www.zdnet.com Open in urlscan Pro
23.210.249.64 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/#ftag=RSSbaffb68
Effective URL:
https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/
Submission: On July 27 via api (July 27th 2019, 1:31:04 am UTC) from US

Summary HTTP 61 Redirects Links 43 Behaviour Indicators

Summary

This website contacted 14 IPs in 5 countries across 16 domains to perform 61 HTTP transactions. The main IP is 23.210.249.64, located in Netherlands and belongs to AKAMAI-AS - Akamai Technologies, Inc., US. The main domain is www.zdnet.com.
TLS certificate: Issued by GeoTrust RSA CA 2018 on April 23rd 2019. Valid for: a year.

This is the only time www.zdnet.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	23.210.249.64 23.210.249.64	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
40	2a04:4e42:1b:... 2a04:4e42:1b::444	54113 (FASTLY) (FASTLY - Fastly)
1	172.227.109.218 172.227.109.218	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	151.101.14.133 151.101.14.133	54113 (FASTLY) (FASTLY - Fastly)
1	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
3	104.108.48.32 104.108.48.32	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	2a00:1450:400... 2a00:1450:4001:815::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
2	54.88.108.213 54.88.108.213	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:81d::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	54.229.236.204 54.229.236.204	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	172.217.18.102 172.217.18.102	15169 (GOOGLE) (GOOGLE - Google LLC)
1	18.195.113.253 18.195.113.253	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
61	14

1 23.210.249.64 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-210-249-64.deploy.static.akamaitechnologies.com

www.zdnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 2a04:4e42:1b::444 (Ascension Island)

ASN54113 (FASTLY - Fastly, US)

zdnet4.cbsistatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zdnet1.cbsistatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zdnet3.cbsistatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zdnet2.cbsistatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.227.109.218 (United States)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a172-227-109-218.deploy.static.akamaitechnologies.com

c.evidon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

vidtech.cbsinteractive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.21 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.108.48.32 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-108-48-32.deploy.static.akamaitechnologies.com

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.88.108.213 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-88-108-213.compute-1.amazonaws.com

l.betrad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.229.236.204 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-229-236-204.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.102 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s42-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.113.253 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-195-113-253.eu-central-1.compute.amazonaws.com

www.summerhamster.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	cbsistatic.com zdnet4.cbsistatic.com zdnet1.cbsistatic.com zdnet3.cbsistatic.com zdnet2.cbsistatic.com	900 KB
3	go-mpulse.net c.go-mpulse.net	57 KB
2	betrad.com l.betrad.com	240 B
1	summerhamster.com www.summerhamster.com	181 B
1	adsrvr.org match.adsrvr.org	536 B
1	google.com adservice.google.com	171 B
1	google.de adservice.google.de	171 B
1	doubleclick.net ad.doubleclick.net Failed securepubads.g.doubleclick.net Failed	491 B
1	googletagservices.com www.googletagservices.com	12 KB
1	indexww.com js-sec.indexww.com	26 KB
1	cbsinteractive.com vidtech.cbsinteractive.com	281 KB
1	evidon.com c.evidon.com	431 B
1	zdnet.com www.zdnet.com	99 KB
0	akstat.io Failed 5f651e70.akstat.io Failed 0211c812.akstat.io Failed
0	sharethrough.com Failed native.sharethrough.com Failed
0	tiqcdn.com Failed tags.tiqcdn.com Failed
61	16

	Domain	Requested by
19	zdnet4.cbsistatic.com	www.zdnet.com zdnet2.cbsistatic.com
10	zdnet2.cbsistatic.com	www.zdnet.com zdnet2.cbsistatic.com
6	zdnet3.cbsistatic.com	www.zdnet.com zdnet2.cbsistatic.com
5	zdnet1.cbsistatic.com	www.zdnet.com zdnet2.cbsistatic.com
3	c.go-mpulse.net	www.zdnet.com zdnet1.cbsistatic.com c.go-mpulse.net
2	l.betrad.com	www.zdnet.com
1	www.summerhamster.com
1	match.adsrvr.org	js-sec.indexww.com
1	adservice.google.com	www.googletagservices.com
1	adservice.google.de	www.googletagservices.com
1	ad.doubleclick.net	www.zdnet.com
1	www.googletagservices.com	www.zdnet.com
1	js-sec.indexww.com	www.zdnet.com
1	vidtech.cbsinteractive.com	zdnet2.cbsistatic.com
1	c.evidon.com	www.zdnet.com
1	www.zdnet.com
0	0211c812.akstat.io Failed	c.go-mpulse.net
0	5f651e70.akstat.io Failed	zdnet1.cbsistatic.com
0	securepubads.g.doubleclick.net Failed	www.googletagservices.com
0	native.sharethrough.com Failed	www.zdnet.com
0	tags.tiqcdn.com Failed	zdnet2.cbsistatic.com
61	21

This site contains links to these domains. Also see Links.

Domain
www.zdnet.com.cn
www.zdnet.fr
www.zdnet.de
www.zdnet.co.kr
japan.zdnet.com
www.techrepublic.com
downloads.zdnet.com
intrusiontruth.wordpress.com
docs.google.com
www.fireeye.com
www.rsaconference.com
www.novetta.com
www.recordedfuture.com
books.google.ro
www.lopinion.fr
web.br.de
www.cnet.com
cbsi.force.com
www.cbsinteractive.com
cbsi.secure.force.com
www.facebook.com
twitter.com
www.linkedin.com
www.youtube.com
legalterms.cbsinteractive.com
narratives.zdnet.com
academy.zdnet.com

Subject Issuer	Validity	Valid
www.cbs.com GeoTrust RSA CA 2018	`2019-04-23` - `2020-07-22`	a year	crt.sh
*.cbsistatic.com DigiCert SHA2 High Assurance Server CA	`2019-02-22` - `2021-02-26`	2 years	crt.sh
*.evidon.com DigiCert ECC Secure Server CA	`2019-02-01` - `2020-05-02`	a year	crt.sh
vidtech.cbsinteractive.com DigiCert SHA2 High Assurance Server CA	`2018-12-13` - `2020-12-17`	2 years	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2019-07-17` - `2020-03-09`	8 months	crt.sh
akstat.io DigiCert SHA2 Secure Server CA	`2019-04-16` - `2020-06-14`	a year	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2019-06-18` - `2019-09-10`	3 months	crt.sh
l.betrad.com Go Daddy Secure Certificate Authority - G2	`2019-04-25` - `2021-06-24`	2 years	crt.sh
*.google.com Google Internet Authority G3	`2019-07-02` - `2019-09-24`	3 months	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
*.doubleclick.net Google Internet Authority G3	`2019-07-02` - `2019-09-24`	3 months	crt.sh
*.summerhamster.com Let's Encrypt Authority X3	`2019-07-23` - `2019-10-21`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/
Frame ID: 18B7560D8FB4CFF3D6476171424C8749
Requests: 64 HTTP requests in this frame

Frame: https://c.go-mpulse.net/boomerang/YZ2TK-PC7PJ-K64DL-L53CR-P2G4E
Frame ID: A50F3570D9318852D6553D4494EFA391
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

61
Requests

90 %
HTTPS

31 %
IPv6

16
Domains

21
Subdomains

14
IPs

5
Countries

1378 kB
Transfer

3867 kB
Size

1
Cookies

43 Outgoing links

These are links going to different origins than the main page.

URL: http://www.zdnet.com.cn/
Title: ZDNet China

Search URL Search Domain Scan URL

URL: http://www.zdnet.fr/
Title: ZDNet France

Search URL Search Domain Scan URL

URL: http://www.zdnet.de/
Title: ZDNet Germany

Search URL Search Domain Scan URL

URL: http://www.zdnet.co.kr/
Title: ZDNet Korea

Search URL Search Domain Scan URL

URL: http://japan.zdnet.com/
Title: ZDNet Japan

Search URL Search Domain Scan URL

URL: https://www.techrepublic.com/resource-library/whitepapers/
Title: White Papers

Search URL Search Domain Scan URL

URL: https://downloads.zdnet.com/
Title: Downloads

Search URL Search Domain Scan URL

URL: https://www.techrepublic.com/forums/
Title: TechRepublic Forums

Search URL Search Domain Scan URL

URL: https://www.techrepublic.com/resource-library/whitepapers/10-dangerous-app-vulnerabilities-to-watch-out-for-free-pdf/?ftag=CMG-01-10aaa1b
Title: 10 dangerous app vulnerabilities to watch out for (free PDF)

Search URL Search Domain Scan URL

URL: https://intrusiontruth.wordpress.com/2017/05/09/apt3-is-boyusec-a-chinese-intelligence-contractor/
Title: APT3

Search URL Search Domain Scan URL

URL: https://intrusiontruth.wordpress.com/2018/08/15/apt10-was-managed-by-the-tianjin-bureau-of-the-chinese-ministry-of-state-security/
Title: APT10

Search URL Search Domain Scan URL

URL: https://docs.google.com/spreadsheets/u/1/d/1H9_xaxQHpWaa4O_Son4Gx0YOIzlcBWMsdvePFX68EKU/pubhtml
Title: APT17 is a codename

