www.bleepingcomputer.com Open in urlscan Pro
104.20.60.209 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
Submission: On April 29 via api (April 29th 2020, 2:25:46 pm UTC) from US

Summary HTTP 323 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 57 IPs in 6 countries across 38 domains to perform 323 HTTP transactions. The main IP is 104.20.60.209, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.bleepingcomputer.com.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on May 12th 2018. Valid for: 2 years.

This is the only time www.bleepingcomputer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	104.20.60.209 104.20.60.209	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:815::200a	15169 (GOOGLE) (GOOGLE)
33	104.26.13.6 104.26.13.6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81b::2008	15169 (GOOGLE) (GOOGLE)
5 7	2a00:1450:400... 2a00:1450:4001:81f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:81f::2002	15169 (GOOGLE) (GOOGLE)
4	23.210.248.44 23.210.248.44	16625 (AKAMAI-AS) (AKAMAI-AS)
1 12	151.101.14.217 151.101.14.217	54113 (FASTLY) (FASTLY)
2	151.101.114.217 151.101.114.217	54113 (FASTLY) (FASTLY)
2	2606:4700:20:... 2606:4700:20::681a:8b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	212.71.236.117 212.71.236.117	63949 (LINODE-AP...) (LINODE-AP Linode)
4	35.190.64.11 35.190.64.11	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:214... 2600:9000:214f:9800:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
2	172.217.22.6 172.217.22.6	15169 (GOOGLE) (GOOGLE)
3	35.188.71.214 35.188.71.214	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:932	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	72.247.226.64 72.247.226.64	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.190.76.239 35.190.76.239	15169 (GOOGLE) (GOOGLE)
32	2a00:1450:400... 2a00:1450:4001:820::2001	15169 (GOOGLE) (GOOGLE)
2	2600:9000:214... 2600:9000:214f:d000:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:81b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	172.217.22.66 172.217.22.66	15169 (GOOGLE) (GOOGLE)
7	3.132.109.30 3.132.109.30	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:205... 2600:9000:2057:fe00:1:af78:4c0:93a1	16509 (AMAZON-02) (AMAZON-02)
6	99.86.0.120 99.86.0.120	16509 (AMAZON-02) (AMAZON-02)
1	143.204.202.95 143.204.202.95	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f02... 2a03:2880:f02d:e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
2	199.232.53.140 199.232.53.140	54113 (FASTLY) (FASTLY)
1	13.35.253.52 13.35.253.52	16509 (AMAZON-02) (AMAZON-02)
7	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
9	69.173.144.143 69.173.144.143	26667 (RUBICONPR...) (RUBICONPROJECT)
4	35.157.31.10 35.157.31.10	16509 (AMAZON-02) (AMAZON-02)
14	37.252.172.36 37.252.172.36	29990 (ASN-APPNEX) (ASN-APPNEX)
9	104.16.190.66 104.16.190.66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	52.59.41.102 52.59.41.102	16509 (AMAZON-02) (AMAZON-02)
4	72.247.225.98 72.247.225.98	16625 (AKAMAI-AS) (AKAMAI-AS)
1 9	34.95.120.147 34.95.120.147	15169 (GOOGLE) (GOOGLE)
5	35.226.36.58 35.226.36.58	15169 (GOOGLE) (GOOGLE)
3	52.50.72.216 52.50.72.216	16509 (AMAZON-02) (AMAZON-02)
3	69.16.175.10 69.16.175.10	20446 (HIGHWINDS3) (HIGHWINDS3)
25	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
7	143.204.212.226 143.204.212.226	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1288:f03... 2a00:1288:f03d:1fa::2000	10310 (YAHOO-1) (YAHOO-1)
1	2a00:1450:400... 2a00:1450:4001:81b::200a	15169 (GOOGLE) (GOOGLE)
3	34.243.121.135 34.243.121.135	16509 (AMAZON-02) (AMAZON-02)
3	18.196.104.43 18.196.104.43	16509 (AMAZON-02) (AMAZON-02)
3	34.251.232.240 34.251.232.240	16509 (AMAZON-02) (AMAZON-02)
3	52.17.64.209 52.17.64.209	16509 (AMAZON-02) (AMAZON-02)
1	99.80.176.210 99.80.176.210	16509 (AMAZON-02) (AMAZON-02)
2 6	52.29.181.218 52.29.181.218	16509 (AMAZON-02) (AMAZON-02)
4	72.247.225.17 72.247.225.17	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.111.230.142 104.111.230.142	16625 (AKAMAI-AS) (AKAMAI-AS)
4	72.247.225.32 72.247.225.32	16625 (AKAMAI-AS) (AKAMAI-AS)
323	57

2 104.20.60.209 (United States)

ASN13335 (CLOUDFLARENET, US)

www.bleepingcomputer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:815::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 104.26.13.6 (United States)

ASN13335 (CLOUDFLARENET, US)

www.bleepstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:81f::2004 (Frankfurt am Main, Germany) 5 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.210.248.44 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-44.deploy.static.akamaitechnologies.com

s9.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 151.101.14.217 (Frankfurt am Main, Germany) 1 redirects

ASN54113 (FASTLY, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ck.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vid.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:8b (United States)

ASN13335 (CLOUDFLARENET, US)

a.pub.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.71.236.117 (London, United Kingdom)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: nb-212-71-236-117.london.nodebalancer.linode.com

ecdn.analysis.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.64.11 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 11.64.190.35.bc.googleusercontent.com

dapperdiscussion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:9800:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.22.6 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s14-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.188.71.214 (United States)

ASN15169 (GOOGLE, US)
PTR: 214.71.188.35.bc.googleusercontent.com

d.pub.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:932 (United States)

ASN13335 (CLOUDFLARENET, US)

freestar-io.videoplayerhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.247.226.64 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a72-247-226-64.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.76.239 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 239.76.190.35.bc.googleusercontent.com

admiral.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1450:4001:820::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:214f:d000:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:81b (United States)

ASN13335 (CLOUDFLARENET, US)

mrb.upapi.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.217.22.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s17-in-f66.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.132.109.30 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-132-109-30.us-east-2.compute.amazonaws.com

capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:fe00:1:af78:4c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

vendorlist.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 99.86.0.120 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-0-120.fra6.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.202.95 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-95.fra53.r.cloudfront.net

api.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:e:face:b00c:0:2 (Ireland)

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.53.140 (Manchester, United Kingdom)

ASN54113 (FASTLY, US)

www.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.253.52 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-52.fra6.r.cloudfront.net

audit.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 69.173.144.143 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.157.31.10 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-31-10.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 37.252.172.36 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.16.190.66 (United States)

ASN13335 (CLOUDFLARENET, US)

dmx.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 52.59.41.102 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-41-102.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 72.247.225.98 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a72-247-225-98.deploy.static.akamaitechnologies.com

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 34.95.120.147 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 147.120.95.34.bc.googleusercontent.com

freestar-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.226.36.58 (United States)

ASN15169 (GOOGLE, US)
PTR: 58.36.226.35.bc.googleusercontent.com

c.pub.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.50.72.216 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-72-216.eu-west-1.compute.amazonaws.com

vid.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.16.175.10 (Phoenix, United States)

ASN20446 (HIGHWINDS3, US)
PTR: hwcdn.net

vpaid.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 143.204.212.226 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-212-226.fra53.r.cloudfront.net

video.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1288:f03d:1fa::2000 (United Kingdom)

ASN10310 (YAHOO-1, US)

cdn-ssl.vidible.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.243.121.135 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-121-135.eu-west-1.compute.amazonaws.com

stats3.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.196.104.43 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-104-43.eu-central-1.compute.amazonaws.com

hb.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.251.232.240 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-232-240.eu-west-1.compute.amazonaws.com

bc-rtb-dub.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.17.64.209 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-64-209.eu-west-1.compute.amazonaws.com

vid-io-dub.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.80.176.210 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-176-210.eu-west-1.compute.amazonaws.com

targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.29.181.218 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-181-218.eu-central-1.compute.amazonaws.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 72.247.225.17 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a72-247-225-17.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.230.142 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 72.247.225.32 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a72-247-225-32.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	686 KB
33	bleepstatic.com www.bleepstatic.com	421 KB
25	ampproject.org cdn.ampproject.org	645 KB
21	connatix.com 1 redirects cd.connatix.com cds.connatix.com ck.connatix.com capi.connatix.com vid.connatix.com img.connatix.com	770 KB
18	adnxs.com ib.adnxs.com acdn.adnxs.com	16 KB
18	doubleclick.net googleads.g.doubleclick.net ad.doubleclick.net securepubads.g.doubleclick.net	117 KB
16	sharethrough.com btlr.sharethrough.com	2 KB
12	springserve.com vid.springserve.com vpaid.springserve.com bc-rtb-dub.springserve.com vid-io-dub.springserve.com	310 KB
11	unrulymedia.com video.unrulymedia.com stats3.unrulymedia.com targeting.unrulymedia.com	117 KB
11	pubmatic.com hbopenbid.pubmatic.com ads.pubmatic.com	518 B
10	3lift.com 2 redirects tlx.3lift.com eb2.3lift.com	3 KB
10	rubiconproject.com fastlane.rubiconproject.com eus.rubiconproject.com	19 KB
10	pub.network a.pub.network d.pub.network c.pub.network	212 KB
9	openx.net 1 redirects freestar-d.openx.net eu-u.openx.net	2 KB
9	districtm.io dmx.districtm.io cdn.districtm.io	807 B
9	google.com 5 redirects www.google.com cse.google.com adservice.google.com	2 KB
8	consensu.org quantcast.mgr.consensu.org admiral.mgr.consensu.org static.quantcast.mgr.consensu.org vendorlist.consensu.org api.quantcast.mgr.consensu.org audit.quantcast.mgr.consensu.org	188 KB
8	gstatic.com fonts.gstatic.com	87 KB
6	amazon-adsystem.com c.amazon-adsystem.com	31 KB
6	googleapis.com fonts.googleapis.com ajax.googleapis.com	34 KB
4	casalemedia.com as-sec.casalemedia.com	4 KB
4	dapperdiscussion.com dapperdiscussion.com	42 KB
3	emxdgt.com hb.emxdgt.com	948 B
3	vidible.tv cdn-ssl.vidible.tv	24 KB
3	googletagservices.com www.googletagservices.com	70 KB
3	addthis.com s9.addthis.com s7.addthis.com	189 KB
2	reddit.com www.reddit.com	926 B
2	facebook.com graph.facebook.com	971 B
2	upapi.net mrb.upapi.net	223 KB
2	google-analytics.com www.google-analytics.com	18 KB
2	bleepingcomputer.com www.bleepingcomputer.com	23 KB
1	addthisedge.com v1.addthisedge.com	877 B
1	moatads.com z.moatads.com	1 KB
1	videoplayerhub.com freestar-io.videoplayerhub.com	25 KB
1	google.de adservice.google.de	171 B
1	analysis.fi ecdn.analysis.fi	2 KB
1	googletagmanager.com www.googletagmanager.com	30 KB
0	dotomi.com Failed web.hb.ad.cpe.dotomi.com Failed
323	38

	Domain	Requested by
33	www.bleepstatic.com	www.bleepingcomputer.com pagead2.googlesyndication.com dapperdiscussion.com
32	tpc.googlesyndication.com	dapperdiscussion.com securepubads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com www.bleepingcomputer.com cdn.ampproject.org
25	cdn.ampproject.org	securepubads.g.doubleclick.net
16	btlr.sharethrough.com	a.pub.network
14	ib.adnxs.com	a.pub.network vpaid.springserve.com
10	img.connatix.com	www.bleepingcomputer.com
10	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.bleepingcomputer.com
9	fastlane.rubiconproject.com	a.pub.network
8	fonts.gstatic.com	www.bleepingcomputer.com a.pub.network www.googletagservices.com
7	video.unrulymedia.com	securepubads.g.doubleclick.net video.unrulymedia.com ajax.googleapis.com
7	hbopenbid.pubmatic.com	a.pub.network vpaid.springserve.com
7	capi.connatix.com	cds.connatix.com
7	www.google.com	5 redirects www.bleepingcomputer.com
6	eb2.3lift.com	2 redirects a.pub.network
6	c.amazon-adsystem.com	a.pub.network c.amazon-adsystem.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com
6	pagead2.googlesyndication.com	www.bleepingcomputer.com pagead2.googlesyndication.com
5	eu-u.openx.net	1 redirects a.pub.network
5	c.pub.network	a.pub.network
5	dmx.districtm.io	a.pub.network
5	fonts.googleapis.com	www.bleepingcomputer.com securepubads.g.doubleclick.net
4	ads.pubmatic.com	a.pub.network
4	acdn.adnxs.com	a.pub.network
4	cdn.districtm.io	a.pub.network
4	freestar-d.openx.net	a.pub.network
4	as-sec.casalemedia.com	a.pub.network
4	tlx.3lift.com	a.pub.network
4	dapperdiscussion.com	www.bleepingcomputer.com dapperdiscussion.com
3	vid-io-dub.springserve.com	vpaid.springserve.com
3	bc-rtb-dub.springserve.com	vpaid.springserve.com
3	hb.emxdgt.com	vpaid.springserve.com
3	stats3.unrulymedia.com	www.bleepingcomputer.com
3	cdn-ssl.vidible.tv	vpaid.springserve.com
3	vpaid.springserve.com	cds.connatix.com
3	vid.springserve.com	cds.connatix.com
3	www.googletagservices.com	a.pub.network pagead2.googlesyndication.com securepubads.g.doubleclick.net
3	d.pub.network	a.pub.network
2	www.reddit.com	s9.addthis.com
2	graph.facebook.com	s9.addthis.com
2	vendorlist.consensu.org	dapperdiscussion.com quantcast.mgr.consensu.org
2	s7.addthis.com	s9.addthis.com
2	mrb.upapi.net	freestar-io.videoplayerhub.com mrb.upapi.net
2	static.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
2	ad.doubleclick.net	www.bleepingcomputer.com dapperdiscussion.com
2	www.google-analytics.com	www.googletagmanager.com www.bleepingcomputer.com
2	a.pub.network	www.bleepingcomputer.com a.pub.network
2	www.bleepingcomputer.com	dapperdiscussion.com
1	eus.rubiconproject.com	a.pub.network
1	targeting.unrulymedia.com	video.unrulymedia.com
1	ajax.googleapis.com	video.unrulymedia.com
1	audit.quantcast.mgr.consensu.org	static.quantcast.mgr.consensu.org
1	vid.connatix.com	cds.connatix.com
1	api.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	ck.connatix.com	cds.connatix.com
1	admiral.mgr.consensu.org	dapperdiscussion.com
1	v1.addthisedge.com	s9.addthis.com
1	z.moatads.com	s9.addthis.com
1	freestar-io.videoplayerhub.com	a.pub.network
1	quantcast.mgr.consensu.org	www.bleepstatic.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	ecdn.analysis.fi	www.bleepingcomputer.com
1	cds.connatix.com	www.bleepingcomputer.com
1	cd.connatix.com	1 redirects
1	s9.addthis.com	www.bleepingcomputer.com
1	cse.google.com	www.bleepingcomputer.com
1	www.googletagmanager.com	www.bleepingcomputer.com
0	web.hb.ad.cpe.dotomi.com Failed	a.pub.network vpaid.springserve.com
323	68

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com
deals.bleepingcomputer.com
www.kaspersky.com

Subject Issuer	Validity	Valid
bleepingcomputer.com COMODO RSA Domain Validation Secure Server CA	`2018-05-12` - `2020-05-17`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-11-11` - `2020-10-09`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
odc-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2019-10-10` - `2020-09-04`	a year	crt.sh
j3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-04-23` - `2021-04-20`	a year	crt.sh
*.analysis.fi Sectigo RSA Domain Validation Secure Server CA	`2019-06-13` - `2020-06-12`	a year	crt.sh
dapperdiscussion.com Let's Encrypt Authority X3	`2020-03-10` - `2020-06-08`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
quantcast.mgr.consensu.org Amazon	`2019-05-06` - `2020-06-06`	a year	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
*.pub.network Go Daddy Secure Certificate Authority - G2	`2019-02-09` - `2020-05-16`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh
admiral.mgr.consensu.org GTS CA 1D2	`2020-04-07` - `2020-07-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
*.connatix.com Go Daddy Secure Certificate Authority - G2	`2019-09-05` - `2020-10-19`	a year	crt.sh
vendorlist.consensu.org Amazon	`2020-02-07` - `2021-03-07`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2019-10-07` - `2020-09-29`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-04-15` - `2020-07-14`	3 months	crt.sh
*.reddit.com DigiCert SHA2 Secure Server CA	`2020-04-06` - `2020-10-03`	6 months	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
*.3lift.com Amazon	`2019-07-17` - `2020-08-17`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
districtm.io CloudFlare Inc ECC CA-2	`2020-02-25` - `2020-10-09`	7 months	crt.sh
*.sharethrough.com Amazon	`2019-10-07` - `2020-11-07`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2018-01-04` - `2020-07-09`	3 years	crt.sh
*.springserve.com Amazon	`2020-03-20` - `2021-04-20`	a year	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
*.unrulymedia.com DigiCert SHA2 Secure Server CA	`2017-08-30` - `2020-11-27`	3 years	crt.sh
cdn-ycs.vidible.tv DigiCert SHA2 High Assurance Server CA	`2020-01-30` - `2020-07-28`	6 months	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2019-07-17` - `2020-07-17`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2020-01-02` - `2021-04-02`	a year	crt.sh

This page contains 39 frames:

Primary Page: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
Frame ID: 857CF3E1F08493B3321B859D9D629437
Requests: 174 HTTP requests in this frame

Frame: https://cds.connatix.com/p/8624/connatix.playspace.dc.js
Frame ID: 088551F6F31C463AC97796FE7A6E7B21
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200427/r20190131/zrt_lookup.html
Frame ID: 742D73CD4D1D4D2A30084D8CF3255FF7
Requests: 1 HTTP requests in this frame

Frame: https://admiral.mgr.consensu.org/portal.html
Frame ID: 2A5D9AE8AC8577630AAB04D0C4DB631F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html
Frame ID: D012A928A00A9A3FD2DFC4B06C60EDE9
Requests: 1 HTTP requests in this frame

Frame: https://static.quantcast.mgr.consensu.org/v32/cmp-3pc-check.html
Frame ID: 46779DC7810E990B4E816E700DC1BD7D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&adk=1812271804&adf=3025194257&lmt=1588026539&plat=1%3A32776%2C2%3A16809992%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&us_privacy=1---&format=0x0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ffake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1588170319372&bpp=2&bdt=608&idt=598&shv=r20200427&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7113577696587&frm=20&pv=2&ga_vid=561706886.1588170320&ga_sid=1588170320&ga_hid=96519575&ga_fc=0&iag=0&icsg=571746090491904&dssz=50&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065472%2C21065474%2C21065925%2C410075106&oid=3&pvsid=1716003269940156&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=1&uci=a!1&fsb=1&dtd=617
Frame ID: 928B75EB03B3796CF49423B2E12A30E1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 9BF7C1908DE7F94C5175001472E7B3C6
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_d96b83eb.js
Frame ID: 6BA497F8F32A6B261169EC9BE4EBF867
Requests: 9 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js
Frame ID: 448B004E857D82262318F0A5A9A045E7
Requests: 17 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js
Frame ID: 0EC17C08CB40EEDC004090FEA95A08F6
Requests: 16 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js
Frame ID: 0E462D94065136A57DD5BE066D4A0DAD
Requests: 22 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsso9Rk3dIdIU8xqgyy9QF9aTN0g2-GFTBoKfDGesDNncRoXYH3QFLnv-dWxfeFO9BshZ7IOzoNuxFLGZe1saSc0HZYCPjNgGx3vmO5-e_BC3Z1F2MUOqFEf04PhIr200UDVr08_7HZ04HCB6XcVMDOp8D9V8ywI5bcQ6eMyLQOOGzVIaEHtUe2FZIHWEnTwEUY7gTERreNjihbtKqDh6gLMl_vR3seP1mqCO7eZrm2tx7g2c597s7WTB3rGlNJw-6BxRMepQ9RlPLVtZHR2LBHcoUAc--Z0hdRq7LguxoxqmFVafRY-G4I&sig=Cg0ArKJSzPXc_wc3EkSjEAE&urlfix=1&adurl=
Frame ID: 5D944F043DB8C77ED9015B55DB128AED
Requests: 5 HTTP requests in this frame

Frame: https://video.unrulymedia.com/native/et_v1.0.1624-0-gff057b5.js
Frame ID: C2214285C9BC2DFE0D4B35AF7806CE9F
Requests: 9 HTTP requests in this frame

Frame: https://video.unrulymedia.com/iframes/third-party-iframes.html?h=v1.0.1624-0-gff057b5&siteId=1101818
Frame ID: 76CE5F2C4255B0622DA926E2DF8C3CA5
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032004071640410/amp4ads-v0.js
Frame ID: 19B8934D4191B85E9FF99656EB61E2E5
Requests: 21 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_d96b83eb.js
Frame ID: 0E532A22ECA4D5BFFBB796F342DF5132
Requests: 9 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_d96b83eb.js
Frame ID: 6D6AD67B97FAC85196D9A6F57A3F04A0
Requests: 9 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html?ccpa=1---
Frame ID: 4239B974A5168A740551497B280165F1
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1&us_privacy=1---
Frame ID: 740656434DF3C9732F27E3709D67AB90
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html?ccpa=1---
Frame ID: 47FD5A459D5BEB45ADC44A82D8A88C20
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html?ccpa=1---
Frame ID: 1951FB263F41755EAA646A8F2CBB61A6
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Frame ID: 7538A186A52172F9FC269AFA064A41B4
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: D03630641D5995DEE61E7B40A2118669
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1&us_privacy=1---
Frame ID: 6251558F27D564C5E3532EA08BEFA3B9
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 59E4B069B776BFD9808B82253C2A9BD9
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html?ccpa=1---
Frame ID: 7B7C841C19790FFACE7B034F49A133DE
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 3321C649AB930B44A4B1D19071374CB1
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Frame ID: 7CAFF833742039AE04EAC58CD40E8925
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Frame ID: A68B5E99C2E8A1124D1BB2454BDF10F3
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 07C034E6A4730C82F5AE901C935FE6C2
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1---&
Frame ID: 9EB65A895AC833B7AE48C04DD0F50B26
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: A348F04714D7CA8059D4908D87C37354
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 8C63919A1CA96F817F689A7B90E20DF7
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: C5D0729DF6EE649843EA24A3B044F883
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1&us_privacy=1---
Frame ID: 77FB6A26F6C84DEA508C26BFBAAB928C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 3437D737A8BBF28493B52D5868707F1E
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1---&
Frame ID: 07E571F42A03184CB832EADAF87FFB1C
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1&us_privacy=1---
Frame ID: D19136D8B229EADFA89D787D04AB1519
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

323
Requests

98 %
HTTPS

32 %
IPv6

38
Domains

68
Subdomains

57
IPs

6
Countries

4314 kB
Transfer

11632 kB
Size

0
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/BleepingComputer

Search URL Search Domain Scan URL

URL: https://twitter.com/BleepinComputer

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/BleepingComputer

Search URL Search Domain Scan URL

URL: https://deals.bleepingcomputer.com/
Title: Deals

Search URL Search Domain Scan URL

URL: https://deals.bleepingcomputer.com/deals/elearning?utm_source=bleepingcomputer.com&utm_medium=dd_cat
Title: eLearning

Search URL Search Domain Scan URL

URL: https://deals.bleepingcomputer.com/deals/certifications?utm_source=bleepingcomputer.com&utm_medium=dd_cat
Title: IT Certification Courses

Search URL Search Domain Scan URL

URL: https://deals.bleepingcomputer.com/deals/gear-gadgets?utm_source=bleepingcomputer.com&utm_medium=dd_cat
Title: Gear + Gadgets

Search URL Search Domain Scan URL

URL: https://deals.bleepingcomputer.com/collections/tag-cyber-security?utm_source=bleepingcomputer.com&utm_medium=dd_cat
Title: Security

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/blog/covid-fake-delivery-service-spam-phishing/35125/
Title: emails seen by Kaspersky

Search URL Search Domain Scan URL

URL: https://twitter.com/LawrenceAbrams

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en HTTP 302
https://cse.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request Chain 22

https://cd.connatix.com/connatix.playspace.js HTTP 302
https://cds.connatix.com/p/8624/connatix.playspace.dc.js

Request Chain 234

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 235

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 237

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 279

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 309

https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1&us_privacy=1--- HTTP 302
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1&us_privacy=1---

Request Chain 312

https://eb2.3lift.com/sync?us_privacy=1---& HTTP 302
https://eb2.3lift.com/sync?us_privacy=1---&&ld=1

