=Emotet%2C%20today%27s%20most%20dangerous%20botnet%2C%20comes%20back%20to%20life%20%7C%20ZDNet&srcurl=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.30.230.22 Fremont, United States, ASN6623 (CBSI-1 - CBS Interactive Inc., US),
Reverse DNS: phx2-dw-cbsi-xw-ext-lb.cnet.com
Software: Apache/2.4.25 /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:39:00 GMT
Server: Apache/2.4.25
Vary: *
Content-Type: image/gif
Cache-Control: no-cache, must-revalidate, no-transform
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=80, max=335
Content-Length: 43
Expires: Fri, 23 Jan 1970 12:12:12 GMT

POST
H2 204 available Show response
trc.taboola.com/cbsinteractive-zdnet/log/3/ 0
268 B 88ms
87ms XHR
image/gif 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/cbsinteractive-zdnet/log/3/available?route=AM%3AAM%3AV&lti=deflated
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 17 Sep 2019 18:39:00 GMT
via: 1.1 varnish
server: nginx
x-timer: S1568745540.055578,VS0,VE9
x-served-by: cache-hhn4021-HHN
status: 204
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.zdnet.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 5e0eda0d3b46ee5522f7ba6d0b6f6770.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 9 KB
9 KB 62ms
61ms Image
image/jpeg 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5e0eda0d3b46ee5522f7ba6d0b6f6770.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cloudinary /
Resource Hash: f4d5a01a2ac800ec210c36d8ccbb07b035378456680a2a11342f75c36af75a47

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:39:00 GMT
via: 1.1 varnish, 1.1 varnish
age: 1152582
edge-cache-tag: 292832818404376679034978951149021017758,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Thu, 05 Sep 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5e0eda0d3b46ee5522f7ba6d0b6f6770.jpg
content-length: 9070
x-served-by: cache-hhn4075-HHN, cache-hhn4021-HHN
last-modified: Mon, 05 Aug 2019 15:55:09 GMT
server: cloudinary
x-timer: S1568745540.062454,VS0,VE1
etag: "94fea47e9ea24bc1ca790ec6847b847d"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//assets.1010010010.com/ad_images/img/201906271700079201_birthcert.jpg
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20190911-24-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 6fd389bc57a3f801c93b2e616ed078169e90fc0875c166c044eea31874972b86

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:39:00 GMT
via: 1.1 varnish, 1.1 varnish
age: 179641
edge-cache-tag: 516714403944199811404806462690498596545,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Mon, 30 Sep 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//assets.1010010010.com/ad_images/img/201906271700079201_birthcert.jpg
content-length: 27566
x-served-by: cache-hhn4037-HHN, cache-hhn4021-HHN
last-modified: Fri, 30 Aug 2019 15:45:31 GMT
server: cloudinary
x-timer: S1568745540.062448,VS0,VE0
etag: "93158460c3ec78d19c15d1c63e3f0b40"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 3

GET
H2 200 6f35fa1d306f0322b1167492b6dab8fd.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 11 KB
11 KB 81ms
80ms Image
image/jpeg 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6f35fa1d306f0322b1167492b6dab8fd.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cloudinary /
Resource Hash: f4fcb31e1fe23197bf17f1b10e6d5109e848cc46cca2af8a4c4ad96908c5fb71

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:39:00 GMT
via: 1.1 varnish, 1.1 varnish
age: 751097
edge-cache-tag: 431282823620106189731435766510182463026,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Wed, 09 Oct 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6f35fa1d306f0322b1167492b6dab8fd.jpg
content-length: 11192
x-served-by: cache-hhn4027-HHN, cache-hhn4021-HHN
last-modified: Sun, 08 Sep 2019 07:49:24 GMT
server: cloudinary
x-timer: S1568745540.062459,VS0,VE1
etag: "fa1e6bfa0c67f6ea2676882d3104a4f0"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.nch.com.au/wavepad/screenshots/demo2.jpg
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20190911-24-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 5d571ac4ffe7f33b48a9bcd9b20647658982b7901f2f268ecc075a0e5d9b27c0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:39:00 GMT
via: 1.1 varnish, 1.1 varnish
age: 736625
edge-cache-tag: 574880663819506811546297298753132946098,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Tue, 10 Sep 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.nch.com.au/wavepad/screenshots/demo2.jpg
content-length: 13452
x-served-by: cache-hhn4078-HHN, cache-hhn4021-HHN
last-modified: Sat, 10 Aug 2019 21:02:47 GMT
server: cloudinary
x-timer: S1568745540.062436,VS0,VE0
etag: "6e848f3340f1fd553796de39cfb4aa3f"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//assets.1010010010.com/ad_images/img/201906271700079201_birthcert.jpg
Requested by: Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 6fd389bc57a3f801c93b2e616ed078169e90fc0875c166c044eea31874972b86

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:39:00 GMT
via: 1.1 varnish, 1.1 varnish
age: 179641
edge-cache-tag: 516714403944199811404806462690498596545,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Mon, 30 Sep 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//assets.1010010010.com/ad_images/img/201906271700079201_birthcert.jpg
content-length: 27566
x-served-by: cache-hhn4037-HHN, cache-hhn4021-HHN
last-modified: Fri, 30 Aug 2019 15:45:31 GMT
server: cloudinary
x-timer: S1568745540.125264,VS0,VE0
etag: "93158460c3ec78d19c15d1c63e3f0b40"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.nch.com.au/wavepad/screenshots/demo2.jpg
Requested by: Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 5d571ac4ffe7f33b48a9bcd9b20647658982b7901f2f268ecc075a0e5d9b27c0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:39:00 GMT
via: 1.1 varnish, 1.1 varnish
age: 736625
edge-cache-tag: 574880663819506811546297298753132946098,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Tue, 10 Sep 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.nch.com.au/wavepad/screenshots/demo2.jpg
content-length: 13452
x-served-by: cache-hhn4078-HHN, cache-hhn4021-HHN
last-modified: Sat, 10 Aug 2019 21:02:47 GMT
server: cloudinary
x-timer: S1568745540.132258,VS0,VE0
etag: "6e848f3340f1fd553796de39cfb4aa3f"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5e0eda0d3b46ee5522f7ba6d0b6f6770.jpg
Requested by: Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cloudinary /
Resource Hash: f4d5a01a2ac800ec210c36d8ccbb07b035378456680a2a11342f75c36af75a47