Search URL Search Domain Scan URL

URL: https://www.fireeye.com/blog/threat-research/2013/09/operation-deputydog-zero-day-cve-2013-3893-attack-against-japanese-targets.html
Title: 1

Search URL Search Domain Scan URL

URL: https://www.fireeye.com/blog/threat-research/2013/11/operation-ephemeral-hydra-ie-zero-day-linked-to-deputydog-uses-diskless-method.html
Title: 2

Search URL Search Domain Scan URL

URL: https://www.rsaconference.com/writable/presentations/file_upload/crwd-t11-hide_and_seek-how_threat_actors_respond_in_the_face_of_public_exposure.pdf
Title: 4

Search URL Search Domain Scan URL

URL: http://www.novetta.com/blog/2014/10/cyber-security-coalition1/
Title: 5

Search URL Search Domain Scan URL

URL: https://intrusiontruth.wordpress.com/2019/07/17/who-is-mr-guo/
Title: believed to be an officer of the Chinese Ministry of State Security

Search URL Search Domain Scan URL

URL: https://intrusiontruth.wordpress.com/2019/07/19/who-is-mr-wang/
Title: 1

Search URL Search Domain Scan URL

URL: https://intrusiontruth.wordpress.com/2019/07/22/who-is-mr-zeng/
Title: 2

Search URL Search Domain Scan URL

URL: https://intrusiontruth.wordpress.com/2019/07/24/apt17-is-run-by-the-jinan-bureau-of-the-chinese-ministry-of-state-security/
Title: APT17 is run by the Jinan bureau of the Chinese Ministry of State Security

Search URL Search Domain Scan URL

URL: https://www.recordedfuture.com/chinese-mss-behind-apt3/
Title: Recorded Future independently confirmed Intrusion Truth findings

Search URL Search Domain Scan URL

URL: https://books.google.ro/books?id=SbDlBgAAQBAJ&dq=china+and+cybersecurity:+espionage&redir_esc=y#link=%7B%22role%22:%22standard%22,%22href%22:%22https://books.google.ro/books?id=SbDlBgAAQBAJ&dq=china+and+cybersecurity:+espionage&redir_esc=y%22,%22target%22:%22_blank%22,%22absolute%22:%22%22,%22linkText%22:%22by%20scholars%22%7D
Title: by scholars

Search URL Search Domain Scan URL

URL: https://www.lopinion.fr/edition/international/alimentation-comment-chine-a-rafle-pouvoir-mondial-193390
Title: L'Opinion revealed how Chinese hackers broke into the email accounts of a French candidate

Search URL Search Domain Scan URL

URL: https://web.br.de/interaktiv/winnti/english/
Title: a barrage of cyber-attacks aimed at Germany's biggest companies

Search URL Search Domain Scan URL

URL: https://www.techrepublic.com/article/ios-developers-still-failing-to-build-end-to-end-encryption-into-apps/?ftag=CMG-01-10aaa1b
Title: iOS developers still failing to build end-to-end encryption into apps

Search URL Search Domain Scan URL

URL: https://www.cnet.com/news/best-identity-monitoring-services/?ftag=CMG-01-10aaa1b
Title: The best identity theft monitoring services for 2019

Search URL Search Domain Scan URL

URL: http://cbsi.force.com/CBSi/zdnetcommunityfaq
Title: Community Guidelines

Search URL Search Domain Scan URL

URL: http://www.cbsinteractive.com/legal/cbsi/terms-of-use
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://cbsi.secure.force.com/CBSi/articles/FAQ/Privacy-Policy?categories=CBS_Interactive%3AmPrivacy&template=template_mobilePrivacy&referer=mobileprivacy.com&data=&cfs=default
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://cbsi.secure.force.com/CBSi/articles/FAQ/mThird-Party-Social-Networking-Services?template=template_mobilepp&referer=mobilepp.com&data=&cfs=default
Title: Video Services Policy

Search URL Search Domain Scan URL

URL: https://www.facebook.com/pages/ZDNet/5953112932
Title:

Search URL Search Domain Scan URL

URL: http://twitter.com/zdnet
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/zdnet-com
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCr9QWb5RKLfaunjKHJZAdQQ
Title:

Search URL Search Domain Scan URL

URL: http://legalterms.cbsinteractive.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://legalterms.cbsinteractive.com/cookies
Title: Cookies

Search URL Search Domain Scan URL

URL: http://legalterms.cbsinteractive.com/adchoice
Title: Ad Choice

Search URL Search Domain Scan URL

URL: http://legalterms.cbsinteractive.com/terms-of-use
Title: Terms of Use

Search URL Search Domain Scan URL

URL: http://legalterms.cbsinteractive.com/eula
Title: Mobile User Agreement

Search URL Search Domain Scan URL

URL: http://narratives.zdnet.com/
Title: Sponsored Narratives

Search URL Search Domain Scan URL

URL: https://cbsi.secure.force.com/CBSi/knowledgehome?referer=zdnet.com
Title: Site Assistance

Search URL Search Domain Scan URL

URL: https://academy.zdnet.com/
Title: ZDNet Academy

Search URL Search Domain Scan URL

URL: https://www.cbsinteractive.com/legal/cbsi/privacy-policy/cookies-and-beacons
Title: cookie policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

61 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/ 444 KB
99 KB 173ms
151ms Document
text/html 23.210.249.64
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.210.249.64 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a23-210-249-64.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

3527e8b216cde4b96d47c994d343f2d6e12d504498ed15701e2b2b86a4952e25

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .zdnet.com .ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.zdnet.com
:scheme: https
:path: /article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

status: 200
server: nginx
content-type: text/html; charset=UTF-8
cache-control: max-age=5400, private
x-tx-id: 8b9dd315-42b6-4b40-b545-53f57c8eb171
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
expect-ct: max-age=0, report-uri="https://7a8f8748a40805618a61b617481a6ebc.report-uri.com/r/d/ct/reportOnly"
expires: Sat, 27 Jul 2019 01:57:16 GMT
last-modified: Sat, 27 Jul 2019 00:27:16 GMT
content-security-policy: frame-ancestors 'self' *.zdnet.com *.ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
x-frame-options: SAMEORIGIN
access-control-allow-origin: https://www.zdnet.com
content-encoding: gzip
accept-ranges: bytes
content-length: 100613
date: Sat, 27 Jul 2019 01:30:31 GMT
set-cookie: fly_device=desktop; expires=Sat, 03-Aug-2019 01:30:31 GMT; path=/; domain=.zdnet.com; secure fly_geo={"countryCode": "de"}; expires=Sat, 03-Aug-2019 01:30:31 GMT; path=/; domain=.zdnet.com; secure fly_preferred_edition=eu; path=/; domain=.zdnet.com; secure fly_default_edition=eu; path=/; domain=.zdnet.com; secure
vary: Accept-Encoding, User-Agent
strict-transport-security: max-age=63072000; includeSubDomains; preload

GET
H2 200 main-2a74cab131-rev.css
zdnet4.cbsistatic.com/fly/1746-fly/css/core/ 334 KB
61 KB 21ms
6ms Stylesheet
text/css 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet4.cbsistatic.com/fly/1746-fly/css/core/main-2a74cab131-rev.css

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

91b888531566d6f1f79f103d2fecec00ef82e465ad0e2fbbef6ad8e34a986f4a

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sat, 27 Jul 2019 01:30:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 107432
status: 200
strict-transport-security: max-age=31536000
content-length: 61951
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Jul 2019 19:34:13 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5d3a0435-5365f"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Aug 2019 19:39:58 GMT

GET
H2 200 controls-189d50da13-rev.css
zdnet1.cbsistatic.com/fly/css/video/htmlPlayerControls/ 41 KB
7 KB 21ms
5ms Stylesheet
text/css 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet1.cbsistatic.com/fly/css/video/htmlPlayerControls/controls-189d50da13-rev.css

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

e1624ebe8c59ab8c7906f665d395d86b600d266ab7fc5576966dbada030cfcb5

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sat, 27 Jul 2019 01:30:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64791
status: 200
strict-transport-security: max-age=31536000
content-length: 6567
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Jul 2019 19:34:25 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5d3a0441-a561"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Aug 2019 03:54:34 GMT

GET
H2 200 catalin-cimpanu.jpg
zdnet3.cbsistatic.com/hub/i/r/2018/08/21/a59867e9-8d75-40af-a87c-690638f8afa4/thumbnail/40x40/e9e4d21a35e101b1402c656cf979114c/ 910 B
1 KB 21ms
14ms Image
image/jpeg 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet3.cbsistatic.com/hub/i/r/2018/08/21/a59867e9-8d75-40af-a87c-690638f8afa4/thumbnail/40x40/e9e4d21a35e101b1402c656cf979114c/catalin-cimpanu.jpg