Request Chain 318

https://eb2.3lift.com/sync?us_privacy=1---& HTTP 302
https://eb2.3lift.com/sync?us_privacy=1---&&ld=1

323 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/ 68 KB
15 KB 612ms
579ms Document
text/html 104.20.60.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.60.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

443581d8f12cd9617c7749f95ba778b89d361cf57287edf0d4fe459ee4e10041

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.bleepingcomputer.com
:scheme: https
:path: /news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Wed, 29 Apr 2020 14:25:18 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dff7010f530acbaf30194f46fecb89fb21588170318; expires=Fri, 29-May-20 14:25:18 GMT; path=/; domain=.bleepingcomputer.com; HttpOnly; SameSite=Lax; Secure session_id=8ea8dee55de4d4afbfd12affce426069; path=/; domain=.bleepingcomputer.com; httponly;Secure lav=8224; expires=Fri, 29-May-2020 14:25:18 GMT; Max-Age=2592000; path=/;Secure
content-security-policy: upgrade-insecure-requests;
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
last-modified: Mon, 27 Apr 2020 22:28:59 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 58b9b108bc5872f3-AMS
content-encoding: br
cf-request-id: 0267ecf970000072f315386200000001

GET
H2 200 css
fonts.googleapis.com/ 15 KB
988 B 20ms
18ms Stylesheet
text/css 2a00:1450:4001:815::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dda7ea92135dcf21660d4d79391d303fc38f6a6524ae74bbe2986f1d2e990d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 29 Apr 2020 14:25:18 GMT
server: ESF
date: Wed, 29 Apr 2020 14:25:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 29 Apr 2020 14:25:18 GMT

GET
H2 200 bootstrap.css
www.bleepstatic.com/css/redesign/ 111 KB
17 KB 71ms
25ms Stylesheet
text/css 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/css/redesign/bootstrap.css
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e7c74d95df84ef3a6be5c4fcde54fae313a04a9bd611059e6a97a23ff09f26f

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:18 GMT
content-encoding: br
cf-cache-status: HIT
age: 2523
cf-polished: origSize=137522
status: 200
cf-request-id: 0267ecfbe40000c8374cbe2200000001
last-modified: Fri, 23 Sep 2016 14:33:06 GMT
server: cloudflare
etag: W/"2184297232"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
expires: Sun, 26 Apr 2020 13:30:19 GMT
cache-control: max-age=3024000
cf-ray: 58b9b10cada7c837-AMS
cf-bgj: minify

GET
H2 200 main.css
www.bleepstatic.com/css/redesign/ 51 KB
9 KB 89ms
43ms Stylesheet
text/css 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9e727b37a735a7983ea8bdad06a38b246261c239bb80b86cc0ff3663c910adb

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:18 GMT
content-encoding: br
cf-cache-status: HIT
age: 6362
cf-polished: origSize=60842
status: 200
cf-request-id: 0267ecfbe40000c8374cbe3200000001
last-modified: Thu, 16 Aug 2018 15:28:40 GMT
server: cloudflare
etag: W/"4249134023"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
expires: Wed, 29 Apr 2020 08:38:03 GMT
cache-control: max-age=3024000
cf-ray: 58b9b10cadafc837-AMS
cf-bgj: minify

GET
H2 200 home.css
www.bleepstatic.com/css/redesign/ 12 KB
3 KB 86ms
40ms Stylesheet
text/css 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/css/redesign/home.css
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3498f138f5418bd58413e79e4c0969e618d6f2fee2d9d98c0f4e70a6cbd04ad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:18 GMT
content-encoding: br
cf-cache-status: HIT
age: 6723
cf-polished: origSize=14998
status: 200
cf-request-id: 0267ecfbe40000c8374cbe4200000001
last-modified: Sat, 24 Mar 2018 16:18:00 GMT
server: cloudflare
etag: W/"2402535603"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
expires: Wed, 27 Mar 2019 21:45:08 GMT
cache-control: max-age=3024000
cf-ray: 58b9b10cadb0c837-AMS
cf-bgj: minify

GET
H2 200 news.css
www.bleepstatic.com/css/redesign/ 27 KB
5 KB 84ms
38ms Stylesheet
text/css 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/css/redesign/news.css
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd6b502c34919683743558fe50029dbfbedda461affb44585801c659a2a150d4

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:18 GMT
content-encoding: br
cf-cache-status: HIT
age: 2317125
cf-polished: origSize=32904
status: 200
cf-request-id: 0267ecfbe40000c8374cbe5200000001
last-modified: Thu, 02 Apr 2020 18:44:31 GMT
server: cloudflare
etag: W/"2320130075"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
expires: Thu, 07 May 2020 18:46:33 GMT
cache-control: max-age=3024000
cf-ray: 58b9b10cadb3c837-AMS
cf-bgj: minify

GET
H2 200 jquery-1.11.1.min.js Show response
www.bleepstatic.com/js/redesign/ 94 KB
32 KB 92ms
47ms Script
text/javascript 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/redesign/jquery-1.11.1.min.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:18 GMT
content-encoding: br
cf-cache-status: HIT
age: 831
status: 200
cf-request-id: 0267ecfbe40000c8374cbe6200000001
last-modified: Thu, 23 Apr 2015 12:36:44 GMT
server: cloudflare
etag: W/"3647451394"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 58b9b10cadb4c837-AMS
expires: Tue, 10 Dec 2019 08:09:38 GMT

GET
H2 200 news.js Show response
www.bleepstatic.com/js/redesign/ 183 B
263 B 52ms
43ms Script
text/javascript 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/redesign/news.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 827252be04765631f8ff21fee8ffe1028e27dfa52f62c08ef3182609a0a0e991

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:18 GMT
content-encoding: br
cf-cache-status: HIT
age: 5561
cf-polished: origSize=247
status: 200
cf-request-id: 0267ecfc540000c8374cbf0200000001
last-modified: Wed, 16 Dec 2015 15:41:46 GMT
server: cloudflare
etag: W/"4218930423"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
expires: Thu, 23 Apr 2020 05:25:20 GMT
cache-control: max-age=3024000
cf-ray: 58b9b10d5f7dc837-AMS
cf-bgj: minify

GET
H2 200 qc-consent.js Show response
www.bleepstatic.com/js/qc-consent/ 3 KB
1 KB 52ms
44ms Script
text/javascript 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/qc-consent/qc-consent.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b6a84a416edfb98ed7608dad8cd26ffd7123e54bce2bb13a4a3394e0b948382

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:18 GMT
content-encoding: br
cf-cache-status: HIT
age: 1185
cf-polished: origSize=3848
status: 200
cf-request-id: 0267ecfc540000c8374cbf1200000001
last-modified: Thu, 07 Feb 2019 13:49:44 GMT
server: cloudflare
etag: W/"3981350888"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
expires: Wed, 22 Apr 2020 23:15:55 GMT
cache-control: max-age=3024000
cf-ray: 58b9b10d5f80c837-AMS
cf-bgj: minify

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 80 KB
30 KB 27ms
18ms Script
application/javascript 2a00:1450:4001:81b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-91740-1

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f8b35a82a6a7c1365feb8f130f7a875265bb3fc4961f00b2c147a85cc3976ee5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:18 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30159
x-xss-protection: 0
last-modified: Wed, 29 Apr 2020 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 29 Apr 2020 14:25:18 GMT

GET
H2 200 logo.png
www.bleepstatic.com/images/site/ 1 KB
1 KB 32ms
24ms Image
image/webp 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/logo.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19db4a2cde712e2ceaac317e732b4ec40b62818a938a8bf8391ad68470845019

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:18 GMT
cf-cache-status: HIT
age: 158166
cf-polished: origFmt=png, origSize=1882
status: 200
content-disposition: inline; filename="logo.webp"
content-length: 1152
cf-request-id: 0267ecfc540000c8374cbf2200000001
last-modified: Sat, 04 Mar 2017 04:12:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 27 May 2020 18:29:12 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 58b9b10d5f82c837-AMS
cf-bgj: imgq:85,h2pri

GET
H2

200

brand Show response
cse.google.com/coop/cse/
Redirect Chain

https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en
https://cse.google.com/coop/cse/brand?form=cse-search-box&lang=en

3 KB
1 KB

10ms
5ms

Script
text/javascript

2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/coop/cse/brand?form=cse-search-box&lang=en

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

pfe /

Resource Hash

4eeb4df3522892ea2ec61de6a58e870e8262019f8e3c759c099450cefb589313

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:16:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: pfe
age: 507
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=1800
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1181
x-xss-protection: 0
expires: Wed, 29 Apr 2020 14:46:52 GMT

Redirect headers

date: Wed, 29 Apr 2020 14:25:18 GMT
x-content-type-options: nosniff
server: sffe
status: 302
content-type: text/html; charset=UTF-8
location: https://cse.google.com/coop/cse/brand?form=cse-search-box&lang=en
cache-control: private
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 266
x-xss-protection: 0

GET
H2 200 Coronavirus-Phishing.jpg
www.bleepstatic.com/content/hl-images/2020/01/31/ 47 KB
47 KB 41ms
33ms Image
image/webp 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/content/hl-images/2020/01/31/Coronavirus-Phishing.jpg
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b8e3eecb1d40364b281207debf28220e0d042b8ad9e78e679ab828f419ae18f

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:18 GMT
cf-cache-status: HIT
age: 167053
cf-polished: qual=85, origFmt=jpeg, origSize=140449
status: 200
content-disposition: inline; filename="Coronavirus-Phishing.webp"
content-length: 47618
cf-request-id: 0267ecfc540000c8374cbf3200000001
last-modified: Fri, 31 Jan 2020 23:11:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 27 May 2020 16:01:05 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 58b9b10d5f86c837-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 dhl-express.jpg
www.bleepstatic.com/images/news/security/phishing/c/coronavirus/ups-fedex/ 41 KB
42 KB 52ms
45ms Image
image/webp 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/news/security/phishing/c/coronavirus/ups-fedex/dhl-express.jpg
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ed2c6ce1d2a33048fa3d26a3bddbfd4f68b99e1e3d58a2fe16f636281981b88

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:18 GMT
cf-cache-status: HIT
age: 143774
cf-polished: qual=85, origFmt=jpeg, origSize=75369
status: 200
content-disposition: inline; filename="dhl-express.webp"
content-length: 42282
cf-request-id: 0267ecfc540000c8374cbf4200000001
last-modified: Mon, 27 Apr 2020 21:40:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 27 May 2020 22:29:03 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 58b9b10d5f89c837-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 fedex-email.jpg
www.bleepstatic.com/images/news/security/phishing/c/coronavirus/ups-fedex/ 74 KB
75 KB 56ms
49ms Image
image/webp 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/news/security/phishing/c/coronavirus/ups-fedex/fedex-email.jpg
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb49ffd89147180ae5a79edba8315ef8660d11cb33adad155de87a9dee327d1e

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:18 GMT
cf-cache-status: HIT
age: 143218
cf-polished: qual=85, origFmt=jpeg, origSize=155243
status: 200
content-disposition: inline; filename="fedex-email.webp"
content-length: 76142
cf-request-id: 0267ecfc540000c8374cbf5200000001
last-modified: Mon, 27 Apr 2020 20:48:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 27 May 2020 22:38:20 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 58b9b10d5f8cc837-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 107 KB
39 KB 41ms
33ms Script
text/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1cf3eea135c84fa61fc50844f9ffc52b5164216661fb8baa72193b4ae2e979bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 39456
x-xss-protection: 0
server: cafe
etag: 17338194221637437792
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 29 Apr 2020 14:25:18 GMT

GET
H2 200 twitter.png
www.bleepstatic.com/images/site/login/ 282 B
448 B 36ms
29ms Image
image/webp 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/login/twitter.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67d86a29de7993fbd23b7dde2c4f26bdc434055c35a4b08c830c0d02fcfa6dd2

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:18 GMT
cf-cache-status: HIT
age: 159463
cf-polished: origFmt=png, origSize=475
status: 200
content-disposition: inline; filename="twitter.webp"
content-length: 282
cf-request-id: 0267ecfc560000c8374cbf6200000001
last-modified: Sat, 04 Mar 2017 20:46:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 27 May 2020 18:07:35 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 58b9b10d5f90c837-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 bootstrap.js Show response
www.bleepstatic.com/js/redesign/ 44 KB
10 KB 71ms
64ms Script
text/javascript 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/redesign/bootstrap.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5e0f326458e8b8ed839d42a0cf6892df80bf26d7dc7e4f8276a65c41582ab85

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:18 GMT
content-encoding: br
cf-cache-status: HIT
age: 219
cf-polished: origSize=65813
status: 200
cf-request-id: 0267ecfc560000c8374cbf7200000001
last-modified: Thu, 23 Apr 2015 12:36:43 GMT
server: cloudflare
etag: W/"3930092018"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
expires: Tue, 10 Dec 2019 08:11:55 GMT
cache-control: max-age=3024000
cf-ray: 58b9b10d5f92c837-AMS
cf-bgj: minify

GET
H2 200 blazy.min.js Show response
www.bleepstatic.com/js/blazy/ 5 KB
2 KB 23ms
22ms Script
text/javascript 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/blazy/blazy.min.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f427d0f88a0698c955ff63bf13af4ca80c9b32f218b5e210847450da901a74f

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:18 GMT
content-encoding: br
cf-cache-status: HIT
age: 3448
status: 200
cf-request-id: 0267ecfc200000c8374cbeb200000001
last-modified: Thu, 16 Aug 2018 21:06:19 GMT
server: cloudflare
etag: W/"753357888"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 58b9b10d0ea5c837-AMS
expires: Wed, 29 Apr 2020 07:26:28 GMT

GET
H2 200 bleep.js Show response
www.bleepstatic.com/js/redesign/ 3 KB
802 B 39ms
32ms Script
text/javascript 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/redesign/bleep.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22e977346d45bab9f531ce1132d7ecfbe8e46868eaea790a0d4dcd1d0649d74b

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:18 GMT
content-encoding: br
cf-cache-status: HIT
age: 1171
cf-polished: origSize=3600
status: 200
cf-request-id: 0267ecfc560000c8374cbf8200000001
last-modified: Mon, 01 Oct 2018 12:47:57 GMT
server: cloudflare
etag: W/"2696894447"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
expires: Wed, 22 Apr 2020 23:15:56 GMT
cache-control: max-age=3024000
cf-ray: 58b9b10d5f96c837-AMS
cf-bgj: minify

GET
H2 200 jquery.fancybox.js Show response
www.bleepstatic.com/js/redesign/fancybox/ 31 KB
10 KB 34ms
28ms Script
text/javascript 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/redesign/fancybox/jquery.fancybox.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31cd7d9398307ca2e6cfaa111bbe7b69d69cbaaed2ff74034412ebc5008671fd

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:18 GMT
content-encoding: br
cf-cache-status: HIT
age: 700
cf-polished: origSize=48706
status: 200
cf-request-id: 0267ecfc560000c8374cbf9200000001
last-modified: Wed, 14 Oct 2015 20:25:51 GMT
server: cloudflare
etag: W/"327140449"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
expires: Wed, 29 Apr 2020 08:11:43 GMT
cache-control: max-age=3024000
cf-ray: 58b9b10d5f97c837-AMS
cf-bgj: minify

GET
H2 200 fixto.min.js Show response
www.bleepstatic.com/js/fixto/ 8 KB
3 KB 30ms
30ms Script
text/javascript 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/fixto/fixto.min.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d6d26827b887aa09b2a5eb7c001e35b93773e53c36ddbfc127ad824e0a6ba39

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:18 GMT
content-encoding: br
cf-cache-status: HIT
age: 5250
status: 200
cf-request-id: 0267ecfc2b0000c8374cbed200000001
last-modified: Sat, 13 Jun 2015 21:34:42 GMT
server: cloudflare
etag: W/"1740214911"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 58b9b10d1edcc837-AMS
expires: Wed, 11 Dec 2019 05:46:52 GMT

GET
H2 200 addthis_widget.js Show response
s9.addthis.com/js/300/ 349 KB
113 KB 130ms
47ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s9.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

ab8ceea757a634f5ce5a9ed6f6b4bcdd555869b385d315854e16914a2f5a3bc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Tue, 21 Jan 2020 20:57:37 GMT
server: nginx/1.15.8
etag: "5e2765c1-57446"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
status: 200
cache-control: public, max-age=600
date: Wed, 29 Apr 2020 14:25:19 GMT
x-host: s9.addthis.com
content-length: 114924

GET
H2

200

connatix.playspace.dc.js Show response
cds.connatix.com/p/8624/ Frame 0885
Redirect Chain

https://cd.connatix.com/connatix.playspace.js
https://cds.connatix.com/p/8624/connatix.playspace.dc.js

1 MB
273 KB

149ms
61ms

Script
application/javascript

151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/8624/connatix.playspace.dc.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: aef0bedc993fedc80b4c70c6d7f4c3476c0e088cae9980f2a7ad7a2a5a625d7c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:19 GMT
content-encoding: gzip
age: 19958
x-cache: HIT, HIT
status: 200
content-length: 278820
x-served-by: cache-dca17782-DCA, cache-hhn4065-HHN
access-control-allow-origin: *
last-modified: Wed, 29 Apr 2020 08:49:03 GMT
x-timer: S1588170319.198321,VS0,VE0
etag: "f83c770879c5f07ad0dda10f34efa9ae"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=31557600
accept-ranges: bytes
x-cache-hits: 1, 3

Redirect headers

date: Wed, 29 Apr 2020 14:25:19 GMT
via: 1.1 varnish
server: Varnish
age: 0
x-served-by: cache-fra19155-FRA
status: 302
x-cache: HIT
location: https://cds.connatix.com/p/8624/connatix.playspace.dc.js
cache-control: no-cache, no-store, must-revalidate, max-age=0
accept-ranges: bytes
x-timer: S1588170319.020668,VS0,VE0
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 pubfig.min.js Show response
a.pub.network/bleepingcomputer-com/ 383 KB
97 KB 135ms
50ms Script
application/javascript 2606:4700:20::681a:8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 100f9100601452507a82fd7a081329e8617b16a03f42f279b1833cb6909f2c11

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:19 GMT
content-encoding: br
cf-cache-status: HIT
x-guploader-uploadid: AAANsUmlKwTFwBo62z3XTMU3HDZN1p-Bcw9t2d9euWAUCvxB4RYLdQJjjWhCOe4ZivW9IzEx0TqfWH0j8-RBt5hQyg
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: application/javascript
cf-request-id: 0267ecfca10000dfe706069200000001
last-modified: Thu, 23 Apr 2020 23:00:07 GMT
server: cloudflare
etag: W/"468c25fdb3b5d7390963c74841e8675c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=TxBtYA==, md5=Rowl/bO11zkJY8dIQehnXA==
x-goog-generation: 1587682807973483
cache-control: public, max-age=1800
x-goog-stored-content-length: 392447
cf-ray: 58b9b10dcef2dfe7-FRA
expires: Tue, 28 Apr 2020 16:08:18 GMT

GET
H/1.1 200
OK fab.js Show response
ecdn.analysis.fi/static/js/ 4 KB
2 KB 134ms
44ms Script
application/javascript 212.71.236.117
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://ecdn.analysis.fi/static/js/fab.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.71.236.117 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-212-71-236-117.london.nodebalancer.linode.com
Software: nginx/1.12.2 /
Resource Hash: affd87461f2babd57a2f7aec75e9193e8e71a377e8249a02c95a5f43326e289e

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 29 Apr 2020 14:24:21 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Jul 2015 00:00:00 GMT
Server: nginx/1.12.2
ETag: "55a5a280-560"
Content-Type: application/javascript
Cache-Control: max-age=3600
Connection: close
Content-Length: 1376
Expires: Wed, 29 Apr 2020 15:24:21 GMT

GET
H2 200 v2mojjRqxm0uSiopiD-aABaVl-1eYGn-9jdzP46hyVV260JPOwzzIpayjWhZBI5i- Show response
dapperdiscussion.com/ 131 KB
36 KB 133ms
48ms Script
text/javascript 35.190.64.11
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dapperdiscussion.com/v2mojjRqxm0uSiopiD-aABaVl-1eYGn-9jdzP46hyVV260JPOwzzIpayjWhZBI5i-

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.64.11 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

11.64.190.35.bc.googleusercontent.com

Software

Resource Hash

fef5e989f03de7413353bbfa2320235ce9d04b923b8c593001d1e8093cadb2ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "600d4abb55bebf812bc270facc363fb29b8feb1ee1e00aeaf6f0f48565e8abcb"
vary: Accept-Encoding
x-hostname: regan
content-type: text/javascript; charset=utf-8
status: 200
cache-control: private, must-revalidate, max-age=21600
date: Wed, 29 Apr 2020 14:25:19 GMT
timing-allow-origin: *

GET
H2 200 v2vkrpzjNyY_WxSqEzbeRN2M4LHJh_MULKWmhTVq243XzNKhLyQ9cKaL1JJlAW9qKVz_EbheXcUz91lDtbg Show response
dapperdiscussion.com/ 14 KB
6 KB 133ms
48ms Script
text/javascript 35.190.64.11
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dapperdiscussion.com/v2vkrpzjNyY_WxSqEzbeRN2M4LHJh_MULKWmhTVq243XzNKhLyQ9cKaL1JJlAW9qKVz_EbheXcUz91lDtbg

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.64.11 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

11.64.190.35.bc.googleusercontent.com

Software

Resource Hash

df1cc069e5f49aae4ea8c39dc3de3d44e35de53420fd279d038a8f936678ba49

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: gzip
x-datacenter: gce-europe-west1
etag: "c240feb2ee264c1ffc8845f36b7200c93d93c5b8cb3d002e9186ffc4caaa934c"
vary: Accept-Encoding
x-hostname: regan
content-type: text/javascript; charset=utf-8
status: 200
cache-control: private, must-revalidate, max-age=21600
date: Wed, 29 Apr 2020 14:25:19 GMT
timing-allow-origin: *

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 login_bg.png
www.bleepstatic.com/images/site/ 126 B
544 B 28ms
26ms Image
image/webp 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/login_bg.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32e73e8e0eec3e6c1345d84e7ef091b90e71fb0045814043b34c914156235eb9

Request headers

Referer: https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:18 GMT
cf-cache-status: HIT
age: 154809
cf-polished: origFmt=png, origSize=187
status: 200
content-disposition: inline; filename="login_bg.webp"
content-length: 126
cf-request-id: 0267ecfc580000c8374cbfb200000001
last-modified: Sat, 04 Mar 2017 20:46:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 27 May 2020 19:25:09 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 58b9b10d5fa6c837-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 nav_bg.png
www.bleepstatic.com/images/site/ 72 B
259 B 29ms
28ms Image
image/webp 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/nav_bg.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab52a578c101a14bbc790f87f9a7400dda65469f23c6ce85c461e07cdf776460

Request headers

Referer: https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:18 GMT
cf-cache-status: HIT
age: 161034
cf-polished: origFmt=png, origSize=83
status: 200
content-disposition: inline; filename="nav_bg.webp"
content-length: 72
cf-request-id: 0267ecfc580000c8374cbfc200000001
last-modified: Sat, 04 Mar 2017 07:57:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 27 May 2020 17:41:24 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 58b9b10d5faac837-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap
Origin: https://www.bleepingcomputer.com

Response headers

date: Tue, 14 Apr 2020 23:26:59 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 1263499
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Wed, 14 Apr 2021 23:26:59 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap
Origin: https://www.bleepingcomputer.com

Response headers

date: Wed, 15 Apr 2020 00:22:14 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 1260184
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Thu, 15 Apr 2021 00:22:14 GMT

GET
H2 200 20x20-printer.png
www.bleepstatic.com/images/site/ 422 B
723 B 71ms
46ms Image
image/webp 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/20x20-printer.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b34676178982122b66b0a55d3ee411fa343b1d19a6c119c0c9b0ea2c892738a1

Request headers

Referer: https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:19 GMT
cf-cache-status: HIT
age: 157326
cf-polished: origFmt=png, origSize=824
status: 200
content-disposition: inline; filename="20x20-printer.webp"
content-length: 422
cf-request-id: 0267ecfca40000c8374c804200000001
last-modified: Sat, 03 Oct 2015 03:18:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 27 May 2020 18:43:13 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 58b9b10dd8e7c837-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 calendar.png
www.bleepstatic.com/images/site/ 86 B
415 B 72ms
47ms Image
image/webp 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/calendar.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85ae9534729617e69eafa40195c7854697eb3d13b4205f3ee467e07c4af0a24b

Request headers

Referer: https://www.bleepstatic.com/css/redesign/news.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:19 GMT
cf-cache-status: HIT
age: 159629
cf-polished: origFmt=png, origSize=129
status: 200
content-disposition: inline; filename="calendar.webp"
content-length: 86
cf-request-id: 0267ecfca50000c8374c805200000001
last-modified: Sat, 04 Mar 2017 20:46:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 27 May 2020 18:04:50 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 58b9b10dd8e9c837-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 clock.png
www.bleepstatic.com/images/site/ 252 B
439 B 71ms
47ms Image
image/webp 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/clock.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82c7fdbc4d001907e1e5d56cd335af3f0d48e0ffa7f0ad2aa3486ebb1123cb21