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:39:00 GMT
via: 1.1 varnish, 1.1 varnish
age: 1152582
edge-cache-tag: 292832818404376679034978951149021017758,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Thu, 05 Sep 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5e0eda0d3b46ee5522f7ba6d0b6f6770.jpg
content-length: 9070
x-served-by: cache-hhn4075-HHN, cache-hhn4021-HHN
last-modified: Mon, 05 Aug 2019 15:55:09 GMT
server: cloudinary
x-timer: S1568745540.146491,VS0,VE0
etag: "94fea47e9ea24bc1ca790ec6847b847d"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6f35fa1d306f0322b1167492b6dab8fd.jpg
Requested by: Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cloudinary /
Resource Hash: f4fcb31e1fe23197bf17f1b10e6d5109e848cc46cca2af8a4c4ad96908c5fb71

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 18:39:00 GMT
via: 1.1 varnish, 1.1 varnish
age: 751097
edge-cache-tag: 431282823620106189731435766510182463026,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Wed, 09 Oct 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6f35fa1d306f0322b1167492b6dab8fd.jpg
content-length: 11192
x-served-by: cache-hhn4027-HHN, cache-hhn4021-HHN
last-modified: Sun, 08 Sep 2019 07:49:24 GMT
server: cloudinary
x-timer: S1568745540.146556,VS0,VE0
etag: "fa1e6bfa0c67f6ea2676882d3104a4f0"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2

GET
H/1.1 200
OK pixel.gif
essenceukeedcmdisplay403072119649.s.moatpixel.com/ 43 B
409 B 43ms
43ms Image
image/gif 23.58.219.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://essenceukeedcmdisplay403072119649.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=10056&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=22783699&L2id=1120261&L3id=254773775&L4id=121138465&S1id=zdnet.com&S2id=zdnet.com&ord=1568745530763&r=184510489852&t=page10&os=0&fi2=0&div1=0&ait=0&bedc=1&q=6&BSD=Unsafe%20-%20Inappropriate%20Content&BSC=moat_unsafe,gv_crime,gv_download,gs_tech_computing&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.58.219.40 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-58-219-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:39:00 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 17 Sep 2019 18:39:00 GMT

GET
H/1.1 200
OK pixel.gif
essenceukeedcmdisplay403072119649.s.moatpixel.com/ 43 B
409 B 52ms
51ms Image
image/gif 23.58.219.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://essenceukeedcmdisplay403072119649.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=10189&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=22783699&L2id=1120261&L3id=254773847&L4id=121098204&S1id=zdnet.com&S2id=zdnet.com&ord=1568745530613&r=398327156354&t=page10&os=0&fi2=0&div1=0&ait=0&bedc=1&q=6&BSD=Unsafe%20-%20Inappropriate%20Content&BSC=moat_unsafe,gv_crime,gv_download,gs_tech_computing&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.58.219.40 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-58-219-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:39:00 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 17 Sep 2019 18:39:00 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 39ms
39ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&wf=1&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&qs=1&ak=-&i=ESSENCE_UK_EE_DCM_DISPLAY1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBny6BsNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF6GfC6Jn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=c%3FgD3W%3CA&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=600&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Femotet-todays-most-dangerous-botnet-comes-back-to-life%2F&id=1&f=0&j=&t=1568745530684&de=764739222998&cu=1568745530684&m=10159&ar=813bf25-clean&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=12726&le=1&lf=0&lg=1&lh=34&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=88&vx=88%3A88%3A-&as=1&ag=10154&an=5071&gf=0&gg=0&ix=0&ic=0&ez=1&ck=1209&kw=935&aj=1&pg=88&pf=88&ib=1&cc=1&bw=10154&bx=5071&ci=1209&jz=935&dj=1&aa=1&ad=10028&cn=4945&gk=0&gl=0&ik=0&co=1083&cp=935&cq=1&im=0&in=0&pd=0&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=9954&cd=4864&ah=9954&am=4864&rf=0&re=1&ft=5047&fv=4945&fw=1083&wb=1&cl=0&at=0&d=22783699%3A1120261%3A255232887%3A121098198&bo=zdnet.com&bd=zdnet.com&gw=essenceukeedcmdisplay403072119649&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatENV=j&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=170265&na=752949641&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:39:00 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 17 Sep 2019 18:39:00 GMT

GET
H/1.1 200
OK pixel.gif
essenceukeedcmdisplay403072119649.s.moatpixel.com/ 43 B
409 B 44ms
43ms Image
image/gif 23.58.219.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://essenceukeedcmdisplay403072119649.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=935&tet=10154&fi=0&apd=10155&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=22783699&L2id=1120261&L3id=255232887&L4id=121098198&S1id=zdnet.com&S2id=zdnet.com&ord=1568745530684&r=764739222998&t=page10&os=1&fi2=0&div1=1&ait=5047&bedc=1&q=7&BSD=Unsafe%20-%20Inappropriate%20Content&BSC=moat_unsafe,gv_crime,gv_download,gs_tech_computing&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.58.219.40 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-58-219-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Sep 2019 18:39:00 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 17 Sep 2019 18:39:00 GMT

GET dc_oe=ChMI-KW2wMDY5AIV17beCh1orQFnEAAYACDcn985;met=1;&timestamp=1568745540932;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame BA75 0
0

GET dc_oe=ChMIpLO1wMDY5AIVk3HgCh17jANTEAAYACDWn985;met=1;&timestamp=1568745540933;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame CB9D 0
0

GET dc_oe=ChMI2fi5wMDY5AIVgbjeCh29SAWjEAAYACCh2uE5;met=1;&timestamp=1568745540933;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 5EA1 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ade.googlesyndication.com
URL: https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI-KW2wMDY5AIV17beCh1orQFnEAAYACDcn985;met=1;&timestamp=1568745540932;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Domain: ade.googlesyndication.com
URL: https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIpLO1wMDY5AIVk3HgCh17jANTEAAYACDWn985;met=1;&timestamp=1568745540933;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Domain: ade.googlesyndication.com
URL: https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI2fi5wMDY5AIVgbjeCh29SAWjEAAYACCh2uE5;met=1;&timestamp=1568745540933;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Verdicts & Comments Add Verdict or Comment