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

ba2fa15976662b87f31dccdd53d415b927f2118760fdafc4ac21dd2c1b234ff3

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sat, 27 Jul 2019 01:30:31 GMT
x-content-type-options: nosniff
age: 890459
status: 200
strict-transport-security: max-age=31536000
content-length: 910
x-xss-protection: 1; mode=block
last-modified: Mon, 03 Sep 2018 02:32:23 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
vary: Accept-Image-Webp,Accept-Image-Webv
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jul 2020 18:08:02 GMT

GET
H2 200 china-apt17.jpg
zdnet1.cbsistatic.com/hub/i/2019/07/24/596bdb15-1b31-405c-a074-d0a23a40d880/1324ba6f1920a2064ee8a7de4a12af7f/ 81 KB
80 KB 193ms
189ms Image
image/jpeg 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet1.cbsistatic.com/hub/i/2019/07/24/596bdb15-1b31-405c-a074-d0a23a40d880/1324ba6f1920a2064ee8a7de4a12af7f/china-apt17.jpg

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

277eac0eb48de80d084497980cc7326f381bd87e6567dde95769236a5086ff90

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sat, 27 Jul 2019 01:30:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
status: 200
content-transfer-encoding: binary
strict-transport-security: max-age=31536000
content-length: 81925
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "55c1db3215355af45d48f701bb19527f"
vary: Accept-Image-Webp,Accept-Image-Webv
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 regin.png
zdnet4.cbsistatic.com/hub/i/r/2019/07/08/b0bcf6a6-d5b0-4788-8484-afb528f2f9a8/thumbnail/170x128/94395f77f33706b2913a6537f62020dc/ 18 KB
18 KB 13ms
11ms Image
image/png 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet4.cbsistatic.com/hub/i/r/2019/07/08/b0bcf6a6-d5b0-4788-8484-afb528f2f9a8/thumbnail/170x128/94395f77f33706b2913a6537f62020dc/regin.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

0821a4e3c939f773991479316a8e6dbbe73959d2a1b2830ddd79567d51b94241

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sat, 27 Jul 2019 01:30:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13389
status: 200
content-transfer-encoding: binary
strict-transport-security: max-age=31536000
content-length: 18503
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "79b8072704504943c4a4e5900945f2a9"
vary: Accept-Image-Webp,Accept-Image-Webv
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 flame.png
zdnet4.cbsistatic.com/hub/i/r/2019/07/08/8a460c03-f622-45ad-834a-9ca3408f47bf/thumbnail/170x128/ee9fa64f648b0d75e327f56454a1c2c3/ 23 KB
23 KB 13ms
12ms Image
image/png 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet4.cbsistatic.com/hub/i/r/2019/07/08/8a460c03-f622-45ad-834a-9ca3408f47bf/thumbnail/170x128/ee9fa64f648b0d75e327f56454a1c2c3/flame.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

936dc650424e586efd0dd47b9e2073864b0f2d224ba4eeffbe185aabaf545cbf

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sat, 27 Jul 2019 01:30:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19757
status: 200
content-transfer-encoding: binary
strict-transport-security: max-age=31536000
content-length: 23476
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "befa130dcb31961fa251d61e1e6ba0e1"
vary: Accept-Image-Webp,Accept-Image-Webv
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 stuxnet.png
zdnet2.cbsistatic.com/hub/i/r/2019/07/08/7d9b8688-ae13-49b5-b5e4-525f2ac5ff26/thumbnail/170x128/f3d4e34bb87d561217090fdb4f6d469c/ 27 KB
27 KB 13ms
12ms Image
image/png 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet2.cbsistatic.com/hub/i/r/2019/07/08/7d9b8688-ae13-49b5-b5e4-525f2ac5ff26/thumbnail/170x128/f3d4e34bb87d561217090fdb4f6d469c/stuxnet.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

29655aa4bb3dca26b3d6a18c3a4aadcf7a6d13718611dc8c12d86f66ebabefe5

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sat, 27 Jul 2019 01:30:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36855
status: 200
content-transfer-encoding: binary
strict-transport-security: max-age=31536000
content-length: 27363
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "1fdd72b9fc6717195f76ea7c0783fa25"
vary: Accept-Image-Webp,Accept-Image-Webv
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 shamoon.png
zdnet4.cbsistatic.com/hub/i/r/2019/07/08/425ad5e4-30d3-477f-8da5-e3c47a159d00/thumbnail/170x128/2bc57b7723807c22d95a5ecf4a50af7e/ 24 KB
24 KB 14ms
13ms Image
image/png 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet4.cbsistatic.com/hub/i/r/2019/07/08/425ad5e4-30d3-477f-8da5-e3c47a159d00/thumbnail/170x128/2bc57b7723807c22d95a5ecf4a50af7e/shamoon.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

12bdb2e244cdb7b686f139afaeb84701747cd38419ac2f5cc44d3805e9034079

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sat, 27 Jul 2019 01:30:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10406
status: 200
content-transfer-encoding: binary
strict-transport-security: max-age=31536000
content-length: 24615
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "e1f70e23dce0d941aa028f900244a094"
vary: Accept-Image-Webp,Accept-Image-Webv
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 triton.png
zdnet4.cbsistatic.com/hub/i/r/2019/07/08/4e8bc7d3-5907-4c46-b75f-537bb529426e/thumbnail/170x128/2bc866b4f19fe9a7d2bdd1586769b5ac/ 24 KB
24 KB 114ms
113ms Image
image/png 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet4.cbsistatic.com/hub/i/r/2019/07/08/4e8bc7d3-5907-4c46-b75f-537bb529426e/thumbnail/170x128/2bc866b4f19fe9a7d2bdd1586769b5ac/triton.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

443238fc6591bfd1bc56ce75064045ecd9f8619bf2d2b18d8420c4d9b5baa618

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sat, 27 Jul 2019 01:30:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8237
status: 200
content-transfer-encoding: binary
strict-transport-security: max-age=31536000
content-length: 24011
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "8f51d048845867380207217d2b5c3156"
vary: Accept-Image-Webp,Accept-Image-Webv
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 istock-949457754.jpg
zdnet4.cbsistatic.com/hub/i/r/2019/07/12/04e5f598-aa44-4305-9b33-7d37c9556768/thumbnail/170x128/a2405483c8105edcf1f04c2d12f508a4/ 8 KB
7 KB 7ms
6ms Image
image/jpeg 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet4.cbsistatic.com/hub/i/r/2019/07/12/04e5f598-aa44-4305-9b33-7d37c9556768/thumbnail/170x128/a2405483c8105edcf1f04c2d12f508a4/istock-949457754.jpg

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

06225010455f67432ed8ce3267b9f677d5f780146aff2b49064ad239317ab32a

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sat, 27 Jul 2019 01:30:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29801
status: 200
content-transfer-encoding: binary
strict-transport-security: max-age=31536000
content-length: 7537
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "518fc66deea9d064d0a92eb73e4ea61b"
vary: Accept-Image-Webp,Accept-Image-Webv
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 170516-marcus-hutchins-053757c5d7b478ad58c9943067fc7e5247ce-nbcnews-ux-2880-1000.jpg
zdnet4.cbsistatic.com/hub/i/r/2017/08/03/85303ee6-ae3c-49ce-90b2-4cd08ff13d8d/thumbnail/170x128/afdeb3b5eebba7ec38dc0bf59b310425/ 5 KB
5 KB 7ms
6ms Image
image/jpeg 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet4.cbsistatic.com/hub/i/r/2017/08/03/85303ee6-ae3c-49ce-90b2-4cd08ff13d8d/thumbnail/170x128/afdeb3b5eebba7ec38dc0bf59b310425/170516-marcus-hutchins-053757c5d7b478ad58c9943067fc7e5247ce-nbcnews-ux-2880-1000.jpg

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

9a9e3439c5f6650442d56ac3c56d490f9e6dcd264636daf908beaf3524e49840

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sat, 27 Jul 2019 01:30:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26935
status: 200
content-transfer-encoding: binary
strict-transport-security: max-age=31536000
content-length: 5288
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "bd380c81db012b113b6ab112b847e52b"
vary: Accept-Image-Webp,Accept-Image-Webv
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 telegram.jpg
zdnet4.cbsistatic.com/hub/i/r/2019/07/26/4ab54c3f-1662-4dd2-a87a-3533a9a3d0c5/thumbnail/170x128/908b7239cf8fa2d8d0a0ddb25dc425f8/ 7 KB
7 KB 7ms
7ms Image
image/jpeg 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet4.cbsistatic.com/hub/i/r/2019/07/26/4ab54c3f-1662-4dd2-a87a-3533a9a3d0c5/thumbnail/170x128/908b7239cf8fa2d8d0a0ddb25dc425f8/telegram.jpg