Request headers

Referer: https://www.bleepstatic.com/css/redesign/news.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:19 GMT
cf-cache-status: HIT
age: 159133
cf-polished: origFmt=png, origSize=1316
status: 200
content-disposition: inline; filename="clock.webp"
content-length: 252
cf-request-id: 0267ecfca50000c8374c806200000001
last-modified: Fri, 29 May 2015 07:08:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 27 May 2020 18:13:05 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 58b9b10dd8ebc837-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 comment-light.png
www.bleepstatic.com/images/site/ 96 B
426 B 64ms
45ms Image
image/webp 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/comment-light.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfc8e65089dc5421d56ecc71a0328eafd4feb2a602503ae5c15bfa3189c02f7e

Request headers

Referer: https://www.bleepstatic.com/css/redesign/news.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:19 GMT
cf-cache-status: HIT
age: 4974
cf-polished: origFmt=png, origSize=1034
status: 200
content-disposition: inline; filename="comment-light.webp"
content-length: 96
cf-request-id: 0267ecfca60000c8374c807200000001
last-modified: Fri, 29 May 2015 07:08:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 17 Apr 2020 23:46:14 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 58b9b10dd8edc837-AMS
cf-bgj: imgq:85

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 23ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap
Origin: https://www.bleepingcomputer.com

Response headers

date: Mon, 13 Apr 2020 13:00:06 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 1387513
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11180
x-xss-protection: 0
expires: Tue, 13 Apr 2021 13:00:06 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 19ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap
Origin: https://www.bleepingcomputer.com

Response headers

date: Sat, 28 Mar 2020 09:35:40 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 2782179
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Sun, 28 Mar 2021 09:35:40 GMT

GET
H2 200 32x32-printer.png
www.bleepstatic.com/images/site/ 256 B
450 B 48ms
47ms Image
image/webp 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/32x32-printer.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33eb81af8a0101c1ad2a210f322fb362ce1598e6e37f0a7ecc62d6ff39add590

Request headers

Referer: https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:19 GMT
cf-cache-status: HIT
age: 159306
cf-polished: origFmt=png, origSize=618
status: 200
content-disposition: inline; filename="32x32-printer.webp"
content-length: 256
cf-request-id: 0267ecfca60000c8374c808200000001
last-modified: Fri, 02 Oct 2015 21:57:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 27 May 2020 18:10:13 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 58b9b10dd8f0c837-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 21beb902b545b086a90ec39f1df36b94.jpg
www.bleepstatic.com/author/photos/ 7 KB
8 KB 48ms
46ms Image
image/jpeg 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/author/photos/21beb902b545b086a90ec39f1df36b94.jpg
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19e1dbba639ba68ceb71cdada9621e11d0aec6edba410971f1937d6cc4935b32

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:19 GMT
cf-cache-status: HIT
age: 4542
cf-polished: origSize=7617, status=webp_bigger
status: 200
content-length: 7581
cf-request-id: 0267ecfca60000c8374c809200000001
last-modified: Mon, 26 Oct 2015 17:15:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 23 Apr 2020 08:22:11 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 58b9b10dd8f1c837-AMS
cf-bgj: imgq:85

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 34ms
33ms Script
application/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.bleepingcomputer.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Apr 2020 14:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
323 B 15ms
15ms Script
application/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.bleepingcomputer.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Apr 2020 14:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200427/r20190131/ 217 KB
82 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200427/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36df5d608f84bc0aea1fd83e0fdb9da5c7b128c2db7fc540451cdf414fdd81d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 83767
x-xss-protection: 0
server: cafe
etag: 11397142916847771023
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Apr 2020 14:25:19 GMT

GET
H2 200 h4-bg.png
www.bleepstatic.com/images/site/ 38 B
310 B 36ms
33ms Image
image/webp 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/h4-bg.png
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 942935ead42820e6c9184f099c77dde34fa4be70d395a17c47b5d7ad07967339

Request headers

Referer: https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:19 GMT
cf-cache-status: HIT
age: 156288
cf-polished: origFmt=png, origSize=72
status: 200
content-disposition: inline; filename="h4-bg.webp"
content-length: 38
cf-request-id: 0267ecfd3f0000c8374c818200000001
last-modified: Sat, 04 Mar 2017 20:46:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 27 May 2020 19:00:30 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 58b9b10ecb62c837-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 news_email_icon.png
www.bleepstatic.com/images/site/ 126 B
428 B 26ms
24ms Image
image/webp 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/news_email_icon.png
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c42933014424dabb2256a0732a9f792559d26ba09a84308c278f52834522f9a

Request headers

Referer: https://www.bleepstatic.com/css/redesign/home.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:19 GMT
cf-cache-status: HIT
age: 159638
cf-polished: origFmt=png, origSize=1105
status: 200
content-disposition: inline; filename="news_email_icon.webp"
content-length: 126
cf-request-id: 0267ecfd400000c8374c819200000001
last-modified: Fri, 29 May 2015 07:10:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 27 May 2020 18:04:41 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 58b9b10ecb65c837-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 news_footer_icon.png
www.bleepstatic.com/images/site/ 110 B
305 B 20ms
19ms Image
image/webp 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/news_footer_icon.png
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d020fa6036628dd1d6dbf760edc742273359e93119832249bdce332d05d6db4d

Request headers

Referer: https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:19 GMT
cf-cache-status: HIT
age: 162323
cf-polished: origFmt=png, origSize=186
status: 200
content-disposition: inline; filename="news_footer_icon.webp"
content-length: 110
cf-request-id: 0267ecfd400000c8374c81a200000001
last-modified: Sat, 04 Mar 2017 20:46:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 27 May 2020 17:19:56 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 58b9b10ecb66c837-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200427/r20190131/ Frame 742D 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200427/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200427/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Mon, 27 Apr 2020 23:22:27 GMT
expires: Mon, 11 May 2020 23:22:27 GMT
content-type: text/html; charset=UTF-8
etag: 2883597723061595496
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4868
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 140572
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 cmp.js Show response
quantcast.mgr.consensu.org/ 264 KB
76 KB 78ms
66ms Script
text/javascript 2600:9000:214f:9800:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/cmp.js
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/qc-consent/qc-consent.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:9800:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bc73cc3b5fbc98895f0b459237df3d9aa111098c787650e72cda7eadf27388df

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:20:53 GMT
content-encoding: gzip
last-modified: Tue, 24 Mar 2020 19:10:19 GMT
server: AmazonS3
age: 669
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
status: 200
x-amz-meta-qc-ineu: True
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: 4us2z5vEylyYwDMkW8YLaNego_xRtmz2jK0A-EgQ9qParNSVvlIpRA==
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 77ms
6ms Script
text/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-91740-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 5339
date: Wed, 29 Apr 2020 12:56:20 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 18174
expires: Wed, 29 Apr 2020 14:56:20 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
269 B 22ms
21ms Image
image/x-icon 172.217.22.6
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 06:19:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29165
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 30 Apr 2020 06:19:14 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK cookie Show response
d.pub.network/ 36 B
472 B 510ms
113ms XHR
text/plain 35.188.71.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.pub.network/cookie
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.188.71.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.71.188.35.bc.googleusercontent.com
Software: /
Resource Hash: 53fff7cdf2a34d38bb6f8dae4a137fbac9ccc5a691bfb3dc69d681260365f386

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Wed, 29 Apr 2020 14:25:19 GMT
Access-Control-Allow-Credentials: true
Content-Length: 36
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain;charset=utf-8

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 43 KB
14 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

035b2b00b4ebf3e8c6ab0692a07eab9719cae717a900c853d42be7de303a7013

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "500 / 478 of 1000 / last-modified: 1588103688"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 14513
x-xss-protection: 0
expires: Wed, 29 Apr 2020 14:25:19 GMT

GET
H2 200 gallery.js Show response
freestar-io.videoplayerhub.com/ 105 KB
25 KB 61ms
36ms Script
application/javascript 2606:4700:20::681a:932
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freestar-io.videoplayerhub.com/gallery.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:932 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6891e4bc41124ac51b29a2baba757f7186d0ecdc523e2b9511673738edd697f

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:19 GMT
via: 1.1 445645406967c3b88124f0bfd26a1030.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 5784
x-cache: Hit from cloudfront
status: 200
content-encoding: br
x-amz-version-id: cFmWlheoDf0geKh8US3cDiULJQTdxpJH
cf-request-id: 0267ecfe9b0000dff316940200000001
last-modified: Mon, 27 Apr 2020 16:36:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
x-amz-cf-pop: HAM50-C1
cf-ray: 58b9b110ff7bdff3-FRA
x-amz-cf-id: HrHUNXJ6-iNZ2mtKs-76WpmB31Tl1_5cH0OioOhoaUZgEVFOb_x3qA==

GET
H2 200 prebid-analytics-3.11.0.js Show response
a.pub.network/core/ 364 KB
110 KB 37ms
36ms Script
text/html 2606:4700:20::681a:8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23aca4890fe8b2728dcab78ee9f3b9614cd6cdb0dab2b785d2f8d2d666247cac

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:19 GMT
content-encoding: br
cf-cache-status: HIT
x-guploader-uploadid: AAANsUmddyDCo5xkiFVRkbgCB02uA-0LSYRxzkrfErJEHhWG9XSwK1DDyzF3wdh_GgDnqFDWTeIbfPzAcbVY94e4RQ
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
cf-request-id: 0267ecfed30000dfe706088200000001
cf-ray: 58b9b1115930dfe7-FRA
last-modified: Thu, 12 Mar 2020 16:03:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=jXxawA==, md5=N4XMnjSG82gI3oX56Od5vA==
content-language: en
x-goog-generation: 1584028993632199
cache-control: private, max-age=86400
x-goog-stored-content-length: 372446
content-type: text/html
expires: Wed, 28 Apr 2021 16:06:37 GMT

GET
H/1.1 200
OK location Show response
d.pub.network/ 50 B
497 B 486ms
135ms XHR
application/json 35.188.71.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.pub.network/location
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.188.71.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.71.188.35.bc.googleusercontent.com
Software: /
Resource Hash: db9503febe37403ac701d3482cc35bbb66a23dd6ebaed5d15cb69254f8a81817

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Wed, 29 Apr 2020 14:25:19 GMT
Access-Control-Allow-Credentials: true
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding: chunked
Content-Type: application/json

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 140ms
30ms Script
application/x-javascript 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:19 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: 0DB5AF736F61F63C
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=9029
accept-ranges: bytes
content-length: 948
x-amz-id-2: zxZ9QjXWSr8oaCLVYc90sV6rnZo88Bftr2rarhfixtNaNoGpU246ZMWWFRg4ifQvUX0y8VNw/nA=

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-561517d2c7f964d6/ 2 KB
877 B 183ms
182ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-561517d2c7f964d6/_ate.track.config_resp
Requested by: Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-44.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6d23d10111755a12c87198df1c71cce449de31eca9643030c6327a2157f9bd86

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:19 GMT
content-encoding: gzip
etag: -1659864586--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
status: 200
akamai-age-ms: 1588170283586
cache-control: public, max-age=28, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 678

GET
H2 200 292x176_Decryptor_Key_Unlock_Ransomware_1.jpg
www.bleepstatic.com/content/hl-images/2019/10/30/thumb/ 15 KB
15 KB 83ms
83ms Image
image/jpeg 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/content/hl-images/2019/10/30/thumb/292x176_Decryptor_Key_Unlock_Ransomware_1.jpg
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be3cd6b77119c87a7314668530726c55dfba8183082e1946d7a015712eea6643

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:19 GMT
cf-cache-status: HIT
age: 138372
cf-polished: origSize=16089, status=webp_bigger
status: 200
content-length: 15254
cf-request-id: 0267ecff480000c8374c849200000001
last-modified: Wed, 30 Oct 2019 15:01:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 27 May 2020 23:59:07 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 58b9b1120d02c837-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 292x176_MicrosoftTeams.png
www.bleepstatic.com/content/hl-images/2019/09/10/thumb/ 66 KB
66 KB 30ms
29ms Image
image/webp 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/content/hl-images/2019/09/10/thumb/292x176_MicrosoftTeams.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71b708302d49504e2c6b65803c87a1cbf033f1b1e6319fa8ceb13be1a2868c2d

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:19 GMT
cf-cache-status: HIT
age: 172800
cf-polished: origFmt=png, origSize=106652
status: 200
content-disposition: inline; filename="292x176_MicrosoftTeams.webp"
content-length: 67354
cf-request-id: 0267ecff480000c8374c84a200000001
last-modified: Tue, 10 Sep 2019 08:53:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 27 May 2020 14:25:19 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 58b9b1120d05c837-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 portal.html
admiral.mgr.consensu.org/ Frame 2A5D 0
0 150ms
56ms Document
text/html 35.190.76.239
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://admiral.mgr.consensu.org/portal.html

Requested by

Host: dapperdiscussion.com
URL: https://dapperdiscussion.com/v2mojjRqxm0uSiopiD-aABaVl-1eYGn-9jdzP46hyVV260JPOwzzIpayjWhZBI5i-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.76.239 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

239.76.190.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: admiral.mgr.consensu.org
:scheme: https
:path: /portal.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/

Response headers

status: 200
server: nginx
date: Wed, 29 Apr 2020 14:25:19 GMT
content-type: text/html
last-modified: Thu, 16 Apr 2020 16:37:09 GMT
vary: Accept-Encoding
x-hostname: quest
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 Bpze Show response
ad.doubleclick.net/ddm/adj/Adalk/ 11 B
190 B 45ms
30ms Script
text/javascript 172.217.22.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/Adalk/Bpze

Requested by

Host: dapperdiscussion.com
URL: https://dapperdiscussion.com/v2mojjRqxm0uSiopiD-aABaVl-1eYGn-9jdzP46hyVV260JPOwzzIpayjWhZBI5i-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f6.1e100.net

Software

cafe /

Resource Hash

f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Apr 2020 14:25:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 14
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jquery.fancybox.css
www.bleepstatic.com/js/redesign/fancybox/ 4 KB
1 KB 39ms
25ms Stylesheet
text/css 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/redesign/fancybox/jquery.fancybox.css
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e86593083facba2710a2312f26bd7b436d7ef299f99cbc2ccc1b32693ec3144

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:19 GMT
content-encoding: br
cf-cache-status: HIT
age: 4965
cf-polished: origSize=4895
status: 200
cf-request-id: 0267ecffa00000c8374c84e200000001
last-modified: Wed, 14 Oct 2015 20:25:51 GMT
server: cloudflare
etag: W/"9108074"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
expires: Fri, 01 Nov 2019 06:12:37 GMT
cache-control: max-age=3024000
cf-ray: 58b9b1129ec4c837-AMS
cf-bgj: minify

GET
H2 200 font-awesome.css
www.bleepstatic.com/css/redesign/ 22 KB
5 KB 35ms
22ms Stylesheet
text/css 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/css/redesign/font-awesome.css
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8733e2183f16906b2fa2e58fdab82cf336f249ab71ac1b184470da2dd3c6e29f

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:19 GMT
content-encoding: br
cf-cache-status: HIT
age: 593
cf-polished: origSize=26776
status: 200
cf-request-id: 0267ecffa00000c8374c84f200000001
last-modified: Tue, 03 May 2016 04:39:29 GMT
server: cloudflare
etag: W/"1700274315"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
expires: Wed, 03 Jul 2019 05:12:31 GMT
cache-control: max-age=3024000
cf-ray: 58b9b1129ec7c837-AMS
cf-bgj: minify

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-23/html/ Frame D012 0
0 64ms
48ms Document
text/html 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html

Requested by

Host: dapperdiscussion.com
URL: https://dapperdiscussion.com/v2mojjRqxm0uSiopiD-aABaVl-1eYGn-9jdzP46hyVV260JPOwzzIpayjWhZBI5i-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-23/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 1479
date: Fri, 17 Apr 2020 14:58:01 GMT
expires: Sat, 17 Apr 2021 14:58:01 GMT
last-modified: Tue, 10 Apr 2018 14:51:09 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1034838
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 g Show response
ck.connatix.com/ 46 B
103 B 68ms
34ms Script
text/plain 151.101.14.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ck.connatix.com/g?callback=cnxJSONP_230e0f0b4e472e823b151588170319873
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/8624/connatix.playspace.dc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: 2effc137b6f5da1ca48665a912804f2eb23855e069e1ad36c52000ce85bae0a8

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:19 GMT
via: 1.1 varnish
server: Varnish
age: 0
x-served-by: cache-fra19155-FRA
x-cache: HIT
status: 200
cache-control: no-cache, no-store, must-revalidate, max-age=0
accept-ranges: bytes
x-timer: S1588170320.929937,VS0,VE0
content-length: 46
retry-after: 0
x-cache-hits: 0

GET
H2 200 cmp-3pc-check.html
static.quantcast.mgr.consensu.org/v32/ Frame 4677 0
0 25ms
8ms Document
text/html 2600:9000:214f:d000:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.quantcast.mgr.consensu.org/v32/cmp-3pc-check.html
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:d000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: static.quantcast.mgr.consensu.org
:scheme: https
:path: /v32/cmp-3pc-check.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/

Response headers

status: 200
content-type: text/html
content-length: 645
last-modified: Tue, 24 Mar 2020 19:10:15 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Wed, 29 Apr 2020 14:24:03 GMT
etag: "55b98270d639ef0c34781d9f03cce91f"
x-cache: Hit from cloudfront
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: HgsDzYHiD8Po0XoDHfKXyNZTJonNfUzFmnzgSju7lT1OawX2QcYmrw==
age: 136

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 928B 0
0 190ms
132ms Document
text/html 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&adk=1812271804&adf=3025194257&lmt=1588026539&plat=1%3A32776%2C2%3A16809992%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&us_privacy=1---&format=0x0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ffake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1588170319372&bpp=2&bdt=608&idt=598&shv=r20200427&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7113577696587&frm=20&pv=2&ga_vid=561706886.1588170320&ga_sid=1588170320&ga_hid=96519575&ga_fc=0&iag=0&icsg=571746090491904&dssz=50&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065472%2C21065474%2C21065925%2C410075106&oid=3&pvsid=1716003269940156&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=1&uci=a!1&fsb=1&dtd=617

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200427/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-0920899300397823&output=html&adk=1812271804&adf=3025194257&lmt=1588026539&plat=1%3A32776%2C2%3A16809992%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&us_privacy=1---&format=0x0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ffake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1588170319372&bpp=2&bdt=608&idt=598&shv=r20200427&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7113577696587&frm=20&pv=2&ga_vid=561706886.1588170320&ga_sid=1588170320&ga_hid=96519575&ga_fc=0&iag=0&icsg=571746090491904&dssz=50&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065472%2C21065474%2C21065925%2C410075106&oid=3&pvsid=1716003269940156&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=1&uci=a!1&fsb=1&dtd=617
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 29 Apr 2020 14:25:20 GMT
server: cafe
content-length: 34
x-xss-protection: 0
set-cookie: IDE=AHWqTUm8A3YnWU_Cclk_0cRYkFHOTNVl8jMJHIf76I605TGEIy8R5QkHuqTxzp2A; expires=Mon, 24-May-2021 14:25:20 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
expires: Wed, 29 Apr 2020 14:25:20 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 98ms
39ms Script
text/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200427/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51c56935854bed13b06e04dd8a756cb635edca2f98d1f55b3608ecc200162426

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1587986955147099"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28343
x-xss-protection: 0
expires: Wed, 29 Apr 2020 14:25:20 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
199 B 16ms
16ms Image
image/gif 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=96519575&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ffake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing%2F&ul=en-us&de=UTF-8&dt=Fake%20Fedex%20and%20UPS%20delivery%20issues%20used%20in%20COVID-19%20phishing&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IAhAAUAB~&jid=1600358056&gjid=1349543528&cid=561706886.1588170320&tid=UA-91740-1&_gid=833234309.1588170320&_r=1&gtm=2ou4f0&z=594825689

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Apr 2020 14:25:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fontawesome-webfont.woff
www.bleepstatic.com/fonts/ 64 KB
64 KB 879ms
796ms Font
application/octet-stream 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/fonts/fontawesome-webfont.woff?v=4.2.0
Requested by: Host: dapperdiscussion.com
URL: https://dapperdiscussion.com/v2mojjRqxm0uSiopiD-aABaVl-1eYGn-9jdzP46hyVV260JPOwzzIpayjWhZBI5i-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.bleepstatic.com/css/redesign/font-awesome.css
Origin: https://www.bleepingcomputer.com

Response headers

date: Wed, 29 Apr 2020 14:25:20 GMT
cf-cache-status: HIT
last-modified: Thu, 23 Apr 2015 09:36:00 GMT
server: cloudflare
age: 801
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
status: 200
accept-ranges: bytes
cf-ray: 58b9b1150cdb2b38-AMS
access-control-allow-origin: *
content-length: 65452
cf-request-id: 0267ed012000002b3860084200000001

GET
H2 200 org Show response
mrb.upapi.net/ 19 KB
9 KB 89ms
24ms Script
application/javascript 2606:4700:20::681a:81b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mrb.upapi.net/org?o=5714937848528896&upapi=true
Requested by: Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:81b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f75ab98f22e9dd3968d6a6edc2d43f31857108c5e4c2cfa78f57f0b5ce131fc

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:20 GMT
via: 1.1 google
cf-cache-status: HIT
age: 2554
status: 200
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 0267ed0123000006187ab9b200000001
server: cloudflare
etag: W/"3add7ce7613a0df00b0aa07083039302"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800, must-revalidate
cf-ray: 58b9b1150d750618-FRA

GET
H2 200 pubads_impl_2020042302.js Show response
securepubads.g.doubleclick.net/gpt/ 237 KB
86 KB 128ms
58ms Script
text/javascript 172.217.22.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

sffe /

Resource Hash

0b3678d81937a06cba82b9b8d1b69a6e60c1133246d9798e681bf3908aa390bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 23 Apr 2020 17:07:14 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 87243
x-xss-protection: 0
expires: Wed, 29 Apr 2020 14:25:20 GMT

GET
H2 200 cmpui-popup.js Show response
static.quantcast.mgr.consensu.org/v32/ 266 KB
75 KB 7ms
7ms Script
text/javascript 2600:9000:214f:d000:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.quantcast.mgr.consensu.org/v32/cmpui-popup.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:d000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 10e73f57ed1405cdfe501a57b808fe434d5c073966be89bd7cc917e485c8bda6

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:17:33 GMT
content-encoding: gzip
last-modified: Tue, 24 Mar 2020 19:10:15 GMT
server: AmazonS3
age: 616
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
status: 200
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: JG3_3ZWLn5uHOF4UMxEKA97WrnmfdimAaXwj3mWG3kPoGvZuzwKj4A==
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)

GET
H2 200 layers.ab5cd98fe1b9a38a4a9f.js Show response
s7.addthis.com/static/ 263 KB
76 KB 55ms
53ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.ab5cd98fe1b9a38a4a9f.js

Requested by

Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

ecc0c4a707efeb061b7de57440221feb21ab08022938aaacee779e98fe809235

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Wed, 18 Sep 2019 14:16:17 GMT
server: nginx/1.15.8
etag: W/"5d823c31-41b9f"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86313600
date: Wed, 29 Apr 2020 14:25:20 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77528

POST
H/1.1 200
OK story Show response
capi.connatix.com/core/ Frame 0885 912 B
899 B 576ms
130ms XHR
application/octet-stream 3.132.109.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/story
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/8624/connatix.playspace.dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.132.109.30 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-132-109-30.us-east-2.compute.amazonaws.com
Software: openresty/1.15.8.2 /
Resource Hash: 864d16904328f4218d049ea3fb07e13a5bc48f1ed1701872626b8461d27ef932

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 29 Apr 2020 14:25:20 GMT
Content-Encoding: br
Server: openresty/1.15.8.2
Vary: Accept-Encoding
Content-Type: text/plain
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 404 pubvendors.json Show response
www.bleepingcomputer.com/.well-known/ 40 KB
8 KB 644ms
644ms Fetch
text/html 104.20.60.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bleepingcomputer.com/.well-known/pubvendors.json

Requested by

Host: dapperdiscussion.com
URL: https://dapperdiscussion.com/v2mojjRqxm0uSiopiD-aABaVl-1eYGn-9jdzP46hyVV260JPOwzzIpayjWhZBI5i-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.60.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