344 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.demdex.net/	1970-01-19 08:04:57	Name: demdex Value: 83153696841002058541225469411765512245
.zdnet.com/	1970-01-19 21:18:23	Name: AMCV_10D31225525FF5790A490D4D%40AdobeOrg Value: -894706358%7CMCMID%7C83006028943439647741249246551671844173%7CMCAAMLH-1569350328%7C6%7CMCAAMB-1568745527%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1568752728s%7CNONE%7CMCAID%7C2EC0941C052CA904-600029C1A00D5144%7CvVersion%7C2.3.0
.lightboxcdn.com/	1970-01-22 19:21:45	Name: a1583f50-579b-41d0-8c4e-1cd1790d945c Value: N4Ig-mBGAeDGCuAnRIBcoAOGAuBnNAjAKwBsAHAOwAsRRATGUVWQDQgYBusAdtoW7nypi5arQZNW7Drh59hbREgA2aECDbKVagPQBDRNgCWsZQFMdZgLYB7bGewBabDYAmegJ65Ht3E.fcAOZmiDbw3pB23A6OsDZWZhF6sADWzjaOykYAZhYaIMp4hKSUNPSMzGwY2qgA2iD6hibmlrb2Ti7uXj42fo4BwaHhjpHY0U5xCUmp6Zk5eQC6AL5sEDAYiGYcaKBdQrUipeKMJBTLq1DQW2a8QsAr4JewRq5qFHRmRNl6AJxkjgQ9CRYI4qNRso49HRshRHABmEjiIh6bLZOF6PQAkpiegUMgkAggJZAA__
.zdnet.com/	1970-01-19 03:55:50	Name: RT Value: "sl=1&ss=1568745526068&tt=2658&obo=0&bcn=%2F%2F686eb704.akstat.io%2F&sh=1568745528729%3D1%3A0%3A2658&dm=zdnet.com&si=326ae63e-c434-4190-a6c6-e23eb591403d&ld=1568745528729"
.demdex.net/	1970-01-19 08:04:57	Name: dextp Value: 269-1-1568745528371\|477-1-1568745528472\|771-1-1568745528572\|22052-1-1568745528673
.zdnet.com/	1970-01-19 12:31:21	Name: utag_main Value: _sn:1$_ss:0$_st:1568747328700$ses_id:1568745527428%3Bexp-session$_pn:1%3Bexp-session$linktag:undefined%3Bexp-session
www.zdnet.com/	1969-12-31 23:59:59	Name: viewGuid Value: 2deadd63-948e-47d6-8788-a047a60ccf51

70 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/(Line 92) Message: Service pending (GDPR consent not granted): script_indexexchange
console-api	log	URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/(Line 92) Message: Service pending (GDPR consent not granted): script_mpulse
console-api	log	URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/(Line 92) Message: Service pending (GDPR consent not granted): script_sourcepoint
console-api	log	URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/(Line 92) Message: Service pending (GDPR consent not granted): script_gpt
console-api	log	URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/(Line 757) Message: ADS: queuing nav-ad-5d8116076de44 for display
console-api	log	URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/(Line 1216) Message: ADS: queuing intromercial-5d8116076de44 for display
console-api	log	URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/(Line 1284) Message: ADS: queuing leader-plus-top-5d8116076de44 for display
console-api	log	URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/(Line 92) Message: Service pending (GDPR consent not granted): script_twitterwidgets
console-api	log	URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/(Line 92) Message: Service pending (GDPR consent not granted): script_twitterwidgets
console-api	log	URL: https://zdnet2.cbsistatic.com/fly/bundles/zdnetjs/js/libs/evidon/evidon-sitenotice-tag.js(Line 522) Message: dom not ready, setting event
console-api	log	URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/(Line 92) Message: Service pending (GDPR consent not granted): script_twitterwidgets
console-api	log	URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/(Line 1443) Message: ADS: queuing inpage-video-top-5d8116076de44 for display
console-api	log	URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/(Line 1453) Message: ADS: queuing sharethrough-top-5d8116076de44 for display
console-api	log	URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/(Line 92) Message: Service pending (GDPR consent not granted): script_twitterwidgets
console-api	log	URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/(Line 92) Message: Service pending (GDPR consent not granted): script_twitterwidgets
console-api	log	URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/(Line 92) Message: Service pending (GDPR consent not granted): script_twitterwidgets
console-api	log	URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/(Line 1764) Message: ADS: queuing mpu-plus-top-5d8116076de44 for display
console-api	log	URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/(Line 1868) Message: ADS: queuing dynamic-showcase-top-5d8116076de44 for display
console-api	log	URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/(Line 1875) Message: ADS: queuing mpu-middle-5d8116076de44 for display
console-api	log	URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/(Line 2104) Message: ADS: queuing mpu-bottom-5d8116076de44 for display
console-api	log	URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/(Line 2122) Message: ADS: queuing leader-plus-bottom-5d8116076de44 for display
console-api	log	URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/(Line 92) Message: Service pending (GDPR consent not granted): script_sharethrough
console-api	log	URL: https://zdnet2.cbsistatic.com/fly/bundles/zdnetjs/js/libs/evidon/evidon-sitenotice-tag.js(Line 524) Message: dom ready, triggering load
console-api	log	URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/(Line 92) Message: GDPR consent granted
console-api	log	URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/(Line 92) Message: Service loading (GDPR consent finally granted): script_indexexchange
console-api	log	URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/(Line 92) Message: Service loading (GDPR consent finally granted): script_mpulse
console-api	log	URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/(Line 92) Message: Service loading (GDPR consent finally granted): script_sourcepoint
console-api	log	URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/(Line 92) Message: Service loading (GDPR consent finally granted): script_gpt
console-api	log	URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/(Line 92) Message: Service loading (GDPR consent finally granted): script_twitterwidgets