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

56faf93ba746423ffee64ee0c1148c48f20d47c137baabf95ebfa7aeb1fb96d7

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sat, 27 Jul 2019 01:30:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16362
status: 200
content-transfer-encoding: binary
strict-transport-security: max-age=31536000
content-length: 6919
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "a0ae15571eb4a97ac1c34a114f1bb179"
vary: Accept-Image-Webp,Accept-Image-Webv
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 istock-computer-virus-malware.jpg
zdnet4.cbsistatic.com/hub/i/r/2019/07/26/e4c67d2d-f4dd-4e7d-b098-e42c924fb1ab/thumbnail/170x128/9561308fab77db46248044893df04c12/ 14 KB
14 KB 10ms
9ms Image
image/jpeg 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet4.cbsistatic.com/hub/i/r/2019/07/26/e4c67d2d-f4dd-4e7d-b098-e42c924fb1ab/thumbnail/170x128/9561308fab77db46248044893df04c12/istock-computer-virus-malware.jpg

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

1a346922257f2fd03c10f6981915e444e12a0c53a8027a488a15480c14d65910

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sat, 27 Jul 2019 01:30:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23395
status: 200
content-transfer-encoding: binary
strict-transport-security: max-age=31536000
content-length: 13792
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "37b1fe960daba91fffadbdb5a3a9db15"
vary: Accept-Image-Webp,Accept-Image-Webv
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 usflagsecurityistock-1053176334.jpg
zdnet2.cbsistatic.com/hub/i/r/2019/04/30/3c70e2ab-f350-48f4-8127-d0d9da285de7/thumbnail/170x128/ae699de44a60258b96088342bd5c97eb/ 13 KB
13 KB 14ms
13ms Image
image/jpeg 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet2.cbsistatic.com/hub/i/r/2019/04/30/3c70e2ab-f350-48f4-8127-d0d9da285de7/thumbnail/170x128/ae699de44a60258b96088342bd5c97eb/usflagsecurityistock-1053176334.jpg

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

7965c5a768f84ff792fa0311e8507bd92a7c870e163965d9e4ed5bdb6ff20489

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sat, 27 Jul 2019 01:30:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19988
status: 200
content-transfer-encoding: binary
strict-transport-security: max-age=31536000
content-length: 13250
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "a5dcd040486a679c3f649e721d8351dc"
vary: Accept-Image-Webp,Accept-Image-Webv
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 screenshot-2019-07-26-at-08-10-17.png
zdnet2.cbsistatic.com/hub/i/r/2019/07/26/b19cc2dc-2b02-4304-906a-068100a69c80/thumbnail/170x128/1f5e3976ede121eb165526c04453db08/ 40 KB
40 KB 14ms
13ms Image
image/png 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet2.cbsistatic.com/hub/i/r/2019/07/26/b19cc2dc-2b02-4304-906a-068100a69c80/thumbnail/170x128/1f5e3976ede121eb165526c04453db08/screenshot-2019-07-26-at-08-10-17.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

0243b631843e50b885abad747d88f51b04d9b8cc6ed844a4c3d09fb3c59b8739

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sat, 27 Jul 2019 01:30:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18666
status: 200
content-transfer-encoding: binary
strict-transport-security: max-age=31536000
content-length: 40946
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "7858bb7c17ce4b255a85be2df807b176"
vary: Accept-Image-Webp,Accept-Image-Webv
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 national-australia-bank-nab.png
zdnet1.cbsistatic.com/hub/i/r/2018/05/09/22d3b875-a076-4e28-970a-64fd84a4431f/thumbnail/170x128/11eb0c71833952841427ce0a1047c1c6/ 58 KB
59 KB 7ms
6ms Image
image/png 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet1.cbsistatic.com/hub/i/r/2018/05/09/22d3b875-a076-4e28-970a-64fd84a4431f/thumbnail/170x128/11eb0c71833952841427ce0a1047c1c6/national-australia-bank-nab.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

d4602b3f38a32b354d71f9a1f042b7dafd4447bb8425da08ea0f670a8607ecb9

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sat, 27 Jul 2019 01:30:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40267
status: 200
strict-transport-security: max-age=31536000
content-length: 59628
x-xss-protection: 1; mode=block
last-modified: Wed, 09 May 2018 06:35:50 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
vary: Accept-Image-Webp,Accept-Image-Webv
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Jul 2020 13:57:20 GMT

GET
H2 200 istock-913641990.jpg
zdnet3.cbsistatic.com/hub/i/r/2019/06/17/87d9eb6e-f1da-42eb-9022-9a35da89638c/thumbnail/170x128/ede74771edef2aaadfcef907dd99e54e/ 9 KB
9 KB 8ms
5ms Image
image/jpeg 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet3.cbsistatic.com/hub/i/r/2019/06/17/87d9eb6e-f1da-42eb-9022-9a35da89638c/thumbnail/170x128/ede74771edef2aaadfcef907dd99e54e/istock-913641990.jpg

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

55611f585cc51ac7481677a90f409d027b3e0f90f3a8125de87be3b1a2a0b512

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sat, 27 Jul 2019 01:30:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27057
status: 200
content-transfer-encoding: binary
strict-transport-security: max-age=31536000
content-length: 9039
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "251e16a2aac0ca4847adf561483381bf"
vary: Accept-Image-Webp,Accept-Image-Webv
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 nomoreransom.png
zdnet2.cbsistatic.com/hub/i/r/2019/07/25/e01d71cd-cf67-4f7e-a32c-f1779ba74ec9/thumbnail/170x128/e7e1c49e9b64c5e489278216ab2b3c1e/ 8 KB
7 KB 8ms
7ms Image
image/png 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet2.cbsistatic.com/hub/i/r/2019/07/25/e01d71cd-cf67-4f7e-a32c-f1779ba74ec9/thumbnail/170x128/e7e1c49e9b64c5e489278216ab2b3c1e/nomoreransom.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

ce19d0b8e6993a72db868ed5997bbe154fd3eaada9fd98c148144aacb57e756d

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sat, 27 Jul 2019 01:30:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18664
status: 200
content-transfer-encoding: binary
strict-transport-security: max-age=31536000
content-length: 7435
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "b943325cc7b7422d2871b345bf9b067f"
vary: Accept-Image-Webp,Accept-Image-Webv
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 require-2.1.2.js Show response
zdnet2.cbsistatic.com/fly/1746-fly/js/libs/ 16 KB
6 KB 7ms
6ms Script
application/javascript 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet2.cbsistatic.com/fly/1746-fly/js/libs/require-2.1.2.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

f96f203f5605c9f56e7f6f97caf6ea84f122872ec3c5ac1f9037a1b508c706ee

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sat, 27 Jul 2019 01:30:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38977
status: 200
strict-transport-security: max-age=31536000
content-length: 6305
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Jul 2019 19:34:10 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5d3a0432-3f09"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Aug 2019 14:19:24 GMT

GET
H2 200 evidon-sitenotice-tag.js Show response
zdnet2.cbsistatic.com/fly/bundles/zdnetjs/js/libs/evidon/ 69 KB
14 KB 8ms
6ms Script
application/javascript 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet2.cbsistatic.com/fly/bundles/zdnetjs/js/libs/evidon/evidon-sitenotice-tag.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

8998e68f9bb1686ca1e03fcf3f0d6ea669c32d1f3554aeea809f1b1824ff6625

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sat, 27 Jul 2019 01:30:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37114
status: 200
strict-transport-security: max-age=31536000
content-length: 13960
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Jul 2019 19:31:37 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5d3a0399-1134e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Aug 2019 15:11:56 GMT

GET
H2 200 country.js Show response
c.evidon.com/geo/ 260 B
431 B 4073ms
14ms Script
application/x-javascript 172.227.109.218
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/geo/country.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 172.227.109.218 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a172-227-109-218.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f9784f57729f84391b084eed9e944e048f771129d65e9b58f34095fdfba86473

Request headers

Referer: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sat, 27 Jul 2019 01:30:35 GMT
content-encoding: gzip
last-modified: Wed, 30 May 2018 22:23:16 GMT
server: Apache
access-control-allow-origin
etag: "c1e367d098d326049811561575dbda4a:1527718996"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
status: 200
access-control-max-age: 86400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 165

GET
H2 200 snthemes.js Show response
zdnet3.cbsistatic.com/fly/bundles/zdnetjs/js/libs/evidon/ 94 KB
8 KB 7ms
6ms Script
application/javascript 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet3.cbsistatic.com/fly/bundles/zdnetjs/js/libs/evidon/snthemes.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

39f0e13a96fd029965b5b5fd3504853b6fe6ded07b4dd8862a0e033be626e655

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sat, 27 Jul 2019 01:30:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 155475
status: 200
strict-transport-security: max-age=31536000
content-length: 7763
x-xss-protection: 1; mode=block
last-modified: Tue, 23 Jul 2019 14:13:38 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5d371612-177f3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Aug 2019 06:19:16 GMT

GET
H2 200 settings.js Show response
zdnet4.cbsistatic.com/fly/bundles/zdnetjs/js/libs/evidon/ 33 KB
2 KB 6ms
6ms Script
application/javascript 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet4.cbsistatic.com/fly/bundles/zdnetjs/js/libs/evidon/settings.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

ad7ed17bf4c8d9dd2511e7254670822d0f90c8fb89187f860cfbcb91821abc84

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sat, 27 Jul 2019 01:30:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 285803
status: 200
strict-transport-security: max-age=31536000
content-length: 1669
x-xss-protection: 1; mode=block
last-modified: Tue, 23 Jul 2019 14:13:38 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5d371612-828e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 Jul 2019 18:07:09 GMT