417e64f682e69e94e72c2738fcad74bbc5cf7cea1e234c901c8858577f2b4d77

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:20 GMT
content-encoding: br
vary: User-Agent
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
status: 404, 404 Not Found
content-security-policy: upgrade-insecure-requests;
cf-ray: 58b9b1155fad72f3-AMS
cf-request-id: 0267ed0155000072f3153f6200000001

GET
H2 200 vendorlist.json Show response
vendorlist.consensu.org/ 96 KB
18 KB 55ms
8ms Fetch
application/json 2600:9000:2057:fe00:1:af78:4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vendorlist.consensu.org/vendorlist.json
Requested by: Host: dapperdiscussion.com
URL: https://dapperdiscussion.com/v2mojjRqxm0uSiopiD-aABaVl-1eYGn-9jdzP46hyVV260JPOwzzIpayjWhZBI5i-
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:fe00:1:af78:4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 43fbafd9f9ecb62e74f7bec9f1fa005c5fabd2efe8511d16c254e57697b96c08

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 23 Apr 2020 16:10:59 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 512062
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Thu, 23 Apr 2020 16:01:23 GMT
server: AmazonS3
access-control-max-age: 604800
access-control-allow-methods: GET
x-amz-version-id: P45PiKW08luvYJKm8dX1nviifEJMWRs.
via: 1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: FRA6-C1
content-type: application/json; charset=utf-8
x-amz-cf-id: FwO47lm9b0RzMMNNqk2zLfIyoBZawT8OoFnhwiaU2gsbAKL7Q-taMA==

GET
H2 200 vendorlist.json Show response
vendorlist.consensu.org/ 96 KB
18 KB 10ms
9ms XHR
application/json 2600:9000:2057:fe00:1:af78:4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vendorlist.consensu.org/vendorlist.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:fe00:1:af78:4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 43fbafd9f9ecb62e74f7bec9f1fa005c5fabd2efe8511d16c254e57697b96c08

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 23 Apr 2020 16:10:59 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 512062
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Thu, 23 Apr 2020 16:01:23 GMT
server: AmazonS3
access-control-max-age: 604800
access-control-allow-methods: GET
x-amz-version-id: P45PiKW08luvYJKm8dX1nviifEJMWRs.
via: 1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: FRA6-C1
content-type: application/json; charset=utf-8
x-amz-cf-id: OHZA03ZlpRsJNnrAr4oAcqFpjBe-Dx1xt8hJ3pkWXrN8dLrkLPgtFg==

GET
H2 200 code Show response
mrb.upapi.net/ 668 KB
214 KB 58ms
54ms Script
application/javascript 2606:4700:20::681a:81b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mrb.upapi.net/code?w=5733492711227392&upapi=true
Requested by: Host: mrb.upapi.net
URL: https://mrb.upapi.net/org?o=5714937848528896&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:81b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1be475b28feb52ab0df005d33076800c610c5231f0dfc490a495bc51f88c101

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:20 GMT
via: 1.1 google
cf-cache-status: HIT
age: 2349
status: 200
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 0267ed01a9000006187aba9200000001
server: cloudflare
etag: W/"00f202b6c940bd08af90dab7332cae88"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800, must-revalidate
cf-ray: 58b9b115d8ed0618-FRA

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 101 KB
26 KB 152ms
52ms Script
application/javascript 99.86.0.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.0.120 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-0-120.fra6.r.cloudfront.net
Software: Server /
Resource Hash: 1615f1ff025d6fe1f52f8305bb86c36bf7ed8a8849d40936148e85a7f301437c

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 28 Apr 2020 22:12:28 GMT
content-encoding: gzip
server: Server
age: 58371
etag: 9939711bec30b55c0ff5bad3b91f63c9
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: ZFhvJ0InPvWepUx4Yr8NAOrNAWF37XeM7BXLVIS9AIogXgHYkI_UgQ==
via: 1.1 baa5702f7bd64fcbae1e3bd950d9a245.cloudfront.net (CloudFront)

GET
H/1.1 200
OK v2 Show response
d.pub.network/floors/ 2 KB
2 KB 122ms
118ms XHR
application/json 35.188.71.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.pub.network/floors/v2?key=535desktop
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.188.71.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.71.188.35.bc.googleusercontent.com
Software: /
Resource Hash: 1d28ba92a80af043bec316138bc89bbba15e09301ec6901a665cb9d2ba29e2ac

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Wed, 29 Apr 2020 14:25:20 GMT
Access-Control-Allow-Credentials: true
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding: chunked
Content-Type: application/json

GET
H2 404 CookieAccess Show response
api.quantcast.mgr.consensu.org/ 30 B
596 B 208ms
129ms XHR
application/json 143.204.202.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.quantcast.mgr.consensu.org/CookieAccess
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.202.95 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-95.fra53.r.cloudfront.net
Software: /
Resource Hash: 5a4061ff8312e2ad494bd984b7df966438232be64a3b284ab69f66c6705009a6

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:20 GMT
content-encoding: gzip
x-amz-cf-pop: FRA53-C1
x-amzn-requestid: 659b7e91-cbc9-458f-b5ed-bc8af89d67cd
x-cache: Error from cloudfront
status: 404
x-amz-apigw-id: LwMsnEgmoAMF4Pw=
content-length: 50
access-control-allow-origin: https://www.bleepingcomputer.com
x-amzn-trace-id: Root=1-5ea98e50-7a8c4520e018376c58b72d9e;Sampled=0
vary: Origin
access-control-allow-methods: GET, POST
content-type: application/json
via: 1.1 850ccace60916919bf31313cb9176e01.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
x-amz-cf-id: 7nEDXFcQLKa6v6d_dPMNTLcSNoNyLhI07URDbbXSQzdpErwt3c5QBg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 166ms
76ms XHR
application/javascript 99.86.0.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.0.120 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-0-120.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 01:28:26 GMT
content-encoding: gzip
vary: Origin
age: 46614
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Thu, 09 Apr 2020 23:46:54 GMT
server: AmazonS3
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 8e04f5d6c745b231c10fce7c2aa9c70f.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: EE_C857vl52dmJoHaWRWT8kqJRDN8jhdf9WVXTTBH6X-tK366aRqdA==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
376 B 89ms
88ms XHR
text/javascript 99.86.0.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ffake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing%2F&pid=z2pdXO3LffWZO&cb=0&ws=1600x1200&v=7.49.02&t=1000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_728x90_970x90_970x250_320x50_ATF%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_1%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_2%22%7D%2C%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_728x90_320x50_InContent_1%22%7D%2C%7B%22sd%22%3A%225%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_3%22%7D%5D&cfgv=0&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdprl=%7B%22status%22%3A%22cmp-timeout%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.0.120 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-0-120.fra6.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:20 GMT
via: 1.1 baa5702f7bd64fcbae1e3bd950d9a245.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA6-C1
status: 200
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: AaC-rf7G69uYo0VcBL9muTpFKkADsQ5PhjEvMK_Z66DexvJukQT5hg==

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 87562d3773ffab3d0716a70faa73c38b322fde3b8f265c3d646a3cea976ef67e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 48.008759e9efe1c1b693dd.js Show response
s7.addthis.com/static/ 281 B
486 B 66ms
66ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/48.008759e9efe1c1b693dd.js

Requested by

Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

f8a52990bbe6892abb730d241570fbfbd2ff2fc707fdd3004c7dba6e843bbae3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Wed, 18 Sep 2019 14:16:17 GMT
server: nginx/1.15.8
etag: W/"5d823c31-119"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86313600
date: Wed, 29 Apr 2020 14:25:20 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 246

GET
H2 200 / Show response
graph.facebook.com/ 310 B
418 B 113ms
46ms Script
text/javascript 2a03:2880:f02d:e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?id=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ffake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing%2F&fields=og_object%7Bengagement%7D&callback=_ate.cbs.rcb_6g2i0

Requested by

Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

49538b060389964ffdecbb874c315d308294862bb0ecfc1468ec14b513f9e821

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
etag: "bb3128fbda560af723cc12fa48a42421428b1181"
status: 200
x-fb-rev: 1002059046
alt-svc: h3-27=":443"; ma=3600
content-length: 217
pragma: no-cache
x-fb-debug: Fpmm5AFJgUiRJ3lA2HXk225DoLyXzc5MLvHbLo8H5MHlsaNgbv9Gj5RHD2PDRBBl/nQ87kmKjAG4MojxhV666Q==
x-fb-trace-id: G1doDvFCNOl
date: Wed, 29 Apr 2020 14:25:20 GMT, Wed, 29 Apr 2020 14:25:20 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: AmAHAevmSgGKinUbEjPkZ3B
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v2.12
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 info.json Show response
www.reddit.com/api/ 126 B
258 B 266ms
175ms Script
application/javascript 199.232.53.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reddit.com/api/info.json?url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ffake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing%2F&jsonp=_ate.cbs.rcb_h42l0

Requested by

Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.53.140 Manchester, United Kingdom, ASN54113 (FASTLY, US),

Reverse DNS

Software

snooserv /

Resource Hash

39109e4fc4d2c3521a712f08c7a5e8f23c64492adbe1e7c1505f154c60ec5b9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:21 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
status: 200
content-length: 126
x-xss-protection: 1; mode=block
x-served-by: cache-man4139-MAN
x-moose: majestic
expires: -1
server: snooserv
x-timer: S1588170321.889980,VS0,VE129
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: X-Moose
cache-control: private, s-maxage=0, max-age=0, must-revalidate, no-store, max-age=0, must-revalidate
x-ua-compatible: IE=edge
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 / Show response
graph.facebook.com/ 148 B
553 B 108ms
41ms Script
text/javascript 2a03:2880:f02d:e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?id=http%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ffake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing%2F&fields=og_object%7Bengagement%7D&callback=_ate.cbs.rcb_gyts0

Requested by

Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3658a66625c19fec3cbd0f2b3399ebdd21b600d7a353b470be9a955e5f84409a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
etag: "6cffcc5a5e9f34dd47d20fdf23bfc3fce69b5281"
status: 200
x-fb-rev: 1002059046
alt-svc: h3-27=":443"; ma=3600
content-length: 148
pragma: no-cache
x-fb-debug: bfnS7WPvidG41iaKCB8buPj86RLECYTHaw7H42LNCxJYZf+/PWxfwFBDmZyrkwRt1NevQOTLoQOE34qshjztIg==
x-fb-trace-id: Hdf/9A4SJCE
date: Wed, 29 Apr 2020 14:25:20 GMT, Wed, 29 Apr 2020 14:25:20 GMT
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: AydVlcWPfjLS0TbeDuK2e3D
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v2.12
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 info.json Show response
www.reddit.com/api/ 126 B
668 B 232ms
141ms Script
application/javascript 199.232.53.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reddit.com/api/info.json?url=http%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ffake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing%2F&jsonp=_ate.cbs.rcb_16v00

Requested by

Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.53.140 Manchester, United Kingdom, ASN54113 (FASTLY, US),

Reverse DNS

Software

snooserv /

Resource Hash

0d1ec490e2c13032e3e7db7bd1e1d5ba7f31854108540efcb527410a80d55438

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:21 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
status: 200
content-length: 126
x-xss-protection: 1; mode=block
x-served-by: cache-man4139-MAN
x-moose: majestic
expires: -1
server: snooserv
x-timer: S1588170321.890045,VS0,VE113
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: X-Moose
cache-control: private, s-maxage=0, max-age=0, must-revalidate, no-store, max-age=0, must-revalidate
x-ua-compatible: IE=edge
accept-ranges: bytes
x-cache-hits: 0

POST
H/1.1 200
OK sr Show response
capi.connatix.com/tr/ Frame 0885 0
250 B 134ms
134ms XHR
text/plain 3.132.109.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/sr
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/8624/connatix.playspace.dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.132.109.30 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-132-109-30.us-east-2.compute.amazonaws.com
Software: openresty/1.15.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 29 Apr 2020 14:25:20 GMT
Content-Encoding: br
Server: openresty/1.15.8.2
Vary: Accept-Encoding
Content-Type: text/plain
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 d313ef0a-10e0-41e8-ac03-70de0a635710.bin Show response
vid.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/ Frame 0885 2 KB
2 KB 126ms
20ms XHR
application/octet-stream 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/d313ef0a-10e0-41e8-ac03-70de0a635710.bin
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/8624/connatix.playspace.dc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 471cc41da4d88922e1fe2d90e72a26d99cb30d9ca1ef178341b55018b6435265

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:21 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Wed, 29 Apr 2020 09:43:40 GMT
age: 16818
etag: "41d8a86dfa8e1604de17931ed5964393"
x-served-by: cache-sjc10032-SJC, cache-hhn4053-HHN
status: 200
x-cache: MISS, HIT
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31557600
accept-ranges: bytes
x-timer: S1588170321.090060,VS0,VE0
content-length: 1818
x-cache-hits: 0, 2

GET
H2 200 1.png
img.connatix.com/067e5169-ece3-4ce8-87ad-c7961b8bb396/ 7 KB
7 KB 65ms
63ms Image
image/webp 151.101.14.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/067e5169-ece3-4ce8-87ad-c7961b8bb396/1.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 489caa649bc6af24b5de49c2db88c9ec21f992310412f0bdb136c2a9df3c6a87

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:21 GMT
via: 1.1 varnish, 1.1 varnish
age: 1279232
x-cache: HIT, HIT
fastly-io-info: ifsz=11996 idim=794x206 ifmt=png ofsz=6988 odim=794x206 ofmt=webp
status: 200
fastly-stats: io=1
content-length: 6988
x-served-by: cache-dca17728-DCA, cache-fra19155-FRA
x-timer: S1588170321.017897,VS0,VE1
etag: "ZtgrrdcQwjijqgVjQ/zsHTfkgcr8y8OnGx9yjy8Yz/Q"
vary: Accept
x-amz-request-id: 104E1BE99E9AAF01
access-control-allow-origin: *
cache-control: max-age=31557600
accept-ranges: bytes
content-type: image/webp
x-cache-hits: 2, 1

GET
H2 200 / Show response
audit.quantcast.mgr.consensu.org/ 80 B
485 B 96ms
25ms XHR
text/html 13.35.253.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://audit.quantcast.mgr.consensu.org/?log=;1588170321097;BleepingComputer.com;https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ffake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing%2F;;;;;p,off,false,,1,en,32,199,true,false,false;displayConsentUi:mandatory,;GDPR-59muktpovi34jmyoh5s2
Requested by: Host: static.quantcast.mgr.consensu.org
URL: https://static.quantcast.mgr.consensu.org/v32/cmpui-popup.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.52 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-52.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 03:13:06 GMT
via: 1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
vary: Origin
age: 40335
x-cache: Hit from cloudfront
status: 200
content-length: 80
last-modified: Mon, 11 Jun 2018 22:07:34 GMT
server: AmazonS3
etag: "0614149d8033903db5de46d6c184bbfd"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-amz-cf-id: 1-XfG8IScUVVkozw4LzqG0lJ2tl_ujOyoLff9Jtgj_up_GoHrrMxOA==

POST
H/1.1 200
OK ps Show response
capi.connatix.com/tr/ Frame 0885 0
250 B 173ms
173ms XHR
text/plain 3.132.109.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/ps
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/8624/connatix.playspace.dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.132.109.30 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-132-109-30.us-east-2.compute.amazonaws.com
Software: openresty/1.15.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 29 Apr 2020 14:25:21 GMT
Content-Encoding: br
Server: openresty/1.15.8.2
Vary: Accept-Encoding
Content-Type: text/plain
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive

POST
H/1.1 200
OK mq Show response
capi.connatix.com/tr/ Frame 0885 0
250 B 299ms
124ms XHR
text/plain 3.132.109.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/mq
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/8624/connatix.playspace.dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.132.109.30 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-132-109-30.us-east-2.compute.amazonaws.com
Software: openresty/1.15.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 29 Apr 2020 14:25:21 GMT
Content-Encoding: br
Server: openresty/1.15.8.2
Vary: Accept-Encoding
Content-Type: text/plain
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 b82c42c0-0073-4c96-aa85-3d7dfa632018.jpg
img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/ 63 KB
63 KB 76ms
76ms Image
image/webp 151.101.14.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/b82c42c0-0073-4c96-aa85-3d7dfa632018.jpg?crop=834:541,smart&width=834&height=541&fit=crop
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 65105598e3320d806e2c957ff970beb036b363753b21c837dec2c70462699199

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:21 GMT
via: 1.1 varnish, 1.1 varnish
age: 16909
x-cache: HIT, HIT
fastly-io-info: ifsz=109877 idim=1280x450 ifmt=jpeg ofsz=64538 odim=694x450 ofmt=webp
status: 200
fastly-stats: io=1
content-length: 64538
x-served-by: cache-dca17752-DCA, cache-fra19155-FRA
x-timer: S1588170321.487288,VS0,VE1
etag: "QPC6N9oqJFv5Q4SLDG+dDkhrYTVZ3IEnhfypsvfi7U4"
vary: Accept
x-amz-request-id: EEE3F4624B8B0F5A
access-control-allow-origin: *
cache-control: max-age=31557600
accept-ranges: bytes
content-type: image/webp
x-cache-hits: 1, 1

GET
H2 200 b82c42c0-0073-4c96-aa85-3d7dfa632018.jpg
img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/ 72 KB
73 KB 65ms
65ms Image
image/webp 151.101.14.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/b82c42c0-0073-4c96-aa85-3d7dfa632018.jpg?crop=834:469,smart&width=834&height=469&fit=crop
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cacf1a4af372d2f3cb8e778f38e0f223cbd91dbca4af50ba4e1798f06e73b00f

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:21 GMT
via: 1.1 varnish, 1.1 varnish
age: 16909
x-cache: HIT, HIT
fastly-io-info: ifsz=109877 idim=1280x450 ifmt=jpeg ofsz=74200 odim=800x450 ofmt=webp
status: 200
fastly-stats: io=1
content-length: 74200
x-served-by: cache-dca17745-DCA, cache-fra19155-FRA
x-timer: S1588170322.501255,VS0,VE1
etag: "Ziqp3P8IsH4swbdPPqD/S44xlqah+YUwi4cNeOWEPvw"
vary: Accept
x-amz-request-id: EEE3F4624B8B0F5A
access-control-allow-origin: *
cache-control: max-age=31557600
accept-ranges: bytes
content-type: image/webp
x-cache-hits: 1, 1

GET
H2 200 f0fabd85-7c09-45e0-bbe6-a4fccf604250.jpg
img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/ 136 KB
137 KB 66ms
66ms Image
image/webp 151.101.14.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/f0fabd85-7c09-45e0-bbe6-a4fccf604250.jpg?crop=834:469,smart&width=834&height=469&fit=crop
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3dc2e5dcd675070a4cfe5124471e7201dd686d019143ff4e4c2feaf4e3f46ab5

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:21 GMT
via: 1.1 varnish, 1.1 varnish
age: 16909
x-cache: HIT, HIT
fastly-io-info: ifsz=184645 idim=1200x465 ifmt=jpeg ofsz=139612 odim=827x465 ofmt=webp
status: 200
fastly-stats: io=1
content-length: 139612
x-served-by: cache-dca17732-DCA, cache-fra19155-FRA
x-timer: S1588170322.501924,VS0,VE1
etag: "UzezUx5l36noUWq+LRHoAknPyhDQ18OghkL/0ZT0VTg"
vary: Accept
x-amz-request-id: BC44F7B52C5E8756
access-control-allow-origin: *
cache-control: max-age=31557600
accept-ranges: bytes
content-type: image/webp
x-cache-hits: 1, 1

GET
H2 200 0b9005f5-34e2-4a69-875a-04b4bb69123e.jpg
img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/ 49 KB
49 KB 71ms
71ms Image
image/webp 151.101.14.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/0b9005f5-34e2-4a69-875a-04b4bb69123e.jpg?crop=834:469,smart&width=834&height=469&fit=crop
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c203d80677729ad9632bda472ec855e65d35b25ac0a1ec5ec6cd5a48ebe3708e

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:21 GMT
via: 1.1 varnish, 1.1 varnish
age: 16909
x-cache: HIT, HIT
fastly-io-info: ifsz=126650 idim=1280x450 ifmt=jpeg ofsz=50076 odim=800x450 ofmt=webp
status: 200
fastly-stats: io=1
content-length: 50076
x-served-by: cache-dca17742-DCA, cache-fra19155-FRA
x-timer: S1588170322.502637,VS0,VE1
etag: "v+weLoC+7q/qHn4pRBVKfJ3tpXqfOo+WEsJsRKuvvEA"
vary: Accept
x-amz-request-id: 98E46B4428712698
access-control-allow-origin: *
cache-control: max-age=31557600
accept-ranges: bytes
content-type: image/webp
x-cache-hits: 1, 1

GET
H2 200 81c11613-6aec-42bf-a90f-b8a2cc4c74e3.jpg
img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/ 28 KB
28 KB 70ms
70ms Image
image/webp 151.101.14.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/81c11613-6aec-42bf-a90f-b8a2cc4c74e3.jpg?crop=834:469,smart&width=834&height=469&fit=crop
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 57194dc30acd0fdee283528bffce5287d662eb8de66ae12573456344dbe4f17d

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:21 GMT
via: 1.1 varnish, 1.1 varnish
age: 16909
x-cache: HIT, HIT
fastly-io-info: ifsz=55739 idim=1280x450 ifmt=jpeg ofsz=28194 odim=800x450 ofmt=webp
status: 200
fastly-stats: io=1
content-length: 28194
x-served-by: cache-dca17757-DCA, cache-fra19155-FRA
x-timer: S1588170322.503164,VS0,VE1
etag: "TDS2tzkOjpJa3lSSc5LSIP+zGHF2npWiv+kibfduZXA"
vary: Accept
x-amz-request-id: E97D94936397082A
access-control-allow-origin: *
cache-control: max-age=31557600
accept-ranges: bytes
content-type: image/webp
x-cache-hits: 1, 1

GET
H2 200 a2ed2202-0579-4c3e-8975-2b3401261205.jpg
img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/ 28 KB
29 KB 70ms
69ms Image
image/webp 151.101.14.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/a2ed2202-0579-4c3e-8975-2b3401261205.jpg?crop=834:469,smart&width=834&height=469&fit=crop
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1ee966e382024032b7ad03df63123377ce1b0b271525b588839adc7e2601ad9c

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:21 GMT
via: 1.1 varnish, 1.1 varnish
age: 16907
x-cache: HIT, HIT
fastly-io-info: ifsz=72118 idim=1280x450 ifmt=jpeg ofsz=29126 odim=800x450 ofmt=webp
status: 200
fastly-stats: io=1
content-length: 29126
x-served-by: cache-dca17745-DCA, cache-fra19155-FRA
x-timer: S1588170322.505127,VS0,VE1
etag: "qfWdA1T1lM/8BieatBIGHBNCoVJMTuDnlkyNEcX8Td8"
vary: Accept
x-amz-request-id: B2723111A23AB73C
access-control-allow-origin: *
cache-control: max-age=31557600
accept-ranges: bytes
content-type: image/webp
x-cache-hits: 1, 1

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
6 KB 84ms
18ms XHR
application/json 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200427&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200427/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f64b4cab88250c726f0baec6657db4c11047fc785b509de52b19e8fd9f0cddc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Apr 2020 14:25:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5449
x-xss-protection: 0

POST
H2 200 v2wvjt9WTKZOGnR3s-hVMl5QRv_80QOlaW7M5DAOfEkO7bQW2tdbNL0XaDNDlvyK5MVhwmyqNK06WdTXanw Show response
dapperdiscussion.com/ 216 B
611 B 239ms
127ms Fetch
application/json 35.190.64.11
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dapperdiscussion.com/v2wvjt9WTKZOGnR3s-hVMl5QRv_80QOlaW7M5DAOfEkO7bQW2tdbNL0XaDNDlvyK5MVhwmyqNK06WdTXanw

Requested by

Host: dapperdiscussion.com
URL: https://dapperdiscussion.com/v2mojjRqxm0uSiopiD-aABaVl-1eYGn-9jdzP46hyVV260JPOwzzIpayjWhZBI5i-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.64.11 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

11.64.190.35.bc.googleusercontent.com

Software

Resource Hash

a452b4cf42ce31d965cec634cb1708120726889e73dd5962583a9b5a75a76d43

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
status: 200
date: Wed, 29 Apr 2020 14:25:21 GMT
vary: Accept-Encoding
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: regan
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 216
expires: Wed, 29 Apr 2020 14:25:20 GMT