console-api	log	URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/(Line 92) Message: Service loading (GDPR consent finally granted): script_twitterwidgets
console-api	log	URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/(Line 92) Message: Service loading (GDPR consent finally granted): script_twitterwidgets
console-api	log	URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/(Line 92) Message: Service loading (GDPR consent finally granted): script_twitterwidgets
console-api	log	URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/(Line 92) Message: Service loading (GDPR consent finally granted): script_twitterwidgets
console-api	log	URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/(Line 92) Message: Service loading (GDPR consent finally granted): script_twitterwidgets
console-api	log	URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/(Line 92) Message: Service loading (GDPR consent finally granted): script_sharethrough
console-api	log	URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/(Line 92) Message: Service loading (GDPR consent already granted): script_mpulse
console-api	log	URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/(Line 92) Message: Service loading (GDPR consent already granted): _injectQueryStringGCP
console-api	log	URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/(Line 92) Message: Service loading (GDPR consent already granted): script_chartbeat
console-api	log	URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js(Line 9) Message: Missing adCookieData!
console-api	log	URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js(Line 92) Message: zdnet
console-api	log	URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/(Line 92) Message: Service loading (GDPR consent already granted): script_ad
console-api	log	URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.1787.js?utv=ut4.43.201909041804(Line 177) Message: Service: sitecatalyst
console-api	log	URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js(Line 92) Message: zdnet
console-api	log	URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/(Line 92) Message: Service loading (GDPR consent already granted): script_medusa_recommendation
console-api	log	URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/(Line 92) Message: Service loading (GDPR consent already granted): script_sharebar
console-api	log	URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/(Line 92) Message: Service loading (GDPR consent already granted): script_medusa_recommendation
console-api	log	URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/(Line 92) Message: Service loading (GDPR consent already granted): script_sharebar
console-api	log	URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/(Line 92) Message: Service loading (GDPR consent already granted): script_taboola
console-api	log	URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/(Line 92) Message: Service loading (GDPR consent already granted): script_medusa_recommendation
console-api	log	URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/(Line 92) Message: Service loading (GDPR consent already granted): script_medusa_recommendation
console-api	log	URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/(Line 92) Message: Service loading (GDPR consent already granted): script_medusa_async_load
console-api	log	URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/(Line 92) Message: Service loading (GDPR consent already granted): script_medusa_recommendation
console-api	log	URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/(Line 92) Message: Service loading (GDPR consent already granted): script_medusa_recommendation
console-api	log	URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/(Line 92) Message: Service loading (GDPR consent already granted): script_urban_airship
console-api	log	URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/(Line 92) Message: Service loading (GDPR consent already granted): script_disqus_count
console-api	log	URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/(Line 92) Message: Service loading (GDPR consent already granted): script_disqus_count
console-api	log	URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js(Line 92) Message: zdnet
console-api	log	(Line 61) Message: blank creative loaded: 138245072116 (5 x 5, pos=nav)
console-api	log	(Line 61) Message: blank creative loaded: 138239368367 (641 x 321, pos=top)
console-api	log	URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/(Line 164) Message: Dynamic Showcase Center container ::: creative id = 138247024569
console-api	log	(Line 61) Message: blank creative loaded: 138239375180 (372 x 142, pos=)
console-api	log	(Line 61) Message: blank creative loaded: 138239479696 (372 x 142, pos=)
console-api	log	URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/(Line 92) Message: Service loading (GDPR consent already granted): script_medusa_recommendation
console-api	log	URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/(Line 92) Message: Service loading (GDPR consent already granted): script_taboola
console-api	log	URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/(Line 92) Message: Service loading (GDPR consent already granted): script_medusa_recommendation
console-api	log	URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/(Line 92) Message: Service loading (GDPR consent already granted): script_medusa_recommendation
console-api	log	URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/(Line 92) Message: Service loading (GDPR consent already granted): script_medusa_recommendation
console-api	log	URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/(Line 92) Message: Service loading (GDPR consent already granted): script_medusa_async_load
console-api	log	URL: https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/(Line 92) Message: Service loading (GDPR consent already granted): script_medusa_recommendation
console-api	log	URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js(Line 92) Message: zdnet