GET
DATA 200
OK truncated
/ 917 B
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2fe67ecc4354b214728e0a7d75b67536a78f6b575080b589d54a1937fc46b41

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1724d7fd70903754d6f29172f2ac879dc6dab79df6c4c78ed06f45c0f117e15c

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ceffb891c3e1891757ead2e7e41497adc13abca0d14d7f58d20e3aa8d5aee108

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c0ccb11374e2374cb7a52c792ffe07d9203d28d4ad97623bcf27bc58d2513f9

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 mag-white01.png
zdnet2.cbsistatic.com/fly/1564083097-fly/bundles/zdnetcss/images/core/ 1 KB
1 KB 7ms
7ms Image
image/png 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet2.cbsistatic.com/fly/1564083097-fly/bundles/zdnetcss/images/core/mag-white01.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

69721aa2f1085046c84d1943a1daa0515be8e2f060c21063024ea117789e425c

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://zdnet4.cbsistatic.com/fly/1746-fly/css/core/main-2a74cab131-rev.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sat, 27 Jul 2019 01:30:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40267
status: 200
strict-transport-security: max-age=31536000
content-length: 936
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Jul 2019 19:31:37 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5d3a0399-4f1"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Aug 2019 10:22:36 GMT

GET
H2 200 Raleway-Bold.woff2
zdnet4.cbsistatic.com/bundles/zdnetcss/fonts/raleway/ 51 KB
51 KB 18ms
5ms Font
application/octet-stream 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet4.cbsistatic.com/bundles/zdnetcss/fonts/raleway/Raleway-Bold.woff2

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

9db8bd3e641dc88d54edf476a148e75e29b4e8ccd040cb340404d557578dcfbd

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://zdnet4.cbsistatic.com/fly/1746-fly/css/core/main-2a74cab131-rev.css
Origin: https://www.zdnet.com

Response headers

date: Sat, 27 Jul 2019 01:30:31 GMT
x-content-type-options: nosniff
age: 301101
status: 200
strict-transport-security: max-age=31536000
content-length: 52212
x-xss-protection: 1; mode=block
last-modified: Tue, 23 Jul 2019 09:13:41 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "5d36cfc5-cbf4"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jul 2020 12:03:46 GMT

GET
H2 200 Raleway-Regular.woff2
zdnet4.cbsistatic.com/bundles/zdnetcss/fonts/raleway/ 50 KB
50 KB 29ms
17ms Font
application/octet-stream 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet4.cbsistatic.com/bundles/zdnetcss/fonts/raleway/Raleway-Regular.woff2

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

66ef1b7581d8ef7b82bfe2ca363a612a479d89b808e2241f68d3e8c75f4f06d4

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://zdnet4.cbsistatic.com/fly/1746-fly/css/core/main-2a74cab131-rev.css
Origin: https://www.zdnet.com

Response headers

date: Sat, 27 Jul 2019 01:30:31 GMT
x-content-type-options: nosniff
age: 344791
status: 200
strict-transport-security: max-age=31536000
content-length: 51572
x-xss-protection: 1; mode=block
last-modified: Mon, 22 Jul 2019 16:01:41 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "5d35dde5-c974"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jul 2020 01:11:57 GMT

GET
H2 200 Raleway-ExtraLight.woff2
zdnet4.cbsistatic.com/bundles/zdnetcss/fonts/raleway/ 50 KB
50 KB 29ms
17ms Font
application/octet-stream 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet4.cbsistatic.com/bundles/zdnetcss/fonts/raleway/Raleway-ExtraLight.woff2

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

c2c432e808e795014171d087ba8abd58d8337f59ad387c08d8a6c6b3c32106fb

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://zdnet4.cbsistatic.com/fly/1746-fly/css/core/main-2a74cab131-rev.css
Origin: https://www.zdnet.com

Response headers

date: Sat, 27 Jul 2019 01:30:31 GMT
x-content-type-options: nosniff
age: 890617
status: 200
strict-transport-security: max-age=31536000
content-length: 50740
x-xss-protection: 1; mode=block
last-modified: Tue, 16 Jul 2019 08:38:39 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "5d2d8d0f-c634"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jul 2020 18:06:52 GMT

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 Raleway-Light.woff2
zdnet4.cbsistatic.com/bundles/zdnetcss/fonts/raleway/ 50 KB
50 KB 9ms
9ms Font
application/octet-stream 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet4.cbsistatic.com/bundles/zdnetcss/fonts/raleway/Raleway-Light.woff2

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

6de73873dd441f953668e77030299f082e0f3e6335bf944d88d44978162e6609

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://zdnet4.cbsistatic.com/fly/1746-fly/css/core/main-2a74cab131-rev.css
Origin: https://www.zdnet.com

Response headers

date: Sat, 27 Jul 2019 01:30:31 GMT
x-content-type-options: nosniff
age: 344791
status: 200
strict-transport-security: max-age=31536000
content-length: 51608
x-xss-protection: 1; mode=block
last-modified: Mon, 22 Jul 2019 16:01:41 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "5d35dde5-c998"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jul 2020 01:11:57 GMT

GET
H2 200 Raleway-Black.woff2
zdnet4.cbsistatic.com/bundles/zdnetcss/fonts/raleway/ 50 KB
50 KB 11ms
11ms Font
application/octet-stream 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet4.cbsistatic.com/bundles/zdnetcss/fonts/raleway/Raleway-Black.woff2

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

927048ad11de8981ab14882b0cac610a1c194aa991d07247cdbf875032dec422

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://zdnet4.cbsistatic.com/fly/1746-fly/css/core/main-2a74cab131-rev.css
Origin: https://www.zdnet.com

Response headers

date: Sat, 27 Jul 2019 01:30:31 GMT
x-content-type-options: nosniff
age: 890618
status: 200
strict-transport-security: max-age=31536000
content-length: 51436
x-xss-protection: 1; mode=block
last-modified: Tue, 16 Jul 2019 08:38:39 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "5d2d8d0f-c8ec"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jul 2020 18:06:51 GMT

GET
H2 200 en.js Show response
zdnet2.cbsistatic.com/fly/js/libs/evidon/translations/ 311 KB
14 KB 6ms
6ms Script
application/javascript 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet2.cbsistatic.com/fly/js/libs/evidon/translations/en.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/bundles/zdnetjs/js/libs/evidon/evidon-sitenotice-tag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

caab9bbec165591d5214448b624dae44a3cbc575721ba71da2f7130bbbcbc6dc

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sat, 27 Jul 2019 01:30:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37113
status: 200
strict-transport-security: max-age=31536000
content-length: 14353
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Jul 2019 19:34:08 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5d3a0430-4ddff"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Aug 2019 15:11:57 GMT

GET
H2 200 logo.png
zdnet3.cbsistatic.com/fly/1564083097-fly/bundles/zdnetcss/images/core/ 4 KB
4 KB 6ms
5ms Image
image/png 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet3.cbsistatic.com/fly/1564083097-fly/bundles/zdnetcss/images/core/logo.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

ff2ae991ac0efdb5ae8b4428ba8555a0aeb0fd94b8014ce290c484242c524097

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://zdnet4.cbsistatic.com/fly/1746-fly/css/core/main-2a74cab131-rev.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sat, 27 Jul 2019 01:30:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 107433
status: 200
strict-transport-security: max-age=31536000
content-length: 4128
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Jul 2019 19:31:37 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5d3a0399-1009"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Aug 2019 19:39:59 GMT

GET
H2 200 main.default.js Show response
zdnet3.cbsistatic.com/fly/1746-fly/js/ 174 KB
59 KB 6ms
6ms Script
application/javascript 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet3.cbsistatic.com/fly/1746-fly/js/main.default.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1746-fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

d76c5aabfe1f62d390c281312c77f39a8d1f96409e1d3b19fb9b3752d350b2b2

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sat, 27 Jul 2019 01:30:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 107431
status: 200
strict-transport-security: max-age=31536000
content-length: 60718
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Jul 2019 19:34:12 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5d3a0434-2b716"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Aug 2019 19:40:00 GMT

GET
H2 200 scrolling-mpu-17c739e5e7-rev.js Show response
zdnet3.cbsistatic.com/fly/js/components/ 1 KB
871 B 6ms
5ms Script
application/javascript 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet3.cbsistatic.com/fly/js/components/scrolling-mpu-17c739e5e7-rev.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1746-fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

308a64084fd0c823eb8f8b1000feaf70b9cbc45f18fbbcecde55860b089e15c4

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sat, 27 Jul 2019 01:30:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191447
status: 200
strict-transport-security: max-age=31536000
content-length: 575
x-xss-protection: 1; mode=block
last-modified: Tue, 23 Jul 2019 14:16:53 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5d3716d5-4f8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Jul 2019 20:19:45 GMT