POST 24
web.hb.ad.cpe.dotomi.com/s2s/header/ 0
0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
122 B 221ms
132ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Wed, 29 Apr 2020 14:25:21 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 263 B
2 KB 277ms
144ms XHR
application/json 69.173.144.143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=2&alt_size_ids=55%2C57&us_privacy=1---&rp_schain=1.0,1!freestar.io,535,1,,,&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ffake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing%2F&tk_flint=pbjs_lite_v3.11.0&x_source.tid=46c221d4-d9b6-4746-a340-b674c1177fb3&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.8310217414920729
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: d8ef1dca732171b51043f38952a88febf00422bbbc60a0a84cf33eddb9dacf0a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 29 Apr 2020 14:25:21 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=103
Content-Length: 263
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 263 B
2 KB 240ms
107ms XHR
application/json 69.173.144.143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=2&alt_size_ids=55%2C57&us_privacy=1---&rp_schain=1.0,1!freestar.io,535,1,,,&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ffake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing%2F&tk_flint=pbjs_lite_v3.11.0&x_source.tid=8d836c1a-dfa8-4df1-a478-3bd9710c34f6&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.12045374554544774
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 15a58c5c91d080e1a1ba709a8357bbd3225e6fd17a6a792f13de7b041966eda3

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 29 Apr 2020 14:25:21 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=201
Content-Length: 263
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
2 KB 269ms
136ms XHR
application/json 69.173.144.143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=15&alt_size_ids=10&us_privacy=1---&rp_schain=1.0,1!freestar.io,535,1,,,&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ffake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing%2F&tk_flint=pbjs_lite_v3.11.0&x_source.tid=45d85ee7-a1e0-4bfd-86d4-578f83768168&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.6154963187774907
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 74fd8d03f63d99ec2b0425d939945ace5e3645a61b187cbbb5ddc2d31571a812

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 29 Apr 2020 14:25:21 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=251
Content-Length: 261
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 8 KB
5 KB 279ms
151ms XHR
application/json 69.173.144.143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=15&alt_size_ids=10&us_privacy=1---&rp_schain=1.0,1!freestar.io,535,1,,,&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ffake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing%2F&tk_flint=pbjs_lite_v3.11.0&x_source.tid=db3b15b3-f4d8-473c-84c6-98ed6dfce334&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.5028885621471464
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 815b95fe5ef251b383ff3051085d45a3c9a26720aa3d19cab9d85c279919be44

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 29 Apr 2020 14:25:21 GMT
Content-Encoding: gzip
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=429
Content-Length: 4047
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
2 KB 265ms
136ms XHR
application/json 69.173.144.143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=2&us_privacy=1---&rp_schain=1.0,1!freestar.io,535,1,,,&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ffake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing%2F&tk_flint=pbjs_lite_v3.11.0&x_source.tid=f6f32f99-f950-4079-9b53-811228791f18&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.786658862747712
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 4ae54bf5af9ae99bbb75a1145fdf994222580ffab2899759bcea09a449868266

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 29 Apr 2020 14:25:21 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=418
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
2 KB 273ms
140ms XHR
application/json 69.173.144.143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=15&alt_size_ids=10&us_privacy=1---&rp_schain=1.0,1!freestar.io,535,1,,,&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ffake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing%2F&tk_flint=pbjs_lite_v3.11.0&x_source.tid=7d66556d-b3e4-489c-ab7b-8b1b5cd08aca&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.19114643018459887
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: acef9b7770ef40c81a02927552ab39038a09ed2f123fbdb79fbe7e591e056e2d

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 29 Apr 2020 14:25:21 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=358
Content-Length: 261
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
482 B 362ms
258ms XHR
application/json 35.157.31.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=3.11.0&referrer=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ffake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing%2F&tmax=1200&us_privacy=1---

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.157.31.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-157-31-10.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 29 Apr 2020 14:25:22 GMT
status: 200
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 722 B
1 KB 144ms
46ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

894cc1c8de94f90662cb6d4408651b69d6190e13ce107069d28e643045464e1b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 29 Apr 2020 14:25:23 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.217.171.12; 185.217.171.12; 692.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.49:80
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 117f8687-d637-452a-a614-b50dea6f5ddf
Server: nginx/1.13.4
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
62 B 122ms
27ms XHR
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 29 Apr 2020 14:25:21 GMT
server: cloudflare
status: 204
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-allow-credentials: true
cf-ray: 58b9b11fe9efd925-AMS
access-control-allow-headers: Content-Type, Origin
cf-request-id: 0267ed07ef0000d925c1bbe200000001

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
431 B 121ms
26ms XHR
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 29 Apr 2020 14:25:21 GMT
server: cloudflare
status: 204
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-allow-credentials: true
cf-ray: 58b9b11fe9f1d925-AMS
access-control-allow-headers: Content-Type, Origin
cf-request-id: 0267ed07ef0000d925c1bbf200000001

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 146ms
23ms XHR
text/plain 52.59.41.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=WLM6GiL3zdSZQxjuNieepuQJ&bidId=70d843c40f9b0d1&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.11.0&strVersion=3.2.1&secure=true&us_privacy=1---&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.41.102 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-41-102.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Wed, 29 Apr 2020 14:25:21 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 149ms
25ms XHR
text/plain 52.59.41.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=bDraMWgeoLM4KHJBzFQ8heMv&bidId=71dc6a8bff434e3&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.11.0&strVersion=3.2.1&secure=true&us_privacy=1---&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.41.102 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-41-102.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Wed, 29 Apr 2020 14:25:21 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 99ms
24ms XHR
text/plain 52.59.41.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=WLM6GiL3zdSZQxjuNieepuQJ&bidId=72f634c9e43b086&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.11.0&strVersion=3.2.1&secure=true&us_privacy=1---&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.41.102 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-41-102.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Wed, 29 Apr 2020 14:25:21 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 108ms
33ms XHR
text/plain 52.59.41.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=bDraMWgeoLM4KHJBzFQ8heMv&bidId=739d816f6fbe70c&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.11.0&strVersion=3.2.1&secure=true&us_privacy=1---&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.41.102 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-41-102.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Wed, 29 Apr 2020 14:25:21 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 98ms
23ms XHR
text/plain 52.59.41.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=uo4nuhxJikFrr3o47oeeZPL5&bidId=74cb54df41c2986&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.11.0&strVersion=3.2.1&secure=true&us_privacy=1---&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.41.102 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-41-102.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Wed, 29 Apr 2020 14:25:21 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 114ms
41ms XHR
text/plain 52.59.41.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=6f2XVeWT9HhHNo9TDFzKK7JK&bidId=75fdb06956cbe44&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.11.0&strVersion=3.2.1&secure=true&us_privacy=1---&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.41.102 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-41-102.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Wed, 29 Apr 2020 14:25:21 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 96ms
24ms XHR
text/plain 52.59.41.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=uo4nuhxJikFrr3o47oeeZPL5&bidId=76434848eb59cb6&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.11.0&strVersion=3.2.1&secure=true&us_privacy=1---&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.41.102 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-41-102.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Wed, 29 Apr 2020 14:25:21 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 97ms
25ms XHR
text/plain 52.59.41.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=6f2XVeWT9HhHNo9TDFzKK7JK&bidId=77bffa140204d5a&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.11.0&strVersion=3.2.1&secure=true&us_privacy=1---&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.41.102 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-41-102.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Wed, 29 Apr 2020 14:25:21 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 109ms
37ms XHR
text/plain 52.59.41.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=WLM6GiL3zdSZQxjuNieepuQJ&bidId=78b419489156d41&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.11.0&strVersion=3.2.1&secure=true&us_privacy=1---&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.41.102 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-41-102.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Wed, 29 Apr 2020 14:25:21 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 111ms
39ms XHR
text/plain 52.59.41.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=uo4nuhxJikFrr3o47oeeZPL5&bidId=79b4db237e70f46&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.11.0&strVersion=3.2.1&secure=true&us_privacy=1---&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.41.102 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-41-102.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Wed, 29 Apr 2020 14:25:21 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 125ms
53ms XHR
text/plain 52.59.41.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=6f2XVeWT9HhHNo9TDFzKK7JK&bidId=809da6f73ac9393&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.11.0&strVersion=3.2.1&secure=true&us_privacy=1---&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.41.102 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-41-102.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Wed, 29 Apr 2020 14:25:21 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 730 B
1 KB 190ms
137ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

4379f9608e7849871f53c92fd6c157a52c1d5122c3622bf9eb182849d426441c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 29 Apr 2020 14:25:24 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.217.171.12; 185.217.171.12; 692.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.50:80
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 6f42dc93-3386-4c63-9cf4-9ef267f8f4f1
Server: nginx/1.13.4
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 25 B
998 B 785ms
395ms XHR
application/json 72.247.225.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=393562&v=7.2&r=%7B%22id%22%3A%228805139168890dd%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2289b4b6d32d5caa5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22907314fd8563ce7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22911faaf9b01169a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22928437e5d113af7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2293618f2df424f8f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2294884b4cdbe7ec7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%229508c74dc206b05%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%229647c9d18e8b21a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%229781e57f9dd7888%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22984f7bff12ae646%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%229994cd5ab4a77ac%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22100ff507a49cd642%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22101abd9a3c14957c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ffake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%2C%22us_privacy%22%3A%221---%22%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.247.225.98 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-225-98.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 11c155ff580a0d5240e2650ea4e6fafb6b5912f90f273ccbf0219a68164d992e

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 29 Apr 2020 14:25:22 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 45
Expires: Wed, 29 Apr 2020 14:25:22 GMT

GET
H2 200 arj Show response
freestar-d.openx.net/w/1.0/ 191 B
589 B 587ms
265ms XHR
application/json 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://freestar-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ffake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.1&dddid=46c221d4-d9b6-4746-a340-b674c1177fb3%2C8d836c1a-dfa8-4df1-a478-3bd9710c34f6%2C45d85ee7-a1e0-4bfd-86d4-578f83768168%2Cdb3b15b3-f4d8-473c-84c6-98ed6dfce334%2Cf6f32f99-f950-4079-9b53-811228791f18%2C7d66556d-b3e4-489c-ab7b-8b1b5cd08aca&nocache=1588170321862&us_privacy=1---&pubcid=12215568-890b-4678-b759-c1ba9e1d66c5&schain=1.0%2C1!freestar.io%2C535%2C1%2C%2C%2C&aus=728x90%2C970x90%2C970x250%7C728x90%2C970x90%2C970x250%7C300x250%2C300x600%7C300x250%2C300x600%7C728x90%7C300x250%2C300x600&divIds=bleepingcomputer_728x90_970x90_970x250_320x50_ATF%2Cbleepingcomputer_728x90_970x90_970x250_320x50_BTF%2Cbleepingcomputer_300x250_300x600_160x600_Right_1%2Cbleepingcomputer_300x250_300x600_160x600_Right_2%2Cbleepingcomputer_728x90_320x50_InContent_1%2Cbleepingcomputer_300x250_300x600_160x600_Right_3&auid=540959250%2C540959250%2C540959250%2C540959250%2C540959250%2C540959250&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.184.0 /
Resource Hash: 6ffe8c38f0ecf63bc22acf29e733065746956b810a0dd10f5f8a8fcb76cb6e17

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 29 Apr 2020 14:25:22 GMT
content-encoding: gzip
server: OXGW/16.184.0
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 177
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 137 KB
19 KB 678ms
672ms XHR
text/plain 172.217.22.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1716003269940156&correlator=4442492709386288&output=ldjh&impl=fifs&adsid=NT&vrg=2020042302&us_privacy=1---&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200429&iu_parts=15184186%2Cbleepingcomputer_728x90_970x90_970x250_320x50_ATF%2Cbleepingcomputer_728x90_970x90_970x250_320x50_BTF%2Cbleepingcomputer_300x250_300x600_160x600_Right_1%2Cbleepingcomputer_300x250_300x600_160x600_Right_2%2Cbleepingcomputer_728x90_320x50_InContent_1%2Cbleepingcomputer_1x1%2Cbleepingcomputer_300x250_300x600_160x600_Right_3&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7&prev_iu_szs=728x90%7C970x90%7C970x250%2C728x90%7C970x90%7C970x250%2C300x250%7C300x600%2C300x250%7C300x600%2C728x90%2C1x1%2C300x250%7C300x600&prev_scp=amznbid%3D2%26amznp%3D2%26fsbid%3Dtimeout%7Camznbid%3D2%26amznp%3D2%26fsbid%3Dtimeout%7Camznbid%3D2%26amznp%3D2%26fsbid%3Dtimeout%7Camznbid%3D2%26amznp%3D2%26fsbid%3Dtimeout%7Camznbid%3D2%26amznp%3D2%26fsbid%3Dtimeout%7Cfsbid%3Dtimeout%7Camznbid%3D2%26amznp%3D2%26fsbid%3Dtimeout&eri=1&cust_params=user-agent%3DChrome&cookie_enabled=1&bc=31&abxe=1&lmt=1588026539&dt=1588170321897&dlt=1588170318764&idt=1623&frm=20&biw=1600&bih=1200&oid=3&adxs=436%2C436%2C1082%2C1082%2C268%2C800%2C1082&adys=146%2C6945%2C327%2C1136%2C5514%2C7451%2C1661&adks=960084856%2C976516616%2C771041174%2C2389526111%2C4047242158%2C2635258439%2C523518761&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&ifi=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ffake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing%2F&dssz=61&icsg=140738193031168&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1170x120%7C1200x90%7C306x250%7C306x250%7C834x90%7C1600x7451%7C306x250&msz=1170x90%7C1170x90%7C306x250%7C306x250%7C834x90%7C1600x1%7C306x250&ga_vid=561706886.1588170320&ga_sid=1588170320&ga_hid=96519575&fws=4%2C4%2C4%2C4%2C4%2C4%2C516&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

cafe /

Resource Hash

c2dd3a53be6b47cd71caf097061ef67b5a57ed9cba7a455dfde9ca4480a82380

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:22 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 19157
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-2,-2,4769125089,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,-2,-2,138241540478,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 16ms
10ms Other
text/html 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
5 KB 25ms
23ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200427/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5456
x-xss-protection: 0
expires: Wed, 29 Apr 2020 14:25:22 GMT

POST
H/1.1 200
OK c Show response
c.pub.network/ 36 B
344 B 617ms
169ms XHR
text/plain 35.226.36.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/c
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.226.36.58 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.36.226.35.bc.googleusercontent.com
Software: /
Resource Hash: 53fff7cdf2a34d38bb6f8dae4a137fbac9ccc5a691bfb3dc69d681260365f386

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Wed, 29 Apr 2020 14:25:22 GMT
Access-Control-Allow-Credentials: true
Content-Length: 36
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain;charset=utf-8

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 0885 2 KB
2 KB 479ms
62ms XHR
application/xml 52.50.72.216
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/8624/connatix.playspace.dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.72.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-72-216.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 4e61073dd59a17ef60e8f3661104772d10b69d1ce7267562f6d865d015139f73

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 29 Apr 2020 14:25:22 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 959

POST
H/1.1 200
OK ao Show response
capi.connatix.com/tr/ Frame 0885 0
250 B 179ms
175ms XHR
text/plain 3.132.109.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/ao
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/8624/connatix.playspace.dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.132.109.30 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-132-109-30.us-east-2.compute.amazonaws.com
Software: openresty/1.15.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 29 Apr 2020 14:25:22 GMT
Content-Encoding: br
Server: openresty/1.15.8.2
Vary: Accept-Encoding
Content-Type: text/plain
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 9BF7 0
0 50ms
50ms Document
text/html 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Wed, 29 Apr 2020 14:14:26 GMT
expires: Thu, 29 Apr 2021 14:14:26 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 656
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

POST
H2 200 v2lqbrHJBqa0tWRq-KlfBQU0wpPt_D7WdolW1HGyvkL_Mul8cnS5NMjPuSJ5XSm0lXKtK25QyldJTWnSVsQ Show response
dapperdiscussion.com/ 3 B
59 B 55ms
52ms Fetch
application/json 35.190.64.11
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dapperdiscussion.com/v2lqbrHJBqa0tWRq-KlfBQU0wpPt_D7WdolW1HGyvkL_Mul8cnS5NMjPuSJ5XSm0lXKtK25QyldJTWnSVsQ

Requested by

Host: dapperdiscussion.com
URL: https://dapperdiscussion.com/v2mojjRqxm0uSiopiD-aABaVl-1eYGn-9jdzP46hyVV260JPOwzzIpayjWhZBI5i-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.64.11 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

11.64.190.35.bc.googleusercontent.com

Software

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
status: 200
date: Wed, 29 Apr 2020 14:25:22 GMT
vary: Accept-Encoding
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-allow-credentials: true
x-hostname: regan
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 3

GET
H2 200 vpaid_d96b83eb.js Show response
vpaid.springserve.com/production/ Frame 6BA4 459 KB
101 KB 196ms
74ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_d96b83eb.js
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/8624/connatix.playspace.dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9d864244e6595f136525dc301a9c77ad013081464dc19620cd9689e9368af400

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:22 GMT
content-encoding: gzip
last-modified: Fri, 24 Apr 2020 13:14:26 GMT
server: AmazonS3
x-amz-request-id: 8DD217480A77F694
etag: "fe36ff83044b1fa8ebda59f1f26d2cb0"
x-hw: 1588170322.dop146.am5.t,1588170322.cds220.am5.hn,1588170322.cds150.am5.c
content-type: application/javascript
status: 200
cache-control: max-age=2193610
accept-ranges: bytes
access-control-allow-origin: *
content-length: 103484
x-amz-id-2: toHjG5tybvGNpZ4K24eG2J3AfY0/7Z9RH0GiX97kgPnlBMi2k6RLEigXNbgNheR+Df9BZhgAfbk=

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
68 B 21ms
13ms Image
image/gif 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gda_r20200427&jk=1716003269940156&bg=!lZallo5YZQCZJ_tJbJACAAAA6lIAAABPmQGAnLmc8thykGPj-vQCdSYd-keCOy0NK_HV2qAQoIx2QPr1ueTx2qsNxZ4H0tTH9qoQpPMqZOYSdw34sVscZV85qZOeK87eHnASMNTTZA5DktkgjesmGXfn9W5tL1RagGBmVeQ31xHYervRl-_E_TuP6l0DyabxMcaCvoaOZN2JAqKeocFqBuJ2rp4IPs_IE6yx2_etL2yXH3nIytFTBPpqo9crqUswB3cxNcI679r1yvbn4Ee-dRGTaB0eiMnWzO0XsxOAwhalvvR4Xx-R_08g9gJm8nvD992AF61mYtgLp8yw8dCYNtakDnsVTyB8njrqTYzHX6Oehl44RYWuyMQMepmJnRjx76babxeyrzsfrftcAvFAnJSZ1_rQ-eqg69Ng1Tm4WP4pcu14ToRzI6wc3776D3X44Q3Uo9KMk5gi8S11hNozeCRd-GofON2YQktrBQDxlaGMcOCoIrM6ejK4adsFJyJFTIyKce2oTOuLV2cfxk73IVULEICdDFz-Vg1E

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Apr 2020 14:25:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012003262059300/ Frame 448B 200 KB
56 KB 99ms
5ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da8c4bacc841dac6fd247e95d34e81f9896c52f1c9560e1dc300b628c37330d1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.bleepingcomputer.com/
Origin: https://www.bleepingcomputer.com

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 4743
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 55871
x-xss-protection: 0
server: sffe
date: Wed, 29 Apr 2020 13:06:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5920a4a9dcd48347"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Apr 2021 13:06:19 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012003262059300/ Frame 448B 200 KB
56 KB 100ms
5ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da8c4bacc841dac6fd247e95d34e81f9896c52f1c9560e1dc300b628c37330d1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 2762
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 55871
x-xss-protection: 0
server: sffe
date: Wed, 29 Apr 2020 13:39:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5920a4a9dcd48347"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Apr 2021 13:39:20 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012003262059300/v0/ Frame 448B 16 KB
6 KB 111ms
17ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003262059300/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7853f30b8d97f4ea1936818b0b01f1757e46fe3f99571a572582d4eec53e6875

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 193779
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5717
x-xss-protection: 0
server: sffe
date: Mon, 27 Apr 2020 08:35:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "955d460ecdaddff4"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Apr 2021 08:35:43 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012003262059300/v0/ Frame 448B 93 KB
28 KB 110ms
16ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003262059300/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a58db5adf9958450ff7368808e322df972146f6c86546e471b0608af84e93bb3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 2760
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28417
x-xss-protection: 0
server: sffe
date: Wed, 29 Apr 2020 13:39:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "40aee2f6297ccc56"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Apr 2021 13:39:22 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012003262059300/v0/ Frame 448B 3 KB
1 KB 109ms
15ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003262059300/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2deddad8c3b18a05e32ffdbb3e57004f820bf30d3ba341cd529b9156db47f41

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 107950
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1416
x-xss-protection: 0
server: sffe
date: Tue, 28 Apr 2020 08:26:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "7405f8d8da732be7"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Apr 2021 08:26:12 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012003262059300/v0/ Frame 448B 46 KB
15 KB 107ms
13ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003262059300/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

757356e3395a14678ad98d34ab39325de29d79752e66ae1748d0015cfd5d007e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 107952
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 14864
x-xss-protection: 0
server: sffe
date: Tue, 28 Apr 2020 08:26:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "37d2c34b66959890"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Apr 2021 08:26:10 GMT

GET
DATA 200
OK truncated
/ Frame 448B 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f87c026e7d30f938d36f30278fb1976b871a70f92ef16fc423e63bf5c1f0e209

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012003262059300/ 20 KB
7 KB 80ms
72ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003262059300/amp4ads-host-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d30ac22ab046870c2859ae90b8598967936e693bf0773ef5e41dae33a04f0a5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 2777
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 7162
x-xss-protection: 0
server: sffe
date: Wed, 29 Apr 2020 13:39:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "124c7b7cd5d53550"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Apr 2021 13:39:05 GMT

GET
H2 200 10103533927608154387
tpc.googlesyndication.com/simgad/ Frame 448B 86 KB
86 KB 66ms
64ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10103533927608154387?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkdVSPLg9RTljrNm7ZN_B6XYNyqUg

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

879050e160fbacb2e07fa03c7cd2425c293362a0a47c961bb1d6721e7c1ac3c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 01 Apr 2020 21:38:51 GMT
x-content-type-options: nosniff
last-modified: Wed, 04 Mar 2020 21:46:23 GMT
server: sffe
age: 2393191
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 87892
x-xss-protection: 0
expires: Thu, 01 Apr 2021 21:38:51 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 448B 2 KB
3 KB 65ms
63ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Apr 2020 23:33:53 GMT
x-content-type-options: nosniff
server: cafe
age: 53489
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Wed, 29 Apr 2020 23:33:53 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 448B 295 B
522 B 65ms
63ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Apr 2020 21:53:20 GMT
x-content-type-options: nosniff
server: cafe
age: 59522
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Wed, 29 Apr 2020 21:53:20 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 448B 0
0 68ms
67ms Image
text/html 2a00:1450:4001:81f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTPbnH8sFgu9zSkFLyIzbrWdHWEjiG2IDDyt1LTsTAwnDI5YV5rzZNGYgC7-velFf5M_dzydT3gUCYdySOjX-ZkqOwlGw
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 448B 0
0 69ms
68ms Image
text/html 172.217.22.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C8PkRUo6pXsHCA8Lj7gPT5rOABL6rh-1cqs6l0cEL6Kq2lYsDEAEg2tfFOWCRhICAjBigAZKZq_wCyAEC4AIAqAMByAMIqgTHAk_Q-CWfJ1Zn8pLpwhkxBvDv-bsip8Neelk9luULHyh7IIWNyIc0gGZ_a7GmfwPW9hH2PSD4L17xTf0h6p13tU9g5ZXSspcNSbOzLz0H5IPpD5SrabPJwLzpz5JnqZeVBLTXhMUZkzQc_ynDmY5PwZ-qAHtbTMJVUrQj0mkMuIOcCZ9WI8kRiKm4uCLJIFrNcBrL2Omt-1n8RM_mlE3w8_SmyL73unCAmTy_s4NyFn-TBWhMnYJpPms_cYXP5xx0MaTY-pX2XkwHsOYt5R2-2zbDtrWigSayXVvNUF2M_qqK-mdVFuKVxi1w4d9cDuUPnTsJSXMy6kFmikCRGhot33VC6RJq7K5gBhuXlaQfTzX8kJ7C4hYjX4wKdjhW3WZMS2v-foQnHeuPBYDcc3XbT5g84VwOwF_zDumWOoBph-7_JiA8O1_0dcAExurvhv0C4AQBkgUECAQYAZIFBAgFGASgBgKAB9bm1IMBqAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcB8gcEEMaSA9IICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tMTc0MjI0OTYwMzI4OTA4M4AKA8gLAdgTCg&sigh=_lNMFCzvT5I&tpd=AGWhJmsKLT28bomVdIwiPRWkyUQxqvLkDUhh86JNNyk7yOvQMQ
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.22.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s17-in-f66.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012003262059300/ Frame 0EC1 200 KB
55 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da8c4bacc841dac6fd247e95d34e81f9896c52f1c9560e1dc300b628c37330d1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.bleepingcomputer.com/
Origin: https://www.bleepingcomputer.com