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' .zdnet.com .ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5f651e72.akstat.io
686eb704.akstat.io
abs.twimg.com
ad.doubleclick.net
ad.yieldmanager.com
ade.googlesyndication.com
ads.rubiconproject.com
adservice.google.com
adservice.google.de
api.viglink.com
api1.lightboxcdn.com
as-sec.casalemedia.com
b.sharethrough.com
bam.nr-data.net
beacon-eu2.rubiconproject.com
beacon.tru.am
btlr.sharethrough.com
c.evidon.com
c.go-mpulse.net
cbsdfp5832910442.s.moatpixel.com
cbsi.demdex.net
cdn-magiclinks.trackonomics.net
cdn.jsdelivr.net
cdn.syndication.twimg.com
cdn.taboola.com
cdn.viglink.com
cm.everesttech.net
cm.g.doubleclick.net
connect.facebook.net
dpm.demdex.net
dw.cbsi.com
eecouk.demdex.net
essenceukeedcmdisplay403072119649.s.moatpixel.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
geo.moatads.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
idsync.rlcdn.com
iicbsi-a.akamaihd.net
images.taboola.com
in.ml314.com
js-agent.newrelic.com
js-sec.indexww.com
l.betrad.com
lightboxapi2.azurewebsites.net
match.adsrvr.org
mb.moatads.com
ml314.com
native.sharethrough.com
optimized-by.rubiconproject.com
pagead2.googlesyndication.com
pbs.twimg.com
ping.chartbeat.net
pixel.everesttech.net
pixel.mathtag.com
platform-cdn.sharethrough.com
platform.twitter.com
ps.eyeota.net
px.moatads.com
rev.cbsi.com
s0.2mdn.net
saa.cbsi.com
sb.scorecardresearch.com
secure-us.imrworldwide.com
secure.adnxs.com
securepubads.g.doubleclick.net
static.chartbeat.com
str-assets.imgix.net
sync.crwdcntrl.net
syndication.twitter.com
tags.bluekai.com
tags.tiqcdn.com
tpc.googlesyndication.com
trc.taboola.com
tru.am
urs.zdnet.com
vidtech.cbsinteractive.com
web-sdk.urbanairship.com
widget.perfectmarket.com
www.everestjs.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagservices.com
www.lightboxcdn.com
www.summerhamster.com
www.zdnet.com
z.moatads.com
zdnet-1.disqus.com
zdnet1.cbsistatic.com
zdnet2.cbsistatic.com
zdnet3.cbsistatic.com
zdnet4.cbsistatic.com
zn_3xebfjduss0srw5-cbs.siteintercept.qualtrics.com
ade.googlesyndication.com
104.108.34.58
104.108.48.32
104.109.78.125
104.17.209.240
104.244.42.136
13.32.218.95
143.204.214.33
151.101.112.134
151.101.114.133
151.101.114.2
151.101.13.181
151.101.14.110
152.199.23.241
162.247.242.19
172.217.16.130
172.217.16.194
172.217.21.198
18.130.64.138
18.195.52.121
184.31.90.90
185.33.223.203
2.18.233.143
2.18.234.21
2.18.235.40
2.19.38.84
2.19.43.224
216.58.206.2
217.12.15.83
23.210.249.113
23.210.249.64
23.38.58.249
23.45.108.200
23.58.219.40
23.99.128.52
2600:9000:2057:4a00:1d:8c8c:47c0:93a1
2600:9000:2057:b000:18:1fcd:349:ca21
2606:2800:134:1a0d:1429:742:782:b6
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:234:59:254c:406:2366:268c
2606:4700:20::6819:a222
2606:4700::6810:4ea5
2606:4700::6810:50a5
2606:4700::6810:a10d
2a00:1450:4001:809::2002
2a00:1450:4001:809::2006
2a00:1450:4001:81a::200a
2a00:1450:4001:81c::2002
2a00:1450:4001:81c::2003
2a00:1450:4001:81c::2004
2a00:1450:4001:820::2002
2a00:1450:4001:825::2001
2a00:1450:4001:825::2003
2a00:1450:4001:825::200e
2a02:26f0:6c00::210:ba1b
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:1b::444
2a04:4e42:1b::621
2a04:4e42:1b::720
2a04:4e42:3::444
3.120.6.212
3.223.151.89
3.9.25.189
34.247.144.106
34.254.217.168
35.168.89.158
35.175.13.58
35.190.38.167
35.190.72.21
35.227.208.151
52.0.145.219
52.208.194.131
52.210.181.210
52.215.98.88
52.29.17.61
52.30.7.139
52.31.175.110
52.49.176.73
54.86.174.228
64.30.230.22
66.117.28.68
66.117.28.86
69.173.144.141
69.173.144.153
010ec20667d89c6c6d99390a2a455a95a9db0f47002bbc8730b6f5be20b0df2e
0341a4478ce861ef85c819b913fa0a2501836a6a2ffda8643e95e39f4a2a7de0
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
07178558c596bc2fe33d99750a349d5413fa4571fc778cefbe4f4f367404f6d6
079c6baf748d3b543bd11d58558f93c92619dfc023b34b66a1c3648a4f01feee
0821a4e3c939f773991479316a8e6dbbe73959d2a1b2830ddd79567d51b94241
0b02d7a500ed96bb84b65bbcb27ee8524a12424170a0f02aa8a0e4604df3d086
0b4236cb4eb3f87c386e433be2f2b627b78c3f95364f77465ebb9e959d9e83a6
0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b
0cc13558a456e010a247dc22826d9893e0a0a726cb75c89d59e29e73635dcda1
0d7d0ed0fee84fbf8ed8b911757cd973b649c6ddd9905df86708d6e2e88b244b
0e13cd6845611f0c419398a75b85ba014a7fffb1b9e9575c2e1b4cfefebd0017
0e78b8cde09dbe0fc473f87bc77ec30ccc56780398d8676cf93c4aaec432257f
0f4176807e149be9c6cc0e583699fffe630cccb37e57242ce5a7b1f7d63d859d
0f91e664ba993207337dbd5b1ab9f156c5f579d99d9b2e1315706815deadd0ae
0fc35f6d91748c84229af65812c67a706be65c51bbea081ed92dac22828ed2b2
10113bad06fefd5698a45480ffaedd421c6e06f9dbd0d1c772b7128bbea0842d
105f3be6891984cd7acbe730e48440d16293d4bf0ec4c5d89ffd3ae869b00047
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12bdb2e244cdb7b686f139afaeb84701747cd38419ac2f5cc44d3805e9034079
1357ab9629c305fb54d1de98d95d8af60c362017220a98788cf21161b88f5312