GET
H2 200 require.optional-dependency.js Show response
zdnet4.cbsistatic.com/fly/js/libs/ 582 B
455 B 6ms
5ms Script
application/javascript 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet4.cbsistatic.com/fly/js/libs/require.optional-dependency.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1746-fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

f27c0c9f284c6959dd7db1e768c6e43a518ea650afc69d7a60383f3a963cde7b

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sat, 27 Jul 2019 01:30:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 285818
status: 200
strict-transport-security: max-age=31536000
content-length: 307
x-xss-protection: 1; mode=block
last-modified: Tue, 23 Jul 2019 14:16:59 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "5d3716db-246"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 Jul 2019 18:06:53 GMT

GET
H2 200 article-a50a9d50c0-rev.js Show response
zdnet4.cbsistatic.com/fly/js/pages/ 177 KB
50 KB 6ms
6ms Script
application/javascript 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet4.cbsistatic.com/fly/js/pages/article-a50a9d50c0-rev.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1746-fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

60b036846cb7bd1bf8abc4a1b742e1f1b60cd3be0385fc812f8dd62a836a156d

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sat, 27 Jul 2019 01:30:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 285815
status: 200
strict-transport-security: max-age=31536000
content-length: 50814
x-xss-protection: 1; mode=block
last-modified: Tue, 23 Jul 2019 14:17:02 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5d3716de-2c298"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 Jul 2019 18:06:55 GMT

GET
H2 200 waypoints-73f7c94c96-rev.js Show response
zdnet1.cbsistatic.com/fly/js/managers/ 293 B
316 B 6ms
6ms Script
application/javascript 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet1.cbsistatic.com/fly/js/managers/waypoints-73f7c94c96-rev.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1746-fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

1916ac88ca53ca6fa357cd4eb661206e3c933c24385cc503aade6937ac631f39

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sat, 27 Jul 2019 01:30:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 87200
status: 200
strict-transport-security: max-age=31536000
content-length: 210
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Jul 2019 19:34:12 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "5d3a0434-125"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Aug 2019 23:41:02 GMT

GET
H2 200 jquery.waypoints.js Show response
zdnet4.cbsistatic.com/fly/js/libs/jquery/ 9 KB
3 KB 6ms
6ms Script
application/javascript 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet4.cbsistatic.com/fly/js/libs/jquery/jquery.waypoints.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1746-fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

0db1739b6bec8463f52771aaccbd974dde17f5db7c9fe4bb0a8f2c00564d603d

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sat, 27 Jul 2019 01:30:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 285817
status: 200
strict-transport-security: max-age=31536000
content-length: 2735
x-xss-protection: 1; mode=block
last-modified: Tue, 23 Jul 2019 14:16:58 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5d3716da-2267"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 Jul 2019 18:06:54 GMT

GET
H2 200 waypoints.sticky.js Show response
zdnet4.cbsistatic.com/fly/js/libs/jquery/ 1 KB
661 B 6ms
6ms Script
application/javascript 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet4.cbsistatic.com/fly/js/libs/jquery/waypoints.sticky.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1746-fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

deee21acc86b40fe0cb13584d9b68a15a21f471fcd0523822aa1f5b58b603604

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sat, 27 Jul 2019 01:30:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 285817
status: 200
strict-transport-security: max-age=31536000
content-length: 604
x-xss-protection: 1; mode=block
last-modified: Tue, 23 Jul 2019 14:16:59 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5d3716db-4e1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 Jul 2019 18:06:55 GMT

GET utag.js
tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/ 0
0

GET
H2 200 CBSI-PLAYER.js Show response
vidtech.cbsinteractive.com/uvpjs/0.42.297/ 1 MB
281 KB 11878ms
7ms Script
application/javascript 151.101.14.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://vidtech.cbsinteractive.com/uvpjs/0.42.297/CBSI-PLAYER.js
Requested by: Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1746-fly/js/libs/require-2.1.2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1df152c5f79010dd701eceeabbf5fae49f8b375b625f2a5d7f8a8fbe11b92f2b

Request headers

Referer: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sat, 27 Jul 2019 01:30:43 GMT
content-encoding: gzip
age: 2305357
x-cache: HIT, HIT
status: 200
content-length: 286838
x-amz-id-2: HI7eP0ybPre1cTmlQcYGJ/k2EzqEgV7hunk3Vv0R8ue+U3w4cjn4FJXT8m6Bwn1WvoL8y2rH7Nw=
x-served-by: cache-dca17753-DCA, cache-fra19153-FRA
last-modified: Fri, 01 Feb 2019 18:20:56 GMT
server: AmazonS3
x-timer: S1564191044.810220,VS0,VE0
etag: "eb5dd4ed3dcb7641ebbcb604d7ddb038"
vary: Accept-Encoding
x-amz-request-id: FC777B60584FA451
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1, 9

GET
H2 200 vendorlist.js Show response
zdnet2.cbsistatic.com/fly/js/libs/evidon/ 113 KB
51 KB 6ms
6ms Script
application/javascript 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet2.cbsistatic.com/fly/js/libs/evidon/vendorlist.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/bundles/zdnetjs/js/libs/evidon/evidon-sitenotice-tag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

eb07b53d262575cef96004e2be725ac235db39262e9bb8466a2a9b85cf532aa8

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sat, 27 Jul 2019 01:30:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37117
status: 200
strict-transport-security: max-age=31536000
content-length: 52305
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Jul 2019 19:34:08 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5d3a0430-1c3b9"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Aug 2019 15:11:57 GMT

GET
H/1.1 200
OK ls-zdnet.js Show response
js-sec.indexww.com/ht/ 85 KB
26 KB 1659ms
614ms Script
text/javascript 2.18.234.21
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/ls-zdnet.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 57e1e8e64fe95a0acc0822d690633b9450b26919fcedc32958ebcf7d39393181

Request headers

Referer: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Date: Sat, 27 Jul 2019 01:30:37 GMT
Content-Encoding: gzip
Last-Modified: Sat, 27 Jul 2019 01:30:06 GMT
Server: Apache
ETag: "9034ef-15269-58e9f99483149"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3582
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 26184
Expires: Sat, 27 Jul 2019 02:30:19 GMT

GET
H2 200 YZ2TK-PC7PJ-K64DL-L53CR-P2G4E Show response
c.go-mpulse.net/boomerang/ Frame A50F 187 KB
55 KB 17ms
15ms Script
application/javascript 104.108.48.32
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/boomerang/YZ2TK-PC7PJ-K64DL-L53CR-P2G4E
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.48.32 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-108-48-32.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e0b8436d50fb200de76d7a25cf450ea238cd100197f8e9d462e9228153da873f

Request headers

Referer: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

status: 200
date: Sat, 27 Jul 2019 01:30:35 GMT
content-encoding: gzip
cache-control: max-age=604800, s-maxage=604800
timing-allow-origin: *
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 37 KB
12 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:815::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

b3f0cf3618bc701038fbf1d26c6832a9fb0674f9e18935ffe36f70245bdface3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sat, 27 Jul 2019 01:30:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "233 / 224 of 1000 / last-modified: 1564188449"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 12521
x-xss-protection: 0
expires: Sat, 27 Jul 2019 01:30:35 GMT

GET sfp.js
native.sharethrough.com/assets/ 0
0

GET
H2 200 evidon-banner.js Show response
zdnet2.cbsistatic.com/fly/js/libs/evidon/ 8 KB
3 KB 7ms
6ms Script
application/javascript 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet2.cbsistatic.com/fly/js/libs/evidon/evidon-banner.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/bundles/zdnetjs/js/libs/evidon/evidon-sitenotice-tag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

c649aaa88ce29f86caa50dc08e1745c9783e049656ff2d5a93ef813b7f0c662a

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sat, 27 Jul 2019 01:30:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37116
status: 200
strict-transport-security: max-age=31536000
content-length: 2440
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Jul 2019 19:34:05 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5d3a042d-1faf"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Aug 2019 15:11:58 GMT

GET
H2 204 18863
l.betrad.com/site/v3/425/3445/3/1/2/2/ 0
120 B 10573ms
104ms Image
text/plain 54.88.108.213
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.betrad.com/site/v3/425/3445/3/1/2/2/18863?consent=1
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.88.108.213 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-88-108-213.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

status: 204
date: Sat, 27 Jul 2019 01:30:46 GMT
content-encoding: gzip
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
x-powered-by: Express
vary: Accept-Encoding

GET ;ord=1564191035894
ad.doubleclick.net/ddm/ad/lmxojafptq/kwoebxbvszj/ufppef/ux/ 0
0

GET
H2 204 18863
l.betrad.com/site/v3/425/3445/3/4/2/2/ 0
120 B 10554ms
106ms Image
text/plain 54.88.108.213
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.betrad.com/site/v3/425/3445/3/4/2/2/18863?consent=1
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.88.108.213 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-88-108-213.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

status: 204
date: Sat, 27 Jul 2019 01:30:46 GMT
content-encoding: gzip
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
x-powered-by: Express
vary: Accept-Encoding

GET
H2 200 mpulse-1.0.2.js Show response
zdnet1.cbsistatic.com/fly/js/libs/ 12 KB
5 KB 6ms
5ms Script
application/javascript 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet1.cbsistatic.com/fly/js/libs/mpulse-1.0.2.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1746-fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