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 4743
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 55871
x-xss-protection: 0
server: sffe
date: Wed, 29 Apr 2020 13:06:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5920a4a9dcd48347"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Apr 2021 13:06:19 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012003262059300/ Frame 0EC1 200 KB
55 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da8c4bacc841dac6fd247e95d34e81f9896c52f1c9560e1dc300b628c37330d1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 2762
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 55871
x-xss-protection: 0
server: sffe
date: Wed, 29 Apr 2020 13:39:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5920a4a9dcd48347"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Apr 2021 13:39:20 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012003262059300/v0/ Frame 0EC1 16 KB
6 KB 8ms
5ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003262059300/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7853f30b8d97f4ea1936818b0b01f1757e46fe3f99571a572582d4eec53e6875

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 193779
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5717
x-xss-protection: 0
server: sffe
date: Mon, 27 Apr 2020 08:35:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "955d460ecdaddff4"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Apr 2021 08:35:43 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012003262059300/v0/ Frame 0EC1 93 KB
28 KB 16ms
13ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003262059300/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a58db5adf9958450ff7368808e322df972146f6c86546e471b0608af84e93bb3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 2760
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28417
x-xss-protection: 0
server: sffe
date: Wed, 29 Apr 2020 13:39:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "40aee2f6297ccc56"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Apr 2021 13:39:22 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012003262059300/v0/ Frame 0EC1 3 KB
1 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003262059300/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2deddad8c3b18a05e32ffdbb3e57004f820bf30d3ba341cd529b9156db47f41

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 107950
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1416
x-xss-protection: 0
server: sffe
date: Tue, 28 Apr 2020 08:26:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "7405f8d8da732be7"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Apr 2021 08:26:12 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012003262059300/v0/ Frame 0EC1 46 KB
15 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003262059300/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

757356e3395a14678ad98d34ab39325de29d79752e66ae1748d0015cfd5d007e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 107952
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 14864
x-xss-protection: 0
server: sffe
date: Tue, 28 Apr 2020 08:26:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "37d2c34b66959890"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Apr 2021 08:26:10 GMT

GET
H2 200 10103533927608154387
tpc.googlesyndication.com/simgad/ Frame 0EC1 86 KB
86 KB 9ms
8ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10103533927608154387?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkdVSPLg9RTljrNm7ZN_B6XYNyqUg

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

879050e160fbacb2e07fa03c7cd2425c293362a0a47c961bb1d6721e7c1ac3c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 01 Apr 2020 21:38:51 GMT
x-content-type-options: nosniff
last-modified: Wed, 04 Mar 2020 21:46:23 GMT
server: sffe
age: 2393191
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 87892
x-xss-protection: 0
expires: Thu, 01 Apr 2021 21:38:51 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0EC1 2 KB
3 KB 8ms
7ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Apr 2020 23:33:53 GMT
x-content-type-options: nosniff
server: cafe
age: 53489
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Wed, 29 Apr 2020 23:33:53 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0EC1 295 B
355 B 7ms
7ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Apr 2020 21:53:20 GMT
x-content-type-options: nosniff
server: cafe
age: 59522
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Wed, 29 Apr 2020 21:53:20 GMT

GET
DATA 200
OK truncated
/ Frame 0EC1 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 441648cd30b738cafe7fc759b65110693960f7e427a14814fffce12f768b9808

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012003262059300/ Frame 0E46 200 KB
55 KB 22ms
4ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da8c4bacc841dac6fd247e95d34e81f9896c52f1c9560e1dc300b628c37330d1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.bleepingcomputer.com/
Origin: https://www.bleepingcomputer.com

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 4743
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 55871
x-xss-protection: 0
server: sffe
date: Wed, 29 Apr 2020 13:06:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5920a4a9dcd48347"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Apr 2021 13:06:19 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012003262059300/ Frame 0E46 200 KB
55 KB 95ms
76ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da8c4bacc841dac6fd247e95d34e81f9896c52f1c9560e1dc300b628c37330d1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 2762
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 55871
x-xss-protection: 0
server: sffe
date: Wed, 29 Apr 2020 13:39:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5920a4a9dcd48347"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Apr 2021 13:39:20 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012003262059300/v0/ Frame 0E46 16 KB
6 KB 104ms
85ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003262059300/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7853f30b8d97f4ea1936818b0b01f1757e46fe3f99571a572582d4eec53e6875

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 193779
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5717
x-xss-protection: 0
server: sffe
date: Mon, 27 Apr 2020 08:35:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "955d460ecdaddff4"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Apr 2021 08:35:43 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012003262059300/v0/ Frame 0E46 93 KB
28 KB 27ms
10ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003262059300/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a58db5adf9958450ff7368808e322df972146f6c86546e471b0608af84e93bb3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 2760
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28417
x-xss-protection: 0
server: sffe
date: Wed, 29 Apr 2020 13:39:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "40aee2f6297ccc56"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Apr 2021 13:39:22 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012003262059300/v0/ Frame 0E46 3 KB
1 KB 102ms
84ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003262059300/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2deddad8c3b18a05e32ffdbb3e57004f820bf30d3ba341cd529b9156db47f41

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 107950
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1416
x-xss-protection: 0
server: sffe
date: Tue, 28 Apr 2020 08:26:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "7405f8d8da732be7"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Apr 2021 08:26:12 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012003262059300/v0/ Frame 0E46 46 KB
15 KB 26ms
9ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003262059300/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

757356e3395a14678ad98d34ab39325de29d79752e66ae1748d0015cfd5d007e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 107952
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 14864
x-xss-protection: 0
server: sffe
date: Tue, 28 Apr 2020 08:26:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "37d2c34b66959890"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Apr 2021 08:26:10 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0E46 5 KB
718 B 89ms
71ms Stylesheet
text/css 2a00:1450:4001:815::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4a7b4babd8d76af2ddc0840bda733cd5a0b409895bb74d5302ff1155c9b32bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 29 Apr 2020 14:25:22 GMT
server: ESF
date: Wed, 29 Apr 2020 14:25:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 29 Apr 2020 14:25:22 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0E46 5 KB
764 B 88ms
70ms Stylesheet
text/css 2a00:1450:4001:815::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&text=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4a7b4babd8d76af2ddc0840bda733cd5a0b409895bb74d5302ff1155c9b32bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 29 Apr 2020 14:25:22 GMT
server: ESF
date: Wed, 29 Apr 2020 14:25:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 29 Apr 2020 14:25:22 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0E46 2 KB
3 KB 86ms
70ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Apr 2020 23:33:53 GMT
x-content-type-options: nosniff
server: cafe
age: 53489
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Wed, 29 Apr 2020 23:33:53 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0E46 295 B
355 B 85ms
69ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Apr 2020 21:53:20 GMT
x-content-type-options: nosniff
server: cafe
age: 59522
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Wed, 29 Apr 2020 21:53:20 GMT

GET
DATA 200
OK truncated
/ Frame 0E46 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4cef923dd4bb7203ccd56b6f1e394fd309f46228771fe4ce07e0b8e5788652b0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5D94 0
0 79ms
73ms Fetch
image/gif 172.217.22.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsso9Rk3dIdIU8xqgyy9QF9aTN0g2-GFTBoKfDGesDNncRoXYH3QFLnv-dWxfeFO9BshZ7IOzoNuxFLGZe1saSc0HZYCPjNgGx3vmO5-e_BC3Z1F2MUOqFEf04PhIr200UDVr08_7HZ04HCB6XcVMDOp8D9V8ywI5bcQ6eMyLQOOGzVIaEHtUe2FZIHWEnTwEUY7gTERreNjihbtKqDh6gLMl_vR3seP1mqCO7eZrm2tx7g2c597s7WTB3rGlNJw-6BxRMepQ9RlPLVtZHR2LBHcoUAc--Z0hdRq7LguxoxqmFVafRY-G4I&sig=Cg0ArKJSzPXc_wc3EkSjEAE&urlfix=1&adurl=

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Apr 2020 14:25:22 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 29 Apr 2020 14:25:22 GMT

GET
H2 200 native-loader.js Show response
video.unrulymedia.com/native/ Frame 5D94 10 KB
4 KB 272ms
96ms Script
application/javascript 143.204.212.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://video.unrulymedia.com/native/native-loader.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.212.226 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-212-226.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2d8c671d4de954e4f58c46514f884d501b9c642c0df85e480c8a206a99ca60d1

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:17:32 GMT
content-encoding: gzip
x-amz-expiration: expiry-date="Thu, 29 Apr 2027 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified: Wed, 29 Apr 2020 14:09:25 GMT
server: AmazonS3
age: 472
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=600
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: 7QJCBhFAux6DgtO4HQ_RGentwuCMOrsKtqEnuBPEapXyWkQiY0juZw==
via: 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5D94 75 KB
28 KB 79ms
73ms Script
text/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7bee3a5ad33b029f119b2245f33ba68b6e3aff305c17379b180545b4e50ad178

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1587986955147099"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28776
x-xss-protection: 0
expires: Wed, 29 Apr 2020 14:25:22 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
377 B 82ms
63ms XHR
text/javascript 99.86.0.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ffake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing%2F&pid=z2pdXO3LffWZO&cb=1&ws=1600x1200&v=7.49.02&t=1000&slots=%5B%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_2%22%7D%5D&cfgv=0&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdprl=%7B%22status%22%3A%22cmp-timeout%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.0.120 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-0-120.fra6.r.cloudfront.net
Software: Server /
Resource Hash: 89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:23 GMT
via: 1.1 baa5702f7bd64fcbae1e3bd950d9a245.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA6-C1
status: 200
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: BX_Ru0FEkyYeGkjVRZ1K3cmEKnvCQquRpXLn2hIxSXhUPoJQG3a_XA==

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
66 B 103ms
92ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Wed, 29 Apr 2020 14:25:23 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
2 KB 178ms
166ms XHR
application/json 69.173.144.143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=15&alt_size_ids=10&us_privacy=1---&rp_schain=1.0,1!freestar.io,535,1,,,&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ffake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing%2F&tk_flint=pbjs_lite_v3.11.0&x_source.tid=e5f8ae2d-f442-4b39-8cf4-85eb64e4706e&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.6293767136071151
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: ccd40ac227234cf6e9f7724dad96ce563f27f74c99d54e764af1451c424cdf0b

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 29 Apr 2020 14:25:23 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=461
Content-Length: 261
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 26 B
1 KB 190ms
180ms XHR
application/json 72.247.225.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=393562&v=7.2&r=%7B%22id%22%3A%22119a39eb31af8808%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22120af1033e0f17e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2212108031a091b393%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ffake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%2C%22us_privacy%22%3A%221---%22%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.247.225.98 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-225-98.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 52008fa6b53dc0fb50d80c588c6ee9720d36c30e79d07e6eb7baacfed08f59cb

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 29 Apr 2020 14:25:23 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 46
Expires: Wed, 29 Apr 2020 14:25:23 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
483 B 180ms
171ms XHR
application/json 35.157.31.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.157.31.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-157-31-10.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 29 Apr 2020 14:25:23 GMT
status: 200
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST 24
web.hb.ad.cpe.dotomi.com/s2s/header/ 0
0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 67ms
62ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

79b713d858bbeee3a5bb7617c582aff43a1f8e40710254a572b72afd3b846ce8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 29 Apr 2020 14:25:25 GMT
X-Proxy-Origin: 185.217.171.12; 185.217.171.12; 692.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.13:80
AN-X-Request-Uuid: edc44c0f-0c87-44f5-bb78-ee63cb39308f
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
191 B 62ms
58ms XHR
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 29 Apr 2020 14:25:23 GMT
server: cloudflare
status: 204
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-allow-credentials: true
cf-ray: 58b9b126bfb4d925-AMS
access-control-allow-headers: Content-Type, Origin
cf-request-id: 0267ed0c370000d925c180c200000001

GET
H2 200 arj Show response
freestar-d.openx.net/w/1.0/ 191 B
379 B 267ms
263ms XHR
application/json 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://freestar-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ffake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.1&dddid=e5f8ae2d-f442-4b39-8cf4-85eb64e4706e&nocache=1588170322986&us_privacy=1---&pubcid=71176762-bd0a-414b-a96a-8f832da10b04&schain=1.0%2C1!freestar.io%2C535%2C1%2C%2C%2C&aus=300x250%2C300x600&divIds=bleepingcomputer_300x250_300x600_160x600_Right_2&auid=540959250&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.184.0 /
Resource Hash: 112993c13c6a594a490f990e71cd4b51a70b70cd17e21374f85dd11ed0ffd51e

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 29 Apr 2020 14:25:23 GMT
content-encoding: gzip
server: OXGW/16.184.0
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 177
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 63ms
59ms XHR
text/plain 52.59.41.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=uo4nuhxJikFrr3o47oeeZPL5&bidId=136a03e6bf7116f4&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.11.0&strVersion=3.2.1&secure=true&us_privacy=1---&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.41.102 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-41-102.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Wed, 29 Apr 2020 14:25:23 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 62ms
59ms XHR
text/plain 52.59.41.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=6f2XVeWT9HhHNo9TDFzKK7JK&bidId=1374ec23be8ee0f9&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.11.0&strVersion=3.2.1&secure=true&us_privacy=1---&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.41.102 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-41-102.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Wed, 29 Apr 2020 14:25:23 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 122ms
120ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

3c2d219320caf0bd31bde137353675e882aef62a2fa606c7e0b2291ee0760ea0

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 29 Apr 2020 14:25:25 GMT
X-Proxy-Origin: 185.217.171.12; 185.217.171.12; 692.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.237:80
AN-X-Request-Uuid: f2c25b22-caf5-4f31-998f-f47aa9b2d8bb
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
376 B 114ms
110ms XHR
text/javascript 99.86.0.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ffake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing%2F&pid=z2pdXO3LffWZO&cb=2&ws=1600x1200&v=7.49.02&t=1000&slots=%5B%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_728x90_320x50_InContent_1%22%7D%5D&cfgv=0&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdprl=%7B%22status%22%3A%22cmp-timeout%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.0.120 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-0-120.fra6.r.cloudfront.net
Software: Server /
Resource Hash: 5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:23 GMT
via: 1.1 baa5702f7bd64fcbae1e3bd950d9a245.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA6-C1
status: 200
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: M9dsqFNDJ7duoefx7h3dn0XfZWkTTjzYkCiJGBUTcg0-b-H8_QSOhw==

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
482 B 103ms
103ms XHR
application/json 35.157.31.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.157.31.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-157-31-10.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 29 Apr 2020 14:25:23 GMT
status: 200
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 26 B
1 KB 190ms
189ms XHR
application/json 72.247.225.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=393562&v=7.2&r=%7B%22id%22%3A%22146753505ed0f296%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22147fdf065d5e8518%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ffake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%2C%22us_privacy%22%3A%221---%22%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.247.225.98 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-225-98.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cc99761dd1551803ae2d653f9f0b19e9fc06802c1eb6c27453151ca59a649b1f

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 29 Apr 2020 14:25:23 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 46
Expires: Wed, 29 Apr 2020 14:25:23 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
2 KB 194ms
194ms XHR
application/json 69.173.144.143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=2&us_privacy=1---&rp_schain=1.0,1!freestar.io,535,1,,,&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ffake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing%2F&tk_flint=pbjs_lite_v3.11.0&x_source.tid=c956c792-eb7d-4733-9382-e5be64cf9b92&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.3013529565074382
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 27624d4f44365d9ee8d2c970e9465b1f0950ffda46ca93e6b4536f6754ed5169

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 29 Apr 2020 14:25:23 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=374
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
61 B 22ms
22ms XHR
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 29 Apr 2020 14:25:23 GMT
server: cloudflare
status: 204
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-allow-credentials: true
cf-ray: 58b9b12738e8d925-AMS
access-control-allow-headers: Content-Type, Origin
cf-request-id: 0267ed0c7e0000d925c1811200000001

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
66 B 111ms
110ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Wed, 29 Apr 2020 14:25:23 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 95ms
95ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

36f5968713e593de0803545a576c29eeeb58a9ac25f83ce887f0a67ea6c19d7d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 29 Apr 2020 14:25:25 GMT
X-Proxy-Origin: 185.217.171.12; 185.217.171.12; 692.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.203:80
AN-X-Request-Uuid: 4fab8368-cf9a-43dd-ba05-75135ab0ce08
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 91ms
86ms XHR
text/plain 52.59.41.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=WLM6GiL3zdSZQxjuNieepuQJ&bidId=1572b96ee710b3fc&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.11.0&strVersion=3.2.1&secure=true&us_privacy=1---&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.41.102 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-41-102.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Wed, 29 Apr 2020 14:25:23 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 146 B
1 KB 292ms
97ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

f4835739ea23c396092a1b4f13457c91c0dd309754000daa0fa1a3ed3d226c7b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 29 Apr 2020 14:25:25 GMT
X-Proxy-Origin: 185.217.171.12; 185.217.171.12; 692.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.49:80
AN-X-Request-Uuid: 153c8dbe-d5c1-4d0d-b4e1-897ae42eda8d
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 146
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST 24
web.hb.ad.cpe.dotomi.com/s2s/header/ 0
0

GET
H2 200 arj Show response
freestar-d.openx.net/w/1.0/ 191 B
382 B 187ms
186ms XHR
application/json 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://freestar-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ffake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.1&dddid=c956c792-eb7d-4733-9382-e5be64cf9b92&nocache=1588170323068&us_privacy=1---&pubcid=71176762-bd0a-414b-a96a-8f832da10b04&schain=1.0%2C1!freestar.io%2C535%2C1%2C%2C%2C&aus=728x90&divIds=bleepingcomputer_728x90_320x50_InContent_1&auid=540959250&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.184.0 /
Resource Hash: cfb7a82fce6138ecaddbb87f4595f3eabe282af245852d99faa8ab01c7574fb1

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 29 Apr 2020 14:25:23 GMT
content-encoding: gzip
server: OXGW/16.184.0
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 176
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
376 B 98ms
97ms XHR
text/javascript 99.86.0.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ffake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing%2F&pid=z2pdXO3LffWZO&cb=3&ws=1600x1200&v=7.49.02&t=1000&slots=%5B%7B%22sd%22%3A%225%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_3%22%7D%5D&cfgv=0&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdprl=%7B%22status%22%3A%22cmp-timeout%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.0.120 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-0-120.fra6.r.cloudfront.net
Software: Server /
Resource Hash: 1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:23 GMT
via: 1.1 baa5702f7bd64fcbae1e3bd950d9a245.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA6-C1
status: 200
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: lYOgi3iuLtsdanXVG2khdewgT7BE48BIKtdACBYOE74jXv1mjqBC6Q==

GET
H2 204 l
www.google.com/ads/measurement/ Frame 0EC1 0
0 122ms
14ms Image
text/html 2a00:1450:4001:81f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSzfSQUMq4PdDwdmWTN0qP1h3D5oVQzSU8qRbssUwiGxGkbJMc5RAY3A2GTYOGnaVFf5eEy1XaNVoSgLriUey_LNtWQAQ
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 0EC1 0
0 197ms
89ms Image
text/html 172.217.22.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CiTrNUo6pXsLCA8Lj7gPT5rOABL6rh-1cqs6l0cEL6Kq2lYsDEAEg2tfFOWCRhICAjBigAZKZq_wCyAEC4AIAqAMByAMIqgTKAk_QBF_8ATJ9BAQI0-3DM80Oo1fl1HmvGU73upCT4jvwWqEEfFC8OMz_G3u-7HS1NsTP92HZC9hdd436nJ5xS7D2ce9itp7YxlB3OQJfZtMezKAyqAWEXM3dTwUUWskmzjigOvu-E2dYemDpt_yCV4jArqoZi9pxC0X4vklV5--E6CYCRw6sD-APa_FtNkwxUfrTfE62du7lHgSC3WyddiyUD0fcNleRtSoO2Ao64msFyL2Un6BAdSFQWY35tvyTBHyv--j2nlnLOYFGeHl27yRTYLxh9s2gUFTklzQiUlld-7mdEnchNtiDyi_r79yEtHBN-ySIPaPlHVs1GGRSR4diHrr9GxesX_tXzxxraDvHXruCj10_SdztAjJ0_q7cHpJ0AAw-cXKR97uQFkAiDe5TXNSNc15guIkkD7YjmeciTs7fOD5xH8ddV8AExurvhv0C4AQBkgUECAQYAZIFBAgFGASgBgKAB9bm1IMBqAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcB8gcEEMieAdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tMTc0MjI0OTYwMzI4OTA4M4AKA8gLAdgTCg&sigh=YDLUpR_RmxU&tpd=AGWhJmvFUAaF1a04EEtEvpUN22m1LPWbCHQHhudgaTwgoqADKQ
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.22.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s17-in-f66.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/7288279155406672163/ Frame 0E46 16 KB
16 KB 115ms
8ms Image
image/jpeg 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7288279155406672163/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIrAIQnQEYASABLQAAAD8wrAI4nQFFAACAPw&rs=AOga4qkv5Qw0-x04j9dJJ5mKHnXrwpfkWA

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30298486f3d8240f74f86f655398eb300a6074232f01cee83a8e5309d7cf8db4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 04 Apr 2020 08:09:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 10 Dec 2019 20:10:46 GMT
server: sffe
age: 2182545
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 16299
x-xss-protection: 0
expires: Sun, 04 Apr 2021 08:09:38 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/13831666527492377566/ Frame 0E46 19 KB
19 KB 94ms
6ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13831666527492377566/downsize_200k_v1?sqp=4sqPyQSLAUKIAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-Mg8I2AQQ2AQYASABLQAAAD8&rs=AOga4ql5b1eXL8wW5Wazm2qB-DWB-QWsVQ

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

807f4b1d0cdcef9efbc803a7ace004a355fa402cf85f24619427e402ad16c982

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 16 Apr 2020 22:45:40 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Nov 2019 21:17:48 GMT
server: sffe
age: 1093183
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 19361
x-xss-protection: 0
expires: Fri, 16 Apr 2021 22:45:40 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 0E46 0
0 176ms
88ms Image
text/html 172.217.22.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cfq_oUo6pXsPCA8Lj7gPT5rOABLyxyOJc5N-RoosLtvHOpZsYEAEg2tfFOWCRhICAjBigAf_bisgDyAEG4AIAqAMByAMKqgTLAk_Qfg8OW2H1sPc3RzsMH3n7jRYqdCjKMYumYNT3XRauUHmSnBsTFxA9EjQx4hrMFhn2Fx0u82e8ap_QEjkGXfTWPDArmqFn1XRnMU55JPKklaZl_4iB9WAzA--44KA9QMCJwKGJf5vvEA5Fqk5L2mLTuB1_sh_sGtBlpD9sX0UI6S1UZopLRWTY0qTMb8Yfuq-8EVWM6t1WrzA9Ve_0XDoejghuK2UWV5TTPZYGAMiLvYR7XBN9Xvbrv3bEj3OK7yUVkGmL0K2TppmSKTSu1q8ZlH7sOieyUZLEfpyJ_hOqrnRH8rRi0thVnVrNrrKam1uhPCYdg3m9vy2SNBYFofsIw6yoPKmDshpiMCOiX9RxaVun445jdaj1JUsvy1zhtMHJEXMxM4qKevJMCnV41uWo_QJwsDLmu6i38lD2VDY-uZx64y6WjSEuPIPABJK6_dbnAuAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAY3gAeG85wJqAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcB8gcEEJ_eAtIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tMTc0MjI0OTYwMzI4OTA4M4AKA8gLAdgTDJgWAQ&sigh=4EseYZqEv1E&template_id=492&tpd=AGWhJmubt8a5ANwIYOVYY6-4zf6rbkPkbeoeL30_RaFWylC_-A
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.22.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s17-in-f66.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

POST 24
web.hb.ad.cpe.dotomi.com/s2s/header/ 0
0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 83ms
83ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

18fb50797f7d2108ac50357c46bffbbed42e651710b3d668a941c10d0dbe3309

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 29 Apr 2020 14:25:25 GMT
X-Proxy-Origin: 185.217.171.12; 185.217.171.12; 692.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.30:80
AN-X-Request-Uuid: 039e1a85-6249-4d71-9518-9c86e589c503
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 146 B
1 KB 114ms
113ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

2142ebde30909e7e0d116fbc90f350d388e0a89cc785c4bfcb9a410cfd64adc1

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 29 Apr 2020 14:25:25 GMT
X-Proxy-Origin: 185.217.171.12; 185.217.171.12; 692.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.51:80
AN-X-Request-Uuid: 29a814a0-5b16-4748-bccd-03e3082ea51c
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 146
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
62 B 78ms
77ms XHR
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 29 Apr 2020 14:25:23 GMT
server: cloudflare
status: 204
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-allow-credentials: true
cf-ray: 58b9b1288c5ad925-AMS
access-control-allow-headers: Content-Type, Origin
cf-request-id: 0267ed0d500000d925c182d200000001