14d88b3a27f0e6de034f86ad42d6411081e9467daf754147f2f16bcb20782177
14fff73cc1b6830fb97fdb96495f9a48090b7b5c98ae028fa36f41a80ea19501
155935e0a93c8ec455550b190009b63e38f69b99ba20dbdc3da5dfe1271b89b7
1724d7fd70903754d6f29172f2ac879dc6dab79df6c4c78ed06f45c0f117e15c
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1ac54e160c68131d16f18f0cb0b14d1e55353258aabaca2c0c745fa60589b405
1bf7f942638a5a657d1fa10cd2e2e50f6d78cba23e60e61393191330fae38d27
1c0ccb11374e2374cb7a52c792ffe07d9203d28d4ad97623bcf27bc58d2513f9
1d1eab2e9d5b36e1297db68599d3e9c3df71869a0863fb261972b93e919d7af1
1d4d518e1da495fb6d6d8b3d86bba79d7597b61b466e71c45cdb09ed79659c53
1d5ebe5969a4fb31560e7b2bd4a84cdee7a536b08fbe18782d0ad8999a15f444
1d8ee10cbd81d771ed90a9ecc88124d9ecfbcf5f5a89636e0e54f77fc4dc693c
1df152c5f79010dd701eceeabbf5fae49f8b375b625f2a5d7f8a8fbe11b92f2b
1e43906bce3c76dbdc47d80944eb4bca86ac920ed9264f9f3e252dbcae983f80
1f9a64e9d9b930d8235d699f805ed4768676e3e1ef5099032104186d2c5a510c
2137b85fb02da63ebddb0df947618705e590cac29d7dd5e268337e92ebf6751e
22db8f5dcc6495cdd131e21af3db2398cbab79988c2c62bd476819da7cecf127
23331b4f64e824c9ae59d496c6da0fb92d136a414aaa88202284314c01d91b54
23fd50e468e335f8d26efbc1f6454743d06fd0bb80755e8ded1b2306800e8a8a
26483e9b516dc3f54cb5c0c9da80606d9e4c30fe419bcbaf1b516f9954bc0ccf
295ba7918375b2e8dd196dd0467bbc2c67d3220fdbd3468d699ed8e0f5f4a8a8
29655aa4bb3dca26b3d6a18c3a4aadcf7a6d13718611dc8c12d86f66ebabefe5
2aad6f9d3c9047f94d7785f36c599e2b0772fb63e505dd959681e07a66306815
2b53e383b81263b9e529c236116454190c04d520031d5f4abaf5e4df40805cd5
2b8d8ef7fec86e16424f0c6be7f0471a0c29256e074e1336d92876ddb4bc09ff
2bf78db102c9d6e84c8e86cd2bd6134383688ae866a991028728b62f482358ab
2d3e9015bb665cc4e62a0aada26a74311bf87ba40e12b896724f447a98e68a89
309e20d540054848c2bee4268a2ec8e37656da9e7d5f8084c6f66f4fd711aed6
3115fefaa6ca69c5e4b9348eeb09b6c8d2c447a2585069a8611313de0d8cd9b3
3147026ff99804131affcb3cadbdfd49c0a07583682aefcc1198f57e2614d5b0
31689f8d6eb1b3893de316c482b745b5fc7f0ee5408f7e86ec0e20c320e6b1c4
3240c7e00ccd21fbdd141f58cb238c68bb59180a35dfb79df8bbe57e0d13b0fc
32bd128f9959f9814ed0ffde4a48e3f72d552efa0619675d3c26fa8d8625d30b
33847eff64e6cb7a791652e196aede732fc9a8fc17845f7ca6ae9f3ebe8d1084
338e5578a7b3021caec1db415b93b214c378029d3cd8d19adc833d8b85ea7d29
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
356cbaf73b1793d3073c3f153e9b80e6e93793f7dca9e620094ca9abccc8f401
35ba36539167cac0659019944e599d6de81634ba0673eff4ada655fe31dfa9be
35f3de772fc88b09b9f866de6d38f50d8716aecc446bb10456585f61834ae2c8
3624e97a6a4f6fb481369929e579039d00be03b0a2e5d1f5f961c44dfd98940c
382d8c82323678eaeb5f5e8e9f58b79853b99f61bcee61ac8319d18c184b00df
38ac677259acf6e4ab4f2c6ae18c0e5736e28e7c0f5bd4f3275f9cf7060a5c2c
39f0e13a96fd029965b5b5fd3504853b6fe6ded07b4dd8862a0e033be626e655
3a3387633e45d15591d53fa26ae7681d03e5c1686837a95a9d165cbf0b1146a9
3aab52a82204425f81066eabf48b5fd22accdea914250f6e6494c3024edbe0a9
3b3ec1cd8d0742d8fe649237a5bdd012339d75738c3f62db356d8a0c59eac24a
3c4e5d9190758a17654ffba0d04c5a820ba6ed162cd10807e9ccdcb2c20662e6
3c5d25e1ef877754b0808d46f35dff155c611fbcd40c4ec03344438b8fa18ca3
3ff065de0d90b0510727a72c173d05652c30967c5e6561dbf1d82fa077cabb22
3ffb21d18f190848a680784584453555ac531c52285bb4d9e24e93b71b05f616
41e1b82b530a565f139da63948d96402471dadea6e3e912578cc2de4426bbe41
443238fc6591bfd1bc56ce75064045ecd9f8619bf2d2b18d8420c4d9b5baa618
4468e35646c229b518e5f398c5a3d6b15ba1351a71ef22692129bb32f5030ac0
4527b821beb7e04c4e079373ebc7df95ebf93108ed05307b1e1e806127a61348
45491009ecacd44a68ce929f718ec44a30d50b204a1c0302871ea801a2410171
4bb0f33f40b38593e1cba1c8b2f15703d33753bbd80f30511dd9c464a959afe7
4cbbded69e58ffd516843ca83e654d18df040daa36e54f40daf4b756f52e853b
4cee1c5841cb5b83de3d871d70b1e3e5b1e98630fa8e34b0379f0e7bb8bdee32
4d565f67641c732365c3180ec1e37c7a987825faad3e8632de8a07a9101feedd
4dfab07dcb6940901424cceb24e6622e2c52bd6953cacab9386977b17ebf3af0
4e12f8f802c581205b51d331d2c8109bbc078201451771004bc909b68ce31bca
4f72e8df44e82a8066b16ca8ab2d59f8f9ef21fa52c07d8554972f48b5105f13
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51eab6e96e931e1db5730d06fa882b76dd127b89dcb318fb16d41511d172156f
57811344d04a892ddcd3623c551ce97f268cdf0b300e2396cac5168dbc49d425
579ae4fc4f4666d0177f25dc10379d7f147353006063a8903599976e3e6526b9
57e1e8e64fe95a0acc0822d690633b9450b26919fcedc32958ebcf7d39393181
5d571ac4ffe7f33b48a9bcd9b20647658982b7901f2f268ecc075a0e5d9b27c0
5dcd44c16f3e6d379af59491b2399f26200dba8e0c2cbd53aa2f7adf64611fc8
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5ecc6a93ec2939faa8dbf80084346c7d940f5a2181ee69343810da52902eb92d
5f37ba5dbec53bc9e91c474ddeff2d69b22b7ff005208b0a04150a00449a7eaa
5f4147d470235edc4e770d186e5abddbafd1ae66fcecd03eaddc751fcbd782ff
5f889444aff25ca5d87419f5a4abb5531ff5e1824bb4c12b0b4e770686b5551e
61aa815692e9edf603f12550ad0976ccde355df6e118e42f018a691738997d40
64cfd2a647408273e2609b638b29d1f10370824f0169ee4db637edac660dfb66