763fa0bd7eff816d0a5f8c3e4075f9173a5cebf51a1e2c0d1174f841de10b9dd

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sat, 27 Jul 2019 01:30:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40270
status: 200
strict-transport-security: max-age=31536000
content-length: 4877
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Jul 2019 19:34:10 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5d3a0432-2fdf"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Aug 2019 14:04:03 GMT

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/v2/ 2 KB
1 KB 39ms
39ms XHR
application/json 104.108.48.32
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/v2/config.json?key=YZ2TK-PC7PJ-K64DL-L53CR-P2G4E&t=1564191035916&s=85031c1a8c0f4eade51df92565bf30226eb8fdb40c046d76ab4542370925105a
Requested by: Host: zdnet1.cbsistatic.com
URL: https://zdnet1.cbsistatic.com/fly/js/libs/mpulse-1.0.2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.48.32 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-108-48-32.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7c30a9419f281c61c5afa9e1e10bac481f5fc77b5fdfb0a95702646359919079

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/
Origin: https://www.zdnet.com

Response headers

Date: Sat, 27 Jul 2019 01:30:35 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.zdnet.com
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 803

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ Frame A50F 2 KB
1 KB 64ms
27ms XHR
application/json 104.108.48.32
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=YZ2TK-PC7PJ-K64DL-L53CR-P2G4E&d=www.zdnet.com&t=5213970&v=1.571.0&if=&sl=0&si=34ytg3bmh1n-NaN&plugins=ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,LOGN&acao=
Requested by: Host: c.go-mpulse.net
URL: https://c.go-mpulse.net/boomerang/YZ2TK-PC7PJ-K64DL-L53CR-P2G4E
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.48.32 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-108-48-32.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 07fe01054523118da687b2c4e5a17325a8d14fec3caedceacff4d1f168256a90

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/
Origin: https://www.zdnet.com

Response headers

Date: Sat, 27 Jul 2019 01:30:35 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://www.zdnet.com
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 695

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.zdnet.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sat, 27 Jul 2019 01:30:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.zdnet.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sat, 27 Jul 2019 01:30:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET pubads_impl_2019072601.js
securepubads.g.doubleclick.net/gpt/ 0
0

GET /
5f651e70.akstat.io/ 0
0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
536 B 9769ms
55ms XHR
application/json 54.229.236.204
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=184216
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/ls-zdnet.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.236.204 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-229-236-204.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6f7cad449f05926f0801e2e3e25ebc107c8c4fbf8f3479321fdbc221b60603e7

Request headers

Referer: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/
Origin: https://www.zdnet.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 27 Jul 2019 01:30:47 GMT
x-aspnet-version: 4.0.30319
status: 200
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.zdnet.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Mon, 26 Aug 2019 01:30:47 GMT

POST /
0211c812.akstat.io/ 0
0

GET
H2 200 ;ord=1564191048219
ad.doubleclick.net/ddm/ad/keajyaahi/fnaqouoad/viiqr/ 43 B
491 B 28ms
15ms Image
image/gif 172.217.18.102
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/ad/keajyaahi/fnaqouoad/viiqr/;ord=1564191048219?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.102 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s42-in-f6.1e100.net

Software

cafe /

Resource Hash

9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jul 2019 01:30:48 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 43
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bcn
www.summerhamster.com/ 43 B
181 B 272ms
7ms Image
image/gif 18.195.113.253
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.summerhamster.com/bcn?fe=1564191048249&y=2.0.1105&elg=164195396&flg=68&x=zzz.cgqhw.frp%2Fduwlfoh%2Fdsw-gralqj-jurxs-hasrvh-dsw17-dv-mlqdq-exuhdx-ri-fklqdv-vhfxulwb-plqlvwub%2F&vqwo=1&deo=0&g0=vg%3A%3Aer%2Cxd%3A%3Aqexd%3A%3Aqsu%7Cvg%3A%3Ask%3A%3Aqsk%3A%3Aqsu%7Cgisl%3A%3Alp%2Clqi%2Cqh%3A%3Aqoe%3A%3Aqsu%3A%3Axuo%3D%2F%2Fdg.grxeohfolfn.qhw%2Fggp%2Fdg%2Fnhdmbddkl%2Fiqdtrxrdg%2Fylltu%2F%3Brug%3D1564191048219%3F%7Cjdg%3A%3Aho%2Ckl%2Cklg%2Clqi%3A%3Aqhk%3A%3Aqsu%3A%3Avho%3D.sodlqDg%7Cjdg%3A%3Aho%2Ckl%2Cklg%2Clqi%3A%3Aqhk%3A%3Aqsu%3A%3Avho%3D.sodlqDg%7Cddg%2Cjdg%3A%3Aho%2Ckl%2Cklg%2Clqi%3A%3Aqhk%3A%3Aqsu%3A%3Avho%3D.des_re_halvw%7Cdg%3A%3Adu%2Cklg%2Cvv%3A%3Aqvvs%3A%3Aqsu%7Cdg%3A%3Adu%2Cklg%2Cvv%3A%3Aqvvs%3A%3Aqsu%7Cdg%3A%3Adu%2Cklg%2Cvv%3A%3Aqvvs%3A%3Aqsu%7Cdg%3A%3Adu%2Cklg%2Cvv%3A%3Aqvvs%3A%3Aqsu%7Cdg%3A%3Adu%2Cklg%2Cvv%3A%3Aqvvs%3A%3Aqsu%7Csu%3A%3Aid%3A%3Aquiv%3A%3Aqsu&hu=0&g2=0%3A%3A0%3A%3A0%3A%3A0%3A%3A0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.113.253 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-195-113-253.eu-central-1.compute.amazonaws.com
Software: Jetty(9.2.10.v20150310) /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

status: 200
date: Sat, 27 Jul 2019 01:30:48 GMT
server: Jetty(9.2.10.v20150310)
access-control-allow-origin: *
content-length: 43
access-control-allow-methods: *
content-type: image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js

Domain: native.sharethrough.com
URL: https://native.sharethrough.com/assets/sfp.js

Domain: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/ad/lmxojafptq/kwoebxbvszj/ufppef/ux/;ord=1564191035894?

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019072601.js

Domain: 5f651e70.akstat.io
URL: https://5f651e70.akstat.io/?h.pg=article&when=1564191035918&t_other=custom4%7C180&d=zdnet.com&h.key=YZ2TK-PC7PJ-K64DL-L53CR-P2G4E&h.d=zdnet.com&h.cr=2fb687097cd2ac919d998f7968b81bcaeb5b5106&h.t=1564191035935&http.initiator=api&rt.start=api&rt.si=cfca5ba3-9daf-4d00-866c-f57308c7ec01&rt.ss=1564191040321&rt.sl=0&api=1&api.v=2&api.l=js&api.lv=0.0.1

Domain: 0211c812.akstat.io
URL: https://0211c812.akstat.io/

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.zdnet.com/	1970-01-19 02:39:55	Name: RT Value: "sl=1&ss=1564191031510&tt=16224&obo=0&bcn=%2F%2F0211c812.akstat.io%2F&sh=1564191047744%3D1%3A0%3A16224&dm=zdnet.com&si=c4f35014-3dc9-4d76-9434-f01b3201835f&ld=1564191047747"

28 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/(Line 83) Message: Service pending (GDPR consent not granted): script_indexexchange
console-api	log	URL: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/(Line 83) Message: Service pending (GDPR consent not granted): script_mpulse
console-api	log	URL: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/(Line 83) Message: Service pending (GDPR consent not granted): script_sourcepoint
console-api	log	URL: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/(Line 83) Message: Service pending (GDPR consent not granted): script_gpt
console-api	log	URL: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/(Line 724) Message: ADS: queuing nav-ad-5d3b9a6388304 for display
console-api	log	URL: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/(Line 1194) Message: ADS: queuing intromercial-5d3b9a6388304 for display
console-api	log	URL: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/(Line 1261) Message: ADS: queuing leader-plus-top-5d3b9a6388304 for display
console-api	log	URL: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/(Line 1368) Message: ADS: queuing inpage-video-top-5d3b9a6388304 for display
console-api	log	URL: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/(Line 1378) Message: ADS: queuing sharethrough-top-5d3b9a6388304 for display
console-api	log	URL: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/(Line 1618) Message: ADS: queuing mpu-plus-top-5d3b9a6388304 for display
console-api	log	URL: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/(Line 1728) Message: ADS: queuing dynamic-showcase-top-5d3b9a6388304 for display
console-api	log	URL: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/(Line 1735) Message: ADS: queuing mpu-middle-5d3b9a6388304 for display
console-api	log	URL: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/(Line 1959) Message: ADS: queuing mpu-bottom-5d3b9a6388304 for display
console-api	log	URL: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/(Line 1976) Message: ADS: queuing leader-plus-bottom-5d3b9a6388304 for display
console-api	log	URL: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/(Line 83) Message: Service pending (GDPR consent not granted): script_sharethrough
console-api	log	URL: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/(Line 83) Message: Service pending (GDPR consent not granted): script_mpulse
console-api	log	URL: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/(Line 83) Message: Service pending (GDPR consent not granted): _injectQueryStringGCP
console-api	log	(Line 2) Message: ADS: queuing mpu-bottom-5d3b9a6388304 for display
console-api	log	URL: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/(Line 83) Message: GDPR consent granted
console-api	log	URL: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/(Line 83) Message: Service loading (GDPR consent finally granted): script_indexexchange
console-api	log	URL: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/(Line 83) Message: Service loading (GDPR consent finally granted): script_mpulse
console-api	log	URL: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/(Line 83) Message: Service loading (GDPR consent finally granted): script_sourcepoint
console-api	log	URL: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/(Line 83) Message: Service loading (GDPR consent finally granted): script_gpt
console-api	log	URL: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/(Line 83) Message: Service loading (GDPR consent finally granted): script_sharethrough
console-api	log	URL: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/(Line 83) Message: Service loading (GDPR consent finally granted): script_mpulse
console-api	log	URL: https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/(Line 83) Message: Service loading (GDPR consent finally granted): _injectQueryStringGCP
console-api	error	URL: https://c.go-mpulse.net/boomerang/YZ2TK-PC7PJ-K64DL-L53CR-P2G4E(Line 16) Message: Failed to load RequireJS module: optional!//tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js_unnormalized3; the Optional plugin is handling the following exception:
console-api	log	URL: https://zdnet4.cbsistatic.com/fly/js/libs/require.optional-dependency.js(Line 1) Message: The RequireJS Optional plugin is returning the following default response for the module: optional!//tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js_unnormalized3