GET
H2 200 arj Show response
freestar-d.openx.net/w/1.0/ 191 B
378 B 180ms
179ms XHR
application/json 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://freestar-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ffake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.1&dddid=07c063af-6344-4f0e-9c23-e041c9bfcfd9&nocache=1588170323272&us_privacy=1---&pubcid=71176762-bd0a-414b-a96a-8f832da10b04&schain=1.0%2C1!freestar.io%2C535%2C1%2C%2C%2C&aus=300x250%2C300x600&divIds=bleepingcomputer_300x250_300x600_160x600_Right_3&auid=540959250&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.184.0 /
Resource Hash: c351bdd8618e7fadb9398b77049d7b676cfa0d6b12188fc72c2555f0aa21bf4c

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 29 Apr 2020 14:25:23 GMT
content-encoding: gzip
server: OXGW/16.184.0
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 176
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 79ms
78ms XHR
text/plain 52.59.41.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=uo4nuhxJikFrr3o47oeeZPL5&bidId=17942c687b055f56&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.11.0&strVersion=3.2.1&secure=true&us_privacy=1---&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.41.102 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-41-102.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Wed, 29 Apr 2020 14:25:23 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 79ms
79ms XHR
text/plain 52.59.41.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=6f2XVeWT9HhHNo9TDFzKK7JK&bidId=180fd57539f459b7&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.11.0&strVersion=3.2.1&secure=true&us_privacy=1---&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.41.102 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-41-102.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Wed, 29 Apr 2020 14:25:23 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
1 KB 112ms
112ms XHR
application/json 69.173.144.143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=15&alt_size_ids=10&us_privacy=1---&rp_schain=1.0,1!freestar.io,535,1,,,&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ffake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing%2F&tk_flint=pbjs_lite_v3.11.0&x_source.tid=07c063af-6344-4f0e-9c23-e041c9bfcfd9&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.732995404027978
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 9ce3eb044ddae52a23a6be77a9806bcfc26a6c4122dc8f5d9a0e25318d9b7802

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 29 Apr 2020 14:25:23 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=207
Content-Length: 261
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
482 B 489ms
489ms XHR
application/json 35.157.31.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.157.31.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-157-31-10.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 29 Apr 2020 14:25:23 GMT
status: 200
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
66 B 95ms
94ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Wed, 29 Apr 2020 14:25:23 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 26 B
876 B 173ms
173ms XHR
application/json 72.247.225.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=393562&v=7.2&r=%7B%22id%22%3A%2219149aa2a3811182%22%2C%22imp%22%3A%5B%7B%22id%22%3A%221923110cc89af5d3%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22193968099dc74867%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ffake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%2C%22us_privacy%22%3A%221---%22%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.247.225.98 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-225-98.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 71b8e707dce01c867b057625d854dc613364777822d6626c5309bb0b6d5dcb58

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 29 Apr 2020 14:25:23 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 46
Expires: Wed, 29 Apr 2020 14:25:23 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 0E46 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en
Origin: https://www.bleepingcomputer.com

Response headers

date: Tue, 14 Apr 2020 23:26:59 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 1263504
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Wed, 14 Apr 2021 23:26:59 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 0E46 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en
Origin: https://www.bleepingcomputer.com

Response headers

date: Sat, 28 Mar 2020 09:35:40 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 2782183
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Sun, 28 Mar 2021 09:35:40 GMT

POST
H/1.1 200
OK c Show response
c.pub.network/ 36 B
472 B 132ms
129ms XHR
text/plain 35.226.36.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/c
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.226.36.58 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.36.226.35.bc.googleusercontent.com
Software: /
Resource Hash: 95c5fbe1b28dbd131e5b9261db983f584d975fe3b215df3cf48f6da775747f82

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Wed, 29 Apr 2020 14:25:23 GMT
Access-Control-Allow-Credentials: true
Content-Length: 36
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain;charset=utf-8

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 6BA4 29 KB
8 KB 81ms
40ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d96b83eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 28 Apr 2020 21:36:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60514
status: 200
vary: Accept-Encoding
x-amz-request-id: 353C71F4947574BC
x-amz-id-2: MA9iD59JI7udB3VVxs8p6ADl9aAAw09h6Rx5HWWo3ZdOcAlgZTgDIo6UpnbpJTsP7VoD2geXdxE=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
content-length: 7868
content-type: application/javascript

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 342 B
244 B 544ms
498ms XHR
text/plain 172.217.22.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1716003269940156&correlator=4442492709386288&output=ldjh&impl=fifs&adsid=NT&eid=21064501&vrg=2020042302&us_privacy=1---&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200429&iu_parts=15184186%2Cbleepingcomputer_300x250_300x600_160x600_Right_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&rcs=1&prev_scp=amznbid%3D2%26amznp%3D2%26fsbid%3D0%26freestar_path%3D%252Fnews%252Fsecurity%252Ffake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing%252F%26freestar_domain%3Dbleepingcomputer.com%26fs_safeframe%3Dfalse%26custom_bidder_size%3Drubicon_300x250%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.00%26hb_adid%3D10984b65f9f969d8%26hb_bidder%3Drubicon&eri=1&cust_params=user-agent%3DChrome&cookie=ID%3D0450edc90e987cf7%3AT%3D1588170321%3AS%3DALNI_MYTJbUVawvtEyAMCZPy7N5f5_JM6Q&cookie_enabled=1&bc=31&abxe=1&lmt=1588026539&dt=1588170323402&dlt=1588170318764&idt=1623&frm=20&biw=1600&bih=1200&oid=3&adxs=1082&adys=1296&adks=2389526111&ucis=8&ifi=3&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ffake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing%2F&dssz=58&icsg=140738193031168&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=306x250&msz=306x250&psts=AKB7eCKavm0y-7DFBxajSnt_l1rf%2CAKB7eCKb6wBH1krBZrotUPYKOyle3fNvucOYRpdfy_FQLL19zWTyNaZcgEgD-QBm36u7t-b2MJGaGGzRt4SF%2CAKB7eCKavm0y-7DFBxajSnt_l1rf&ga_vid=561706886.1588170320&ga_sid=1588170320&ga_hid=96519575&fws=4&ohw=1600

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

cafe /

Resource Hash

19b20d5fe4f6f2ca2f96070b0f47bd1278c15dfd1f7ab9ed42338a7156a61a61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 154
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 et_v1.0.1624-0-gff057b5.js Show response
video.unrulymedia.com/native/ Frame C221 3 KB
2 KB 101ms
28ms Script
application/javascript 143.204.212.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://video.unrulymedia.com/native/et_v1.0.1624-0-gff057b5.js
Requested by: Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/native-loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.212.226 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-212-226.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 03e3ec6cd6650e2ca9de22009a345cd139d1db0bbfc900aaaf2225c3596e7942

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
Origin: https://www.bleepingcomputer.com

Response headers

date: Sun, 26 Apr 2020 17:19:20 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 248764
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: https://www.bleepingcomputer.com
x-amz-expiration: expiry-date="Fri, 23 Apr 2027 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified: Thu, 23 Apr 2020 17:13:57 GMT
server: AmazonS3
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET
content-type: application/javascript
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
cache-control: max-age=63072000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: qC-C6CMOOCZAjZNiqzXWe_hdKAoBsw833qcpstQZiwcyCgJalHwofQ==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ Frame C221 85 KB
30 KB 23ms
6ms Script
text/javascript 2a00:1450:4001:81b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js

Requested by

Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/native-loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
Origin: https://www.bleepingcomputer.com

Response headers

date: Sat, 04 Apr 2020 05:03:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2193696
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30244
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Apr 2021 05:03:47 GMT

GET
H/1.1 200
OK blank.gif
stats3.unrulymedia.com/ Frame 5D94 43 B
346 B 140ms
35ms Image
image/gif 34.243.121.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats3.unrulymedia.com/blank.gif?t=pp_tag_imp&app=native&pid=1101818&id=431559959&d=1588170323474&in_iframe=true&h=v1.0.1624-0-gff057b5&compat=CSS1Compat&pageLoadId=595357877&supplyMode=direct&unr.site.env=html&ts=2020-04-29T14%253A25%253A23.474-%252B02%253A00
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 34.243.121.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-121-135.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.2 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 29 Apr 2020 14:25:23 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.4.2
X-Unruly-Server: stats3n-eu-074.unrulymedia.com
P3P: CP="CUR IVDo OUR IND"
Cache-Control: no-store,no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43

GET
DATA 200
OK truncated
/ Frame 5D94 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89cb41499c6c688dd580e3c846463849e8ae6ff85ef2cb27e509e1e01677c48f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 341 B
235 B 592ms
592ms XHR
text/plain 172.217.22.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1716003269940156&correlator=4442492709386288&output=ldjh&impl=fifs&adsid=NT&eid=21064501&vrg=2020042302&us_privacy=1---&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200429&iu_parts=15184186%2Cbleepingcomputer_728x90_320x50_InContent_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&rcs=1&prev_scp=amznbid%3D2%26amznp%3D2%26fsbid%3D0&eri=1&cust_params=user-agent%3DChrome&cookie=ID%3D0450edc90e987cf7%3AT%3D1588170321%3AS%3DALNI_MYTJbUVawvtEyAMCZPy7N5f5_JM6Q&cookie_enabled=1&bc=31&abxe=1&lmt=1588026539&dt=1588170323604&dlt=1588170318764&idt=1623&frm=20&biw=1600&bih=1200&oid=3&adxs=268&adys=5674&adks=4047242158&ucis=9&ifi=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ffake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing%2F&dssz=58&icsg=140738193031168&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=834x90&msz=834x90&psts=AKB7eCKb6wBH1krBZrotUPYKOyle3fNvucOYRpdfy_FQLL19zWTyNaZcgEgD-QBm36u7t-b2MJGaGGzRt4SF%2CAKB7eCKavm0y-7DFBxajSnt_l1rf&ga_vid=561706886.1588170320&ga_sid=1588170320&ga_hid=96519575&fws=4&ohw=1600

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

cafe /

Resource Hash

6d04bbd61f5107f4226e0a208772cd70e6f94c31da3d4e1c64c7c7c6d55058a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:24 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 157
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 6BA4 160 B
1018 B 26ms
26ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d96b83eb.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

65902ea002e12561d31f5d5d60196ec91d14a83337f2932ae537614118cf22ae

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 29 Apr 2020 14:25:25 GMT
X-Proxy-Origin: 185.217.171.12; 185.217.171.12; 692.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.52:80
AN-X-Request-Uuid: 6f745b8f-e298-4159-9f89-4fc0067d5066
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 6BA4 0
66 B 77ms
68ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d96b83eb.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Wed, 29 Apr 2020 14:25:23 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com

POST 24
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 6BA4 0
0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 6BA4 160 B
1018 B 71ms
67ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d96b83eb.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

678dd7cda68669c2a7b73b451445e10ab7d3c701f10a576efcec5e658efdb501

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 29 Apr 2020 14:25:25 GMT
X-Proxy-Origin: 185.217.171.12; 185.217.171.12; 692.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.24:80
AN-X-Request-Uuid: 4f7357ed-7766-4b9f-80ad-461ab2720615
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 204
No Content / Show response
hb.emxdgt.com/ Frame 6BA4 0
316 B 154ms
39ms XHR
text/html 18.196.104.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=&ts=1588170323672&src=pbjs
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d96b83eb.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.104.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-104-43.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 29 Apr 2020 14:25:23 GMT
Content-Type: text/html
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Access-Control-Allow-Headers: security, Content-Type
Content-Length: 0

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 448B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

41ms
40ms

Image
text/html

2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

date: Wed, 29 Apr 2020 14:25:23 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 246
x-xss-protection: 0

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 0EC1
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

41ms
41ms

Image
text/html

2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

date: Wed, 29 Apr 2020 14:25:23 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 246
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 47 KB
11 KB 440ms
439ms XHR
text/plain 172.217.22.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1716003269940156&correlator=4442492709386288&output=ldjh&impl=fifs&adsid=NT&eid=21064501&vrg=2020042302&us_privacy=1---&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200429&iu_parts=15184186%2Cbleepingcomputer_300x250_300x600_160x600_Right_3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&rcs=1&prev_scp=amznbid%3D2%26amznp%3D2%26fsbid%3D0&eri=1&cust_params=user-agent%3DChrome&cookie=ID%3D0450edc90e987cf7%3AT%3D1588170321%3AS%3DALNI_MYTJbUVawvtEyAMCZPy7N5f5_JM6Q&cookie_enabled=1&bc=31&abxe=1&lmt=1588026539&dt=1588170323960&dlt=1588170318764&idt=1623&frm=20&biw=1600&bih=1200&oid=3&adxs=1082&adys=1821&adks=523518761&ucis=a&ifi=5&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ffake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing%2F&dssz=58&icsg=140738193031168&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=306x250&msz=306x250&psts=AKB7eCKb6wBH1krBZrotUPYKOyle3fNvucOYRpdfy_FQLL19zWTyNaZcgEgD-QBm36u7t-b2MJGaGGzRt4SF&ga_vid=561706886.1588170320&ga_sid=1588170320&ga_hid=96519575&fws=516&ohw=1600

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

cafe /

Resource Hash

f5dd2e8a0299db5af82928d2c212d6455c3092b481be1d44b13b092d0ec19421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 10890
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 0E46
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

48ms
42ms

Image
text/html

2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

date: Wed, 29 Apr 2020 14:25:23 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 246
x-xss-protection: 0

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 6BA4 20 B
320 B 187ms
55ms XHR
application/json 34.251.232.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=05dcf658-c5bc-4fae-9fd8-a683fe84c965-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d96b83eb.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.232.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-232-240.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 29 Apr 2020 14:25:24 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 10103533927608154387
tpc.googlesyndication.com/simgad/ Frame 448B 86 KB
86 KB 8ms
7ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10103533927608154387?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkdVSPLg9RTljrNm7ZN_B6XYNyqUg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

879050e160fbacb2e07fa03c7cd2425c293362a0a47c961bb1d6721e7c1ac3c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 01 Apr 2020 21:38:51 GMT
x-content-type-options: nosniff
last-modified: Wed, 04 Mar 2020 21:46:23 GMT
server: sffe
age: 2393193
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 87892
x-xss-protection: 0
expires: Thu, 01 Apr 2021 21:38:51 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 448B 2 KB
3 KB 13ms
13ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Apr 2020 23:33:53 GMT
x-content-type-options: nosniff
server: cafe
age: 53491
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Wed, 29 Apr 2020 23:33:53 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 448B 295 B
360 B 8ms
8ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Apr 2020 21:53:20 GMT
x-content-type-options: nosniff
server: cafe
age: 59524
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Wed, 29 Apr 2020 21:53:20 GMT

GET
H2 200 10103533927608154387
tpc.googlesyndication.com/simgad/ Frame 0EC1 86 KB
86 KB 15ms
15ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10103533927608154387?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkdVSPLg9RTljrNm7ZN_B6XYNyqUg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

879050e160fbacb2e07fa03c7cd2425c293362a0a47c961bb1d6721e7c1ac3c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 01 Apr 2020 21:38:51 GMT
x-content-type-options: nosniff
last-modified: Wed, 04 Mar 2020 21:46:23 GMT
server: sffe
age: 2393193
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 87892
x-xss-protection: 0
expires: Thu, 01 Apr 2021 21:38:51 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0EC1 2 KB
3 KB 22ms
21ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Apr 2020 23:33:53 GMT
x-content-type-options: nosniff
server: cafe
age: 53491
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Wed, 29 Apr 2020 23:33:53 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0EC1 295 B
355 B 13ms
13ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Apr 2020 21:53:20 GMT
x-content-type-options: nosniff
server: cafe
age: 59524
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Wed, 29 Apr 2020 21:53:20 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/7288279155406672163/ Frame 0E46 16 KB
16 KB 26ms
10ms Image
image/jpeg 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30298486f3d8240f74f86f655398eb300a6074232f01cee83a8e5309d7cf8db4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 04 Apr 2020 08:09:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 10 Dec 2019 20:10:46 GMT
server: sffe
age: 2182546
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 16299
x-xss-protection: 0
expires: Sun, 04 Apr 2021 08:09:38 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/13831666527492377566/ Frame 0E46 19 KB
19 KB 25ms
9ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

807f4b1d0cdcef9efbc803a7ace004a355fa402cf85f24619427e402ad16c982

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 16 Apr 2020 22:45:40 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Nov 2019 21:17:48 GMT
server: sffe
age: 1093184
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 19361
x-xss-protection: 0
expires: Fri, 16 Apr 2021 22:45:40 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0E46 2 KB
3 KB 21ms
7ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Apr 2020 23:33:53 GMT
x-content-type-options: nosniff
server: cafe
age: 53491
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Wed, 29 Apr 2020 23:33:53 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0E46 295 B
355 B 18ms
16ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Apr 2020 21:53:20 GMT
x-content-type-options: nosniff
server: cafe
age: 59524
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Wed, 29 Apr 2020 21:53:20 GMT

GET
H2 200 native_v1.0.1624-0-gff057b5.js Show response
video.unrulymedia.com/native/ Frame C221 57 KB
57 KB 40ms
31ms Script
application/javascript 143.204.212.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://video.unrulymedia.com/native/native_v1.0.1624-0-gff057b5.js
Requested by: Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/native-loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.212.226 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-212-226.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5fb477ff5920d74e463f44978ed19395ae623226d0c9203687e9a8a4eda55567

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
Origin: https://www.bleepingcomputer.com

Response headers

date: Sun, 26 Apr 2020 17:19:22 GMT
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 248763
x-cache: Hit from cloudfront
status: 200
content-length: 58003
x-amz-expiration: expiry-date="Fri, 23 Apr 2027 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified: Thu, 23 Apr 2020 17:13:56 GMT
server: AmazonS3
etag: "6a7fc16b925e3e37cdbabb945b4fc55d"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET
content-type: application/javascript
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: max-age=63072000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: 52j3hS-zucoWWwgEjooq2c-cm0hjZ2vhYijFF6gD2ReKUHz2Z_75pw==

POST
H/1.1 200
OK c Show response
c.pub.network/ 36 B
344 B 136ms
131ms XHR
text/plain 35.226.36.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/c
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.226.36.58 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.36.226.35.bc.googleusercontent.com
Software: /
Resource Hash: 95c5fbe1b28dbd131e5b9261db983f584d975fe3b215df3cf48f6da775747f82

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Wed, 29 Apr 2020 14:25:24 GMT
Access-Control-Allow-Credentials: true
Content-Length: 36
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain;charset=utf-8

POST
H/1.1 200
OK i Show response
vid-io-dub.springserve.com/vd/ Frame 6BA4 0
217 B 145ms
34ms XHR
text/plain 52.17.64.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io-dub.springserve.com/vd/i?suuid=05dcf658&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d96b83eb.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.64.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-64-209.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Wed, 29 Apr 2020 14:25:24 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 skin-1101818.json Show response
video.unrulymedia.com/native/skins/ Frame C221 347 B
950 B 34ms
34ms XHR
application/json 143.204.212.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://video.unrulymedia.com/native/skins/skin-1101818.json
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.212.226 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-212-226.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ffd88402bd7da213453634115d1872431f2ff6132e2a7c6aa38644606b3de809

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:07:58 GMT
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 1047
x-cache: Hit from cloudfront
status: 200
content-length: 347
x-amz-expiration: expiry-date="Tue, 27 Apr 2027 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified: Mon, 27 Apr 2020 21:01:27 GMT
server: AmazonS3
etag: "09362ea19ef8bf59029394bda9399b2f"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: max-age=3600
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: ApbaKp5o1mE9HUufowxfA0Nr7u8AA8jHhTSK_ZClgFBWojqhuO4SCQ==

GET
H2 200 third-party-iframes.html
video.unrulymedia.com/iframes/ Frame 76CE 0
0 32ms
32ms Document
text/html 143.204.212.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://video.unrulymedia.com/iframes/third-party-iframes.html?h=v1.0.1624-0-gff057b5&siteId=1101818
Requested by: Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/native_v1.0.1624-0-gff057b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.212.226 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-212-226.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: video.unrulymedia.com
:scheme: https
:path: /iframes/third-party-iframes.html?h=v1.0.1624-0-gff057b5&siteId=1101818
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/

Response headers

status: 200
content-type: text/html
content-length: 466
date: Wed, 29 Apr 2020 14:23:47 GMT
last-modified: Wed, 29 Apr 2020 14:09:27 GMT
x-amz-expiration: expiry-date="Thu, 29 Apr 2027 00:00:00 GMT", rule-id="Delete after 7 years"
etag: "bc8a3be718d4ed184febaf79e7856e0c"
cache-control: max-age=600
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: Kx74ZpOe4goV6HREY1IE0R3yMQFU4ysO4JIRhlUufdwDM5-c-vZloQ==
age: 98

GET
H2 200 chunk-vendors~populatePlacement-2084315d3ad5dab2be56.js Show response
video.unrulymedia.com/native/chunks/ Frame C221 111 KB
30 KB 39ms
38ms Script
application/javascript 143.204.212.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://video.unrulymedia.com/native/chunks/chunk-vendors~populatePlacement-2084315d3ad5dab2be56.js
Requested by: Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/native_v1.0.1624-0-gff057b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.212.226 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-212-226.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fa7998903339f4a860d696c2be9494f9c14f2abcf35f8485b2a5c7b4381a0bd6

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
Origin: https://www.bleepingcomputer.com

Response headers

date: Tue, 28 Apr 2020 20:32:27 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 64378
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: https://www.bleepingcomputer.com
x-amz-expiration: expiry-date="Wed, 28 Apr 2027 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified: Tue, 28 Apr 2020 16:45:00 GMT
server: AmazonS3
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET
content-type: application/javascript
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
cache-control: max-age=63072000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: OZ3bZ5J9yKGzeNU01wJX00XwAdjyYAZ5Hm3iYw9Ey8nfxxJkj7DLrQ==

GET
H2 200 chunk-populatePlacement-32c81eea619c9b9063e2.js Show response
video.unrulymedia.com/native/chunks/ Frame C221 80 KB
22 KB 34ms
34ms Script
application/javascript 143.204.212.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://video.unrulymedia.com/native/chunks/chunk-populatePlacement-32c81eea619c9b9063e2.js
Requested by: Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/native_v1.0.1624-0-gff057b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.212.226 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-212-226.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 28ce7322dd335d527e11cb097f03052cd7f1599be3a696dde171721b2e69ca2e

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
Origin: https://www.bleepingcomputer.com

Response headers

date: Tue, 28 Apr 2020 20:32:27 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 64378
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: https://www.bleepingcomputer.com
x-amz-expiration: expiry-date="Sat, 24 Apr 2027 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified: Fri, 24 Apr 2020 14:28:34 GMT
server: AmazonS3
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET
content-type: application/javascript
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
cache-control: max-age=63072000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: IZpXIi9kAxRnPVttxLDEjmmtLdB3fYEF0M_XJdPOLBTsXr5Mplm_nQ==

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 0885 2 KB
1 KB 59ms
53ms XHR
application/xml 52.50.72.216
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/8624/connatix.playspace.dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.72.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-72-216.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: df8186e6600c5303b0935356187c84dc601a62dc332bb23f728771e9dc04c979

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 29 Apr 2020 14:25:24 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 955

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/032004071640410/ Frame 19B8 201 KB
55 KB 25ms
23ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032004071640410/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17e29cfb9c11ac8521b5deec1592ecd22919463c1b7436e86facb637fb1c06a3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.bleepingcomputer.com/
Origin: https://www.bleepingcomputer.com

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 190097
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 56035
x-xss-protection: 0
server: sffe
date: Mon, 27 Apr 2020 09:37:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "e11d51f2d5d78cb7"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Apr 2021 09:37:07 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/032004071640410/ Frame 19B8 201 KB
55 KB 37ms
35ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032004071640410/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17e29cfb9c11ac8521b5deec1592ecd22919463c1b7436e86facb637fb1c06a3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 190097
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 56035
x-xss-protection: 0
server: sffe
date: Mon, 27 Apr 2020 09:37:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "e11d51f2d5d78cb7"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Apr 2021 09:37:07 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/032004071640410/v0/ Frame 19B8 16 KB
6 KB 27ms
25ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032004071640410/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a729df0f6435cd25e9ca002e7e4d7f6fd64193d07bd5b9798f13f57ee87b6f7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 190096
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5891
x-xss-protection: 0
server: sffe
date: Mon, 27 Apr 2020 09:37:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9842abddb9da2610"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Apr 2021 09:37:08 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/032004071640410/v0/ Frame 19B8 93 KB
28 KB 56ms
54ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032004071640410/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f6d48af065ccaf916673bdf0810e78ed805f08e4c0e50c45d14a6cb5d0f6ea5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 190093
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28521
x-xss-protection: 0
server: sffe
date: Mon, 27 Apr 2020 09:37:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8819c4e7488d2a57"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Apr 2021 09:37:11 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/032004071640410/v0/ Frame 19B8 4 KB
2 KB 46ms
44ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032004071640410/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09dbbbfe478c3209aa304df78e72f42265ce0d89c1ea016a6769202f5d810673