65a559cd5d7c7a102e987ccfca22835b724c4229667f8c5e95ddefd3f2f8f50b
661582515dd231f99fdd37d11c1237a8e001ab99b898dc1430ac2f73f718098c
66ef1b7581d8ef7b82bfe2ca363a612a479d89b808e2241f68d3e8c75f4f06d4
69721aa2f1085046c84d1943a1daa0515be8e2f060c21063024ea117789e425c
6de73873dd441f953668e77030299f082e0f3e6335bf944d88d44978162e6609
6fd389bc57a3f801c93b2e616ed078169e90fc0875c166c044eea31874972b86
70466750ea9e429a29f9c09d0def2c28d16a327ca8103c734f241c878113e23f
718e2dcce3a93a8b2df28c60bd36644af8d45c7c93c048c4621317027dc8add0
72b0d27cb37a1d6380662025e6d8898a27ec53c2735db7f2f2cb10688e4a00fe
735dd6528ef8dd97886865a6ff4a0387d6cebab544c6288c8ba2169b1858c392
75b2131cd274a3c76482b9cc3283624cb3f7a742543cca6ea75aa064bf7eb2c9
763fa0bd7eff816d0a5f8c3e4075f9173a5cebf51a1e2c0d1174f841de10b9dd
769737b0e36daf92a9b050ab0d94b0005182cfb19fdc3f61745c5ad7e3de4c6f
778e4d83416c5b51b10553365bdd4dc14d286e23b97a2fe096c20a9102f322ec
791b7ff5657f9c41e24adaa1f6f5a4dc51046d292b25b01a5a8d152ff4a951ac
7aae10b3b9001b13836b916767226a56e4ff139b114675d226e4234fd78c8f15
7b3098678b479ec0d9c6716af95d4d645cf42162d65de8067d2a8068e99d2874
7d655e8cd62ba58d86b3bc9c8e1e04a76506a4dfc852c3b3813deb0aef284548
7e347b66fb1145f780600551e06778b33ecaca5c45897ac90eb96eb4b6afd082
7e8d9c376f9c2619e8812440b680d6b28c3ed51cb6e7e71ea877fe5441aa9215
7eae865fd7c820936603897a072b7ddd77b2c74e8022160fd19792291a63fac8
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
817eef99708866afd3c46c521381bd5158c13b572ff0832d16889df14c1c1057
81b5838108409e0aaa8839b60332638338caaf6afa47a896011695df56a8faaa
82362621d84dafedb468e0a04d88dcc0730114e52b6907a2e89141e7ae379aed
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8835d63170fc9a604877c9734b6b2f573b1a275901947b5c9d9ce645efd894e7
885fb8b9c3d2738bd627def3899f26d4d42641bbb868cc99d1fbc16f0ed9f4c6
8998e68f9bb1686ca1e03fcf3f0d6ea669c32d1f3554aeea809f1b1824ff6625
89c33f4c524ac98f71e2e010ecd0f9254dd60def27937af93983d99510e41992
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8bbab7355d5aa551c9f5152fac15aa857d1e352242440ce6911a4e8eef321500
8cdb1d0e89659dc70d362e8b83fca57781bc9b6c831ddb1986a0f21b4a130a87
8f3c628048bb8f1f65090540cef37dedb3da8c58713b2d76710c87c9060edde0
90a006c36c34ba47c8b86830d58323c7984e216b9ad6ff0f808721d0b86d819d
9129de7e22b312f68817ca6fb8472884ba0fbed5981b2d70872113823ec27438
912ba37ae19990d75014083a4f7bb4b2c50acd914b8e673dbead20612e28817d
91419194eee0c5a46ad1a14c095cf3c2624e38b2951d52b8fc9ef5793fb1c83d
92adf05d7b9edde89c7884a2925875069ce0c2da2839b757b684d5a86b623f2d
9337d4f2ef8a00759da573e178e302712fec944ac54cfd808f48c526b9816d3b
934f6af2feba6488e54a10898cec47d5c8c1052994b6662fc0855fb782f36fa2
936dc650424e586efd0dd47b9e2073864b0f2d224ba4eeffbe185aabaf545cbf
950ce64ffdbf507d05cdde79fb4b8fb07e6d8638b6449c5ddf7230a95dc1df03
95ec4dea002be118a633dc5070c23358d10e179ad3de44f23ac97578c6971df7
9786a4e2b96b8585d2796041fc235f69ecb3b745371b2fa647effbaafac790c2
99fd27cd410417b5633d3fc37196751afc4b3f9ffa5853dedb73cfcb3e810d7c
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
9d6eae70cc739ecb59fc502fcdf654675c318e1bf0ec679e63d84761470ce1d2
9db8bd3e641dc88d54edf476a148e75e29b4e8ccd040cb340404d557578dcfbd
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a584ab11d05df18a0b578c929247a6193fadbffd51d600dfa3f4d39ab3e3ec8d
a79cf077a5bb7210d86f235480b05e6c6260fafcb7a57eb9c8cfff5ab6fe8240
a7c68e6285a6b129d697f9a220220e02e0ecd8969b8aa57e2ddeb057d3841490
a864d0a8fdb6277ffcc33ee6c1a2e955649958462c04bc407c04b4b1a961cc38
aa5ed4ff4e8496dd27def7febbed2608fb9bbad340665fb316e2680695873019
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad7ed17bf4c8d9dd2511e7254670822d0f90c8fb89187f860cfbcb91821abc84
adfb04b671c5cadeaf8c06da83dc6a65f257af7a3f5c33bb59ced910b6fe1f90
b105bb3b88371b52236270b355f1657b62bcebb2141a2e67fd6439bf981b1d99
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1e3d2c14e73d02c96b42ade56dfbb0535e4cf0537161c2b5bce2e149a09384b
b2ab8784d5ca4bc5e4e1990ba55c6d9f041b8fe8cf41ad9afa37bc1c3dd12756
b4e9e9bef19c34422f55a7fdb9d10c4db5e39cff24b8c98a0be0e09b2ee6ac2b
b516672147ee7925112e7db3275460befd13901c7a3f9f21ba6d100929f89766
b78b4a6fa8438ce4776f2b79ff7850a444b6e6a8f572d69e085d67a7010e532b
b7abe32cf2c27fade8cb728fe70119cb419ff71af3a93634a7d2d27a3d462421
b845f2d1f90649b1f179899e2655575fe42f844a32206ae95e864c1723541acf
b879d81f28b7aa37772d874d373ccebc1c929a5b97f1ec1c02ee742a4c4df102
b8c15c61feffdfe68b168cf2ac8cf58867f38547da3b15d7971a75c44f16bc26
b8c2f45bde4f979653211dd37ee65fd030f2f02a3803108eb189c2203313f0c4
b8f859b2a0490954900d375eda51f31d6c8bcbc90bc4e6be102295514271bac9
b9d6fddb0988440902fcfc72f371ecfa80ee2eb36073f9eebc17449ee41c886f
ba2fa15976662b87f31dccdd53d415b927f2118760fdafc4ac21dd2c1b234ff3
bc740c3112caddaec0203f975f014756ba0aad2b52b76029e0752193bfa2829d
bc75cfa9ea1dd6b85931d3637e76b4774ac0c77f55deef27243a7725f51df67f
bce545729cb1ecd38b9f1c1d0aecd4da6b5f2a73c7d2bfc39506d7e21fb12a2e
bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f
bfd599ee1f86c272e87264dd3c4212359b55961c8765ebaa00c56f66470be5e3
bff5eb66c3c0decba63e447374e2c281f9b23fc9a489230d5c0e93317a2e798f
c2ff48bcbf9eadb11a5db2905263a74dfce1f4d3067910bfa74c4284a2ee7055
c3531ed2c934e5daee80955db42a0245d666131e6322c6ec6985992922520ab4
c400e833c536c14553c64e96d837575b14c4bda6bf71984b1b5587d583fd2af3
c50a17e8272b9359e4b62e0f305e201f359cb5bd2245671c115d031f2b7f68d0
c6375668f35c7d47585591a1d0542f386d8d1067e7747e7184bb540000c75177
c649aaa88ce29f86caa50dc08e1745c9783e049656ff2d5a93ef813b7f0c662a
caab9bbec165591d5214448b624dae44a3cbc575721ba71da2f7130bbbcbc6dc
cd5e6512fdbb698425174148dba05f72357a3b1944413f8812c55c4025d3d562
cd97797f3232aac27d57b4b52b6a7f600a9f44d0b4907a07e481a811c87ce352
cea82d67689c1c17b9ba59f2b218bf4d7c60d660f1dfed642759c08442e0ef06
ceffb891c3e1891757ead2e7e41497adc13abca0d14d7f58d20e3aa8d5aee108
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfbc1593f796a187c71f707ae4ea65b43560e8cb7dd238bdd0919b1f87162403
cfe299a7ca7de71498beaad92c6acff7820a996abd382f0f11d9c4206297e330
d01d089bf68f5dabbd6416291cb9de217fe91f450dd2f76eef700a7bc64ddbd0
d02197080b9680999381b5f5337fedd92674e5a1550ddfcc0c70612d3170a5e3
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7
d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912
d2064583dc074f40b117a6e11043ea853c50bc49954b5ac936a48d9482d36fa7
d235e0475d0e47fa8ac7acb95ae361030406b78b6f8633538593ab77286fda7a
d2fe67ecc4354b214728e0a7d75b67536a78f6b575080b589d54a1937fc46b41
d30738c153f680effc05b06103c6619f540d1554f447542d88fa3238a8af8144
d31c621bb6f98f0d2f55b5f3b72b82c8c4aaf85a6365eeb21891b1986bde9b31
d44c1c3b519cd0b390eb41352d8f3e522e4ed7eac8bc5cf475638985a9c4af16
d4bf85df37940345c4a0795bcc6556e480751e36f503425c25b1993071e90c9c
d54f94df1233ab7224af68f63fe3df27584c4c01d70b2e65bcdc774ba05c6b41
d696da403b0169c2191d0ec0b0fcdaa85487b21b19fd58f4b1fb5b9edf40b153
d6f28c2ecc7e7b603cead026b3febaa53ef60ef1ee17095ccaa5bfd465565e5e
d888280a72edc651af08047011eef087b2bc4d09580f91de2ffe09e22a52bdf0
da52af54b0a90f89c3b6c3482a53119a588e68f99f3cb4d7af0e4460ff8e5016
dabf73474662398f4f686a1b3103542f53384dd6241e6ac13f8ba535c6372aff
dac5c247fcf1856ab8a1ac7049b98e5a9f042881c6be1870945bb4b5465d5ae5
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dc26d8c468dc588b6ccc8bba66b3a106a0d5ab062bade96087d2d0291ba601f3
dc586a3b52526c7da4aab5a7d652832306c141deae71784882d150766db361f8
dd787044f07fb551657e198707ea27bfddcf6cf53bd6e8bf5efd6322a5273cba
dd9d61a6981817359f9429d8f5e8fa4752da39a18cda2b528e633b9174a01af0
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5
e0b8436d50fb200de76d7a25cf450ea238cd100197f8e9d462e9228153da873f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e482ba089d973ca257acfd70b2d7541447d5d333449b106d5c3dffebe322566a
e4ab4a6bcf67f50610fb39af3ab7afb69b1daf39b641e1b046d01372287b70fd
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e59c8c655db8c097ed0067789aeb44ed58f25f8c68a5772bbb3f1fdc18e5e336
eb07b53d262575cef96004e2be725ac235db39262e9bb8466a2a9b85cf532aa8
ebe554559e9a5090efc5fd68d41f2560bee894fb4415b2bdacb70705285962c5
ece0b69e7d61c35d2c06de83fff4ba69283fef66e7b73ee5b3fe3412d3d8936b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c8ad030a90f1ee3cdcd5910587eab25da7bb0ec6f942d979bba4d506b38380
f1f493f2418d851d9c9d5a6522417b0faa8e54fc93255abe5939b309a6e1465e
f4d5a01a2ac800ec210c36d8ccbb07b035378456680a2a11342f75c36af75a47
f4fcb31e1fe23197bf17f1b10e6d5109e848cc46cca2af8a4c4ad96908c5fb71
f5b52ad70c5d645388b52d2fadaf8a5311aee9a01436866ab9b3e2c5f02e1c22
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f74a250a8ce82df1311be49975b1df72a66a6399cc8d1a1b29002e471eca000c
f9216c532e4034c6449b0fd6b3f25119cc1ac8061e4e996e2e7312a4246d9efd
f92514f4e39c16da9037f964148a09a79419744b77d611860ffc81c86aeace0a
f92613e18f86a27550aa6d749c835105da1adcb8144563d352341a871cf7e8ec
f96f203f5605c9f56e7f6f97caf6ea84f122872ec3c5ac1f9037a1b508c706ee
fa33d1db535d783b0baf4e74bdc7ce9e54633f87a03669b2803e567088d64ccb
fb1e86a5c01f5d3640bfcb13ec8b0528c5cb205839bf3c6e59b2d16018fe118e
fe074214a9c301f8c3ba319d4bab7cba8d65164dcc2077272a9cacedf8941ae2
ff2ae991ac0efdb5ae8b4428ba8555a0aeb0fd94b8014ce290c484242c524097
ffaeeea8b8a09eda9e1eb2f2dc2c9ae055afb7fdbd4d88f57f324f8cad1d4ac5

www.zdnet.com Open in urlscan Pro 23.210.249.64 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

438 Requests

99 %HTTPS

31 %IPv6

61 Domains

98 Subdomains

78 IPs

6 Countries

6193 kBTransfer

17219 kBSize

7 Cookies

46 Outgoing links

Redirected requests

438 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 21 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.zdnet.com Open in urlscan Pro
23.210.249.64 Public Scan

Screenshot
Live screenshot

Full Image

438
Requests

99 %
HTTPS

31 %
IPv6

61
Domains

98
Subdomains

78
IPs

6
Countries

6193 kB
Transfer

17219 kB
Size

7
Cookies

438 HTTP transactions
21 data transactions