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' .zdnet.com .ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0211c812.akstat.io
5f651e70.akstat.io
ad.doubleclick.net
adservice.google.com
adservice.google.de
c.evidon.com
c.go-mpulse.net
js-sec.indexww.com
l.betrad.com
match.adsrvr.org
native.sharethrough.com
securepubads.g.doubleclick.net
tags.tiqcdn.com
vidtech.cbsinteractive.com
www.googletagservices.com
www.summerhamster.com
www.zdnet.com
zdnet1.cbsistatic.com
zdnet2.cbsistatic.com
zdnet3.cbsistatic.com
zdnet4.cbsistatic.com
0211c812.akstat.io
5f651e70.akstat.io
ad.doubleclick.net
native.sharethrough.com
securepubads.g.doubleclick.net
tags.tiqcdn.com
104.108.48.32
151.101.14.133
172.217.18.102
172.227.109.218
18.195.113.253
2.18.234.21
23.210.249.64
2a00:1450:4001:815::2002
2a00:1450:4001:81a::2002
2a00:1450:4001:81d::2002
2a04:4e42:1b::444
54.229.236.204
54.88.108.213
0243b631843e50b885abad747d88f51b04d9b8cc6ed844a4c3d09fb3c59b8739
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
06225010455f67432ed8ce3267b9f677d5f780146aff2b49064ad239317ab32a
07fe01054523118da687b2c4e5a17325a8d14fec3caedceacff4d1f168256a90
0821a4e3c939f773991479316a8e6dbbe73959d2a1b2830ddd79567d51b94241
0db1739b6bec8463f52771aaccbd974dde17f5db7c9fe4bb0a8f2c00564d603d
12bdb2e244cdb7b686f139afaeb84701747cd38419ac2f5cc44d3805e9034079
1724d7fd70903754d6f29172f2ac879dc6dab79df6c4c78ed06f45c0f117e15c
1916ac88ca53ca6fa357cd4eb661206e3c933c24385cc503aade6937ac631f39
1a346922257f2fd03c10f6981915e444e12a0c53a8027a488a15480c14d65910
1c0ccb11374e2374cb7a52c792ffe07d9203d28d4ad97623bcf27bc58d2513f9
1df152c5f79010dd701eceeabbf5fae49f8b375b625f2a5d7f8a8fbe11b92f2b
277eac0eb48de80d084497980cc7326f381bd87e6567dde95769236a5086ff90
29655aa4bb3dca26b3d6a18c3a4aadcf7a6d13718611dc8c12d86f66ebabefe5
308a64084fd0c823eb8f8b1000feaf70b9cbc45f18fbbcecde55860b089e15c4
3527e8b216cde4b96d47c994d343f2d6e12d504498ed15701e2b2b86a4952e25
39f0e13a96fd029965b5b5fd3504853b6fe6ded07b4dd8862a0e033be626e655
443238fc6591bfd1bc56ce75064045ecd9f8619bf2d2b18d8420c4d9b5baa618
55611f585cc51ac7481677a90f409d027b3e0f90f3a8125de87be3b1a2a0b512
56faf93ba746423ffee64ee0c1148c48f20d47c137baabf95ebfa7aeb1fb96d7
57e1e8e64fe95a0acc0822d690633b9450b26919fcedc32958ebcf7d39393181
60b036846cb7bd1bf8abc4a1b742e1f1b60cd3be0385fc812f8dd62a836a156d
66ef1b7581d8ef7b82bfe2ca363a612a479d89b808e2241f68d3e8c75f4f06d4
69721aa2f1085046c84d1943a1daa0515be8e2f060c21063024ea117789e425c
6de73873dd441f953668e77030299f082e0f3e6335bf944d88d44978162e6609
6f7cad449f05926f0801e2e3e25ebc107c8c4fbf8f3479321fdbc221b60603e7
763fa0bd7eff816d0a5f8c3e4075f9173a5cebf51a1e2c0d1174f841de10b9dd
7965c5a768f84ff792fa0311e8507bd92a7c870e163965d9e4ed5bdb6ff20489
7c30a9419f281c61c5afa9e1e10bac481f5fc77b5fdfb0a95702646359919079
8998e68f9bb1686ca1e03fcf3f0d6ea669c32d1f3554aeea809f1b1824ff6625
91b888531566d6f1f79f103d2fecec00ef82e465ad0e2fbbef6ad8e34a986f4a
927048ad11de8981ab14882b0cac610a1c194aa991d07247cdbf875032dec422
936dc650424e586efd0dd47b9e2073864b0f2d224ba4eeffbe185aabaf545cbf
9a9e3439c5f6650442d56ac3c56d490f9e6dcd264636daf908beaf3524e49840
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
9db8bd3e641dc88d54edf476a148e75e29b4e8ccd040cb340404d557578dcfbd
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
ad7ed17bf4c8d9dd2511e7254670822d0f90c8fb89187f860cfbcb91821abc84
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3f0cf3618bc701038fbf1d26c6832a9fb0674f9e18935ffe36f70245bdface3
ba2fa15976662b87f31dccdd53d415b927f2118760fdafc4ac21dd2c1b234ff3
c2c432e808e795014171d087ba8abd58d8337f59ad387c08d8a6c6b3c32106fb
c649aaa88ce29f86caa50dc08e1745c9783e049656ff2d5a93ef813b7f0c662a
caab9bbec165591d5214448b624dae44a3cbc575721ba71da2f7130bbbcbc6dc
ce19d0b8e6993a72db868ed5997bbe154fd3eaada9fd98c148144aacb57e756d
ceffb891c3e1891757ead2e7e41497adc13abca0d14d7f58d20e3aa8d5aee108
d2fe67ecc4354b214728e0a7d75b67536a78f6b575080b589d54a1937fc46b41
d4602b3f38a32b354d71f9a1f042b7dafd4447bb8425da08ea0f670a8607ecb9
d76c5aabfe1f62d390c281312c77f39a8d1f96409e1d3b19fb9b3752d350b2b2
deee21acc86b40fe0cb13584d9b68a15a21f471fcd0523822aa1f5b58b603604
e0b8436d50fb200de76d7a25cf450ea238cd100197f8e9d462e9228153da873f
e1624ebe8c59ab8c7906f665d395d86b600d266ab7fc5576966dbada030cfcb5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb07b53d262575cef96004e2be725ac235db39262e9bb8466a2a9b85cf532aa8
f27c0c9f284c6959dd7db1e768c6e43a518ea650afc69d7a60383f3a963cde7b
f96f203f5605c9f56e7f6f97caf6ea84f122872ec3c5ac1f9037a1b508c706ee
f9784f57729f84391b084eed9e944e048f771129d65e9b58f34095fdfba86473
ff2ae991ac0efdb5ae8b4428ba8555a0aeb0fd94b8014ce290c484242c524097

www.zdnet.com Open in urlscan Pro 23.210.249.64 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

61 Requests

90 %HTTPS

31 %IPv6

16 Domains

21 Subdomains

14 IPs

5 Countries

1378 kBTransfer

3867 kBSize

1 Cookies

43 Outgoing links

Redirected requests

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.zdnet.com Open in urlscan Pro
23.210.249.64 Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

90 %
HTTPS

31 %
IPv6

16
Domains

21
Subdomains

14
IPs

5
Countries

1378 kB
Transfer

3867 kB
Size

1
Cookies

61 HTTP transactions
5 data transactions