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 190094
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1632
x-xss-protection: 0
server: sffe
date: Mon, 27 Apr 2020 09:37:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "7fb57c3a7786d59d"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Apr 2021 09:37:10 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/032004071640410/v0/ Frame 19B8 47 KB
15 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032004071640410/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ae29c160b1366a1875a245e7da998f7c8fd1660f1eaa3e93646518598842517

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 190101
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 14938
x-xss-protection: 0
server: sffe
date: Mon, 27 Apr 2020 09:37:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0f7f430dfda1a4b7"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Apr 2021 09:37:03 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 19B8 5 KB
718 B 40ms
39ms Stylesheet
text/css 2a00:1450:4001:815::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4a7b4babd8d76af2ddc0840bda733cd5a0b409895bb74d5302ff1155c9b32bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 29 Apr 2020 14:25:24 GMT
server: ESF
date: Wed, 29 Apr 2020 14:25:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 29 Apr 2020 14:25:24 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 19B8 5 KB
764 B 39ms
38ms Stylesheet
text/css 2a00:1450:4001:815::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&text=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4a7b4babd8d76af2ddc0840bda733cd5a0b409895bb74d5302ff1155c9b32bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 29 Apr 2020 14:25:24 GMT
server: ESF
date: Wed, 29 Apr 2020 14:25:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 29 Apr 2020 14:25:24 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 19B8 2 KB
3 KB 34ms
33ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Apr 2020 23:33:53 GMT
x-content-type-options: nosniff
server: cafe
age: 53491
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Wed, 29 Apr 2020 23:33:53 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 19B8 295 B
355 B 35ms
34ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Apr 2020 21:53:20 GMT
x-content-type-options: nosniff
server: cafe
age: 59524
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Wed, 29 Apr 2020 21:53:20 GMT

GET
DATA 200
OK truncated
/ Frame 19B8 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee7486874253005effe4bb853d1e5bf0590b9f39de777fae6e1544ec80101011

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 16119323249321497912
tpc.googlesyndication.com/daca_images/simgad/ Frame 19B8 57 KB
57 KB 67ms
15ms Image
image/jpeg 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/16119323249321497912

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05c80178f620df7acb7f0556ab056db5a05c44c37047fbcdcdd87976173f507c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 28 Mar 2020 03:30:40 GMT
x-content-type-options: nosniff
age: 2804084
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 58500
x-xss-protection: 0
last-modified: Sat, 25 Jun 2016 00:40:21 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Mar 2021 03:30:40 GMT

GET
H2 200 40933678460698624
tpc.googlesyndication.com/simgad/ Frame 19B8 1 KB
880 B 60ms
8ms Image
image/svg+xml 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/40933678460698624

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09fba596f1ba572cf4b3ceb9c1f3962d1b75bbb4a6d6d7707f1f93e2fe889aee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 15:40:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 773083
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 728
x-xss-protection: 0
last-modified: Thu, 26 Oct 2017 18:18:20 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Apr 2021 15:40:41 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 19B8 0
0 106ms
54ms Image
text/html 172.217.22.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CfjkUVI6pXvvYDZP0gAf4iap47KPcrVzn_quk2Aa2uNfUiw4QASDa18U5YJGEgICMGKABvoCEnAPIAQHgAgCoAwHIAwqqBMwCT9C_ZRqqgAf_-fL0t0fByR42zJ4jKkWRzYVvEQykGP-qOtRxbxk1WkbidKRADKGBFgwHSEm9Mi5yfJKGjJNDjVu3to9Y-1d_lbKW0oXJLGSCFlMWuGWSnX1Pn--wH0ArL5-GLgicwxgf6FEo_SJQ48cPpdXW9ABYyGtYIjzpb90bIkM7TOJktRjI7coztiQz5pAwWtxD7T5YbuIbrBh3T1fZH-bgblOquYXEEMG00rduye3g6lT2AHyo9pQA2uJZ7pHPJ36f8zTMfDheoP70fG_WDcViaLdcQ6BAk6uuoFgV2q55ysQNkl8Cb_jNZm8AcMan-TeEE57aU_ZV_sFSxmnN5Pn7muBAU2G5406Wt69CRgg6wKxPq68W4zT2VumoUU6JP1Of2OVGidvHI1-LvnFTqFTNdrbE8nA5ySqETl_vV5cz5btinfleP7XABI3im9q5AeAEAZIFBAgEGAGSBQQIBRgEoAZRgAeq__tjqAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcB8gcEEKbZAtIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tMTc0MjI0OTYwMzI4OTA4M4AKA8gLAdgTDQ&sigh=tIxu54AaD5c&tpd=AGWhJmvI0X7RHeXasdSX46QV7GhP9yV96CZBdf_sDsv2h-53rg
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.22.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s17-in-f66.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H/1.1 200
OK blank.gif
stats3.unrulymedia.com/ Frame C221 43 B
346 B 64ms
50ms Image
image/gif 34.243.121.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats3.unrulymedia.com/blank.gif?t=pp_adcall&site.page=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ffake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing%2F&site.domain=www.bleepingcomputer.com&placementName=bleepingcomputer.com%20-%20In-Article&adf=inarticle&imp%5B0%5D.placement=3&supplyMode=direct&app=native&pid=1101818&isMobile=false&pageLoadId=595357877&unr.site.env=html&ts=2020-04-29T14%253A25%253A24.492-%252B02%253A00&perf_consent_start=1588170324267&perf_corejs_start=1588170323473&perf_corejs_end=1588170324268&perf_skin_start=1588170324269&perf_skin_end=1588170324313&perf_adAge_start=1588170324489&id=431559959&d=1588170324492&h=v1.0.1624-0-gff057b5
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 34.243.121.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-121-135.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.2 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 29 Apr 2020 14:25:24 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.4.2
X-Unruly-Server: stats3n-eu-074.unrulymedia.com
P3P: CP="CUR IVDo OUR IND"
Cache-Control: no-store,no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43

GET
H2 204 2.2
targeting.unrulymedia.com/openrtb/ Frame C221 0
0 148ms
68ms Fetch 99.80.176.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/openrtb/2.2?uuid=2e4df11b-0c63-4b2b-88bf-2b5b7002021d&site.page=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ffake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing%2F&site.domain=www.bleepingcomputer.com&video_width=640&video_height=360&allowDisplay=false&imp%5B0%5D.placement=3&unr.site.env=html&h=v1.0.1624-0-gff057b5
Requested by: Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/chunks/chunk-populatePlacement-32c81eea619c9b9063e2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.176.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-176-210.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
date: Wed, 29 Apr 2020 14:25:24 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
x-unruly-server: c7-unrulyx-eu-1a034b.unrulymedia.com
p3p: CP="CUR IVDo OUR IND"

GET
H2 200 vpaid_d96b83eb.js Show response
vpaid.springserve.com/production/ Frame 0E53 459 KB
101 KB 21ms
20ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_d96b83eb.js
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/8624/connatix.playspace.dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9d864244e6595f136525dc301a9c77ad013081464dc19620cd9689e9368af400

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:24 GMT
content-encoding: gzip
last-modified: Fri, 24 Apr 2020 13:14:26 GMT
server: AmazonS3
x-amz-request-id: 8DD217480A77F694
etag: "fe36ff83044b1fa8ebda59f1f26d2cb0"
x-hw: 1588170324.dop146.am5.t,1588170324.cds220.am5.hn,1588170324.cds150.am5.c
content-type: application/javascript
status: 200
cache-control: max-age=2193608
accept-ranges: bytes
access-control-allow-origin: *
content-length: 103484
x-amz-id-2: toHjG5tybvGNpZ4K24eG2J3AfY0/7Z9RH0GiX97kgPnlBMi2k6RLEigXNbgNheR+Df9BZhgAfbk=

POST
H/1.1 200
OK c Show response
c.pub.network/ 36 B
344 B 127ms
126ms XHR
text/plain 35.226.36.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/c
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.226.36.58 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.36.226.35.bc.googleusercontent.com
Software: /
Resource Hash: 95c5fbe1b28dbd131e5b9261db983f584d975fe3b215df3cf48f6da775747f82

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Wed, 29 Apr 2020 14:25:24 GMT
Access-Control-Allow-Credentials: true
Content-Length: 36
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain;charset=utf-8

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 19B8 11 KB
11 KB 9ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en
Origin: https://www.bleepingcomputer.com

Response headers

date: Tue, 14 Apr 2020 23:26:59 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 1263505
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Wed, 14 Apr 2021 23:26:59 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 19B8 11 KB
11 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en
Origin: https://www.bleepingcomputer.com

Response headers

date: Sat, 28 Mar 2020 09:35:40 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 2782184
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Sun, 28 Mar 2021 09:35:40 GMT

GET
H/1.1 200
OK blank.gif
stats3.unrulymedia.com/ Frame C221 43 B
346 B 48ms
47ms Image
image/gif 34.243.121.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats3.unrulymedia.com/blank.gif?t=no_ads&placementName=bleepingcomputer.com%20-%20In-Article&adf=inarticle&imp%5B0%5D.placement=3&supplyMode=direct&message=Empty%20VAST%20Response&app=native&pid=1101818&isMobile=false&pageLoadId=595357877&unr.site.env=html&ts=2020-04-29T14%253A25%253A24.702-%252B02%253A00&perf_consent_start=1588170324267&perf_corejs_start=1588170323473&perf_corejs_end=1588170324268&perf_skin_start=1588170324269&perf_skin_end=1588170324313&perf_adAge_start=1588170324489&perf_vast_0_start=1588170324496&id=431559959&d=1588170324702&h=v1.0.1624-0-gff057b5
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 34.243.121.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-121-135.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.2 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 29 Apr 2020 14:25:24 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.4.2
X-Unruly-Server: stats3n-eu-074.unrulymedia.com
P3P: CP="CUR IVDo OUR IND"
Cache-Control: no-store,no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 0E53 29 KB
8 KB 42ms
41ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d96b83eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 28 Apr 2020 21:36:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60515
status: 200
vary: Accept-Encoding
x-amz-request-id: 353C71F4947574BC
x-amz-id-2: MA9iD59JI7udB3VVxs8p6ADl9aAAw09h6Rx5HWWo3ZdOcAlgZTgDIo6UpnbpJTsP7VoD2geXdxE=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
content-length: 7868
content-type: application/javascript

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 19B8
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

40ms
39ms

Image
text/html

2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

date: Wed, 29 Apr 2020 14:25:24 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 246
x-xss-protection: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 0E53 160 B
1019 B 25ms
24ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d96b83eb.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

81181a7353c55a00a6c9d91b38dcc1a7d13c2e3ee1f7f46927adc312a4ddfe9f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 29 Apr 2020 14:25:26 GMT
X-Proxy-Origin: 185.217.171.12; 185.217.171.12; 692.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.167:80
AN-X-Request-Uuid: fecfd036-9599-473f-8ba6-73aacb319817
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 0E53 0
66 B 54ms
50ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d96b83eb.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Wed, 29 Apr 2020 14:25:24 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com

POST 24
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 0E53 0
0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 0E53 160 B
1018 B 50ms
49ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d96b83eb.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

18c790de36642529c36bac57e46862c5e6f6139a4670c3aebf6c1eeaeef60e00

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 29 Apr 2020 14:25:26 GMT
X-Proxy-Origin: 185.217.171.12; 185.217.171.12; 692.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.42:80
AN-X-Request-Uuid: 5a62dcd3-3bfd-4c13-88f5-bb82d1857188
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 204
No Content / Show response
hb.emxdgt.com/ Frame 0E53 0
316 B 31ms
30ms XHR
text/html 18.196.104.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=&ts=1588170324761&src=pbjs
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d96b83eb.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.104.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-104-43.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 29 Apr 2020 14:25:24 GMT
Content-Type: text/html
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Access-Control-Allow-Headers: security, Content-Type
Content-Length: 0

GET
H2 200 16119323249321497912
tpc.googlesyndication.com/daca_images/simgad/ Frame 19B8 57 KB
57 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/16119323249321497912

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032004071640410/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05c80178f620df7acb7f0556ab056db5a05c44c37047fbcdcdd87976173f507c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 28 Mar 2020 03:30:40 GMT
x-content-type-options: nosniff
age: 2804084
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 58500
x-xss-protection: 0
last-modified: Sat, 25 Jun 2016 00:40:21 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Mar 2021 03:30:40 GMT

GET
H2 200 40933678460698624
tpc.googlesyndication.com/simgad/ Frame 19B8 1 KB
794 B 23ms
15ms Image
image/svg+xml 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/40933678460698624

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032004071640410/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09fba596f1ba572cf4b3ceb9c1f3962d1b75bbb4a6d6d7707f1f93e2fe889aee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 15:40:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 773083
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 728
x-xss-protection: 0
last-modified: Thu, 26 Oct 2017 18:18:20 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Apr 2021 15:40:41 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 19B8 2 KB
3 KB 22ms
14ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032004071640410/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Apr 2020 23:33:53 GMT
x-content-type-options: nosniff
server: cafe
age: 53491
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Wed, 29 Apr 2020 23:33:53 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 19B8 295 B
356 B 23ms
15ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032004071640410/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Apr 2020 21:53:20 GMT
x-content-type-options: nosniff
server: cafe
age: 59524
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Wed, 29 Apr 2020 21:53:20 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 0E53 20 B
320 B 54ms
54ms XHR
application/json 34.251.232.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=54ae7c2f-d826-4798-84fe-6d86f6400d46-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d96b83eb.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.232.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-232-240.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 29 Apr 2020 14:25:24 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io-dub.springserve.com/vd/ Frame 0E53 0
217 B 35ms
35ms XHR
text/plain 52.17.64.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io-dub.springserve.com/vd/i?suuid=54ae7c2f&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d96b83eb.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.64.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-64-209.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Wed, 29 Apr 2020 14:25:24 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 0885 2 KB
1 KB 34ms
34ms XHR
application/xml 52.50.72.216
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/8624/connatix.playspace.dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.72.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-72-216.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1263ee6e7bf81591d8d47c530ddb72e5fae762ae7c5ddd3e913665b9d6fd461b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 29 Apr 2020 14:25:24 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 949

GET
H2 200 vpaid_d96b83eb.js Show response
vpaid.springserve.com/production/ Frame 6D6A 459 KB
101 KB 17ms
16ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_d96b83eb.js
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/8624/connatix.playspace.dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9d864244e6595f136525dc301a9c77ad013081464dc19620cd9689e9368af400

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:24 GMT
content-encoding: gzip
last-modified: Fri, 24 Apr 2020 13:14:26 GMT
server: AmazonS3
x-amz-request-id: 8DD217480A77F694
etag: "fe36ff83044b1fa8ebda59f1f26d2cb0"
x-hw: 1588170324.dop146.am5.t,1588170324.cds220.am5.hn,1588170324.cds150.am5.c
content-type: application/javascript
status: 200
cache-control: max-age=2193608
accept-ranges: bytes
access-control-allow-origin: *
content-length: 103484
x-amz-id-2: toHjG5tybvGNpZ4K24eG2J3AfY0/7Z9RH0GiX97kgPnlBMi2k6RLEigXNbgNheR+Df9BZhgAfbk=

POST
H/1.1 200
OK c Show response
c.pub.network/ 36 B
344 B 116ms
116ms XHR
text/plain 35.226.36.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/c
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.226.36.58 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.36.226.35.bc.googleusercontent.com
Software: /
Resource Hash: 95c5fbe1b28dbd131e5b9261db983f584d975fe3b215df3cf48f6da775747f82

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Wed, 29 Apr 2020 14:25:25 GMT
Access-Control-Allow-Credentials: true
Content-Length: 36
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain;charset=utf-8

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 0E46 42 B
115 B 43ms
42ms Image
image/gif 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstU3_IdXgwlW4PFLVzllgrx5VJvnyjJn5HJ-acejumdA1HNjJjWtobKSF6GyQHvIrXNVMW5WAZHyqSp77F-EvCvCssb6u2L17la1oIOGKC0wwA9_iCcUBHOY6GyNQ&sai=AMfl-YRu8TTWY5d4OCAEwK9zImbFRXCxXpNfNWf2MRC3ulUZIpGD1J2gvzhSX0E81WHkjcxZYBpKJhVZp3DU4tbx7I5PDAN4XsokyxuVxkN-wca7plDXHU5K3rgJbYw&sig=Cg0ArKJSzMZH_tJogEzUEAE&cid=CAASF-RoywGV_JQjW2GhYTH0OJ1-5xe_4vPC&id=ampim&o=1082,487&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=444&tls=1444&g=100&h=100&tt=1444&r=v&avms=ampa&adk=771041174

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Apr 2020 14:25:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 448B 42 B
110 B 45ms
44ms Image
image/gif 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsupkl6dHb9d1e5xzggr8N6t0Uf7GgOfDFkWk-3mDhjs0eFtxgwfeqWTEIrvKFncfWB1J0jBmWxAQhtS5tUIbp0-klK3tbxduWdjXp2ISopzr6eu-cXpT8dMQSEvNg&sai=AMfl-YR5zd19xZveo9BquOMmyFvVG6rLczs9kUE-KrJERBCz2Jcvk5iX9P6X9fqHoZyjZXC7CGydS-D9vqgQnTQwmQxpbgTC1sud0upmEwh1K_8UpxyaYb9ZwvgAv-k&sig=Cg0ArKJSzCx7BYZzIKKjEAE&cid=CAASF-Ror7lxVhaF-AuW4F_O8ZFHdPgytMfU&id=ampim&o=315,146&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1028&mtos=0,0,0,1028,1028&tos=0,0,0,1028,0&tfs=668&tls=1696&g=100&h=100&tt=1696&r=v&avms=ampa&adk=960084856

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Apr 2020 14:25:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 6D6A 29 KB
8 KB 19ms
19ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d96b83eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 28 Apr 2020 21:36:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60516
status: 200
vary: Accept-Encoding
x-amz-request-id: 353C71F4947574BC
x-amz-id-2: MA9iD59JI7udB3VVxs8p6ADl9aAAw09h6Rx5HWWo3ZdOcAlgZTgDIo6UpnbpJTsP7VoD2geXdxE=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
content-length: 7868
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 6D6A 159 B
1017 B 36ms
35ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d96b83eb.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

1ab38d897fcfc2ea737505b0a53d3e1e061605a24204e87e4fac0b91067dd478

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 29 Apr 2020 14:25:27 GMT
X-Proxy-Origin: 185.217.171.12; 185.217.171.12; 692.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.45:80
AN-X-Request-Uuid: d3523602-fba7-4676-aa50-d77a7daf313c
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 159
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 6D6A 0
66 B 56ms
54ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d96b83eb.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Wed, 29 Apr 2020 14:25:25 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com

POST 24
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 6D6A 0
0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 6D6A 160 B
1018 B 26ms
25ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d96b83eb.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

558ff22f76012c6572aa5c8c3eff709f9514628c422f3beddd46e0b45984befb

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 29 Apr 2020 14:25:27 GMT
X-Proxy-Origin: 185.217.171.12; 185.217.171.12; 692.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.43:80
AN-X-Request-Uuid: b0b362a8-9358-4441-9671-50fc45890d6f
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 204
No Content / Show response
hb.emxdgt.com/ Frame 6D6A 0
316 B 35ms
35ms XHR
text/html 18.196.104.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=&ts=1588170325511&src=pbjs
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d96b83eb.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.104.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-104-43.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 29 Apr 2020 14:25:24 GMT
Content-Type: text/html
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Access-Control-Allow-Headers: security, Content-Type
Content-Length: 0

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 6D6A 20 B
320 B 52ms
52ms XHR
application/json 34.251.232.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=65a00dff-d57f-4c56-bfdb-7872c633db0a-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d96b83eb.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.232.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-232-240.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 29 Apr 2020 14:25:25 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io-dub.springserve.com/vd/ Frame 6D6A 0
217 B 37ms
37ms XHR
text/plain 52.17.64.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io-dub.springserve.com/vd/i?suuid=65a00dff&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d96b83eb.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.64.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-64-209.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Wed, 29 Apr 2020 14:25:25 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200
OK abt Show response
capi.connatix.com/tr/ Frame 0885 0
250 B 126ms
125ms XHR
text/plain 3.132.109.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/abt
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/8624/connatix.playspace.dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.132.109.30 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-132-109-30.us-east-2.compute.amazonaws.com
Software: openresty/1.15.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 29 Apr 2020 14:25:26 GMT
Content-Encoding: br
Server: openresty/1.15.8.2
Vary: Accept-Encoding
Content-Type: text/plain
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 0153763f-6d7c-46e0-a22f-8f136b58ad91.jpg
img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/ 41 KB
41 KB 34ms
31ms Image
image/webp 151.101.14.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/0153763f-6d7c-46e0-a22f-8f136b58ad91.jpg?crop=834:469,smart&width=834&height=469&fit=crop
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7eb262bf675543a120221bbdd8dd8135c414214db1c48b8cead8014947e9000b

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:27 GMT
via: 1.1 varnish, 1.1 varnish
age: 16915
x-cache: HIT, HIT
fastly-io-info: ifsz=88449 idim=1280x427 ifmt=jpeg ofsz=42012 odim=759x427 ofmt=webp
status: 200
fastly-stats: io=1
content-length: 42012
x-served-by: cache-dca17780-DCA, cache-fra19155-FRA
x-timer: S1588170328.506873,VS0,VE1
etag: "dB+ku8OoHEgOOcA/E4odSSsne4JmPL5pqLIzGvgAUuU"
vary: Accept
x-amz-request-id: C9C2E27E236BBEFB
access-control-allow-origin: *
cache-control: max-age=31557600
accept-ranges: bytes
content-type: image/webp
x-cache-hits: 1, 1

GET
H2 200 0b9005f5-34e2-4a69-875a-04b4bb69123e.jpg
img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/ 41 KB
41 KB 39ms
39ms Image
image/webp 151.101.14.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/0b9005f5-34e2-4a69-875a-04b4bb69123e.jpg?crop=834:541,smart&width=834&height=541&fit=crop
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: af1d66f930ec3a48d53916d3b040ad09163783f5ddc3158e37804461ae10065f

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:27 GMT
via: 1.1 varnish, 1.1 varnish
age: 16915
x-cache: HIT, HIT
fastly-io-info: ifsz=126650 idim=1280x450 ifmt=jpeg ofsz=41478 odim=694x450 ofmt=webp
status: 200
fastly-stats: io=1
content-length: 41478
x-served-by: cache-dca17752-DCA, cache-fra19155-FRA
x-timer: S1588170328.875439,VS0,VE2
etag: "wJcK6i2naMGJnraMw6RCTCXEBRDiSu7YU09v00/Kgps"
vary: Accept
x-amz-request-id: 98E46B4428712698
access-control-allow-origin: *
cache-control: max-age=31557600
accept-ranges: bytes
content-type: image/webp
x-cache-hits: 1, 1

POST
H/1.1 200
OK st Show response
capi.connatix.com/tr/ Frame 0885 0
250 B 124ms
124ms XHR
text/plain 3.132.109.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/st
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/8624/connatix.playspace.dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.132.109.30 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-132-109-30.us-east-2.compute.amazonaws.com
Software: openresty/1.15.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 29 Apr 2020 14:25:27 GMT
Content-Encoding: br
Server: openresty/1.15.8.2
Vary: Accept-Encoding
Content-Type: text/plain
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 204 index.html
cdn.districtm.io/ids/ Frame 4239 0
0 38ms
36ms Document
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html?ccpa=1---
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: cdn.districtm.io
:scheme: https
:path: /ids/index.html?ccpa=1---
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/

Response headers

status: 204
date: Wed, 29 Apr 2020 14:25:28 GMT
set-cookie: __cfduid=d2969f4118eeb4359e8b9ac55852afed11588170328; expires=Fri, 29-May-20 14:25:28 GMT; path=/; domain=.districtm.io; HttpOnly; SameSite=Lax
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: GET, HEAD, POST, OPTIONS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 58b9b14a3f60d925-AMS
cf-request-id: 0267ed22670000d925c1a95200000001

GET
H2

200

pd
eu-u.openx.net/w/1.0/ Frame 7406
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1&us_privacy=1---
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1&us_privacy=1---

0
0

61ms
55ms

Document
text/html

34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1&us_privacy=1---
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.184.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1&us_privacy=1---
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=493aba1e-6ba2-071a-1b2d-65c9d6aa4636|1588170328
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=493aba1e-6ba2-071a-1b2d-65c9d6aa4636|1588170328; Version=1; Expires=Thu, 29-Apr-2021 14:25:28 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1588170328|mOsLgqgikin0fcmWiygu; Version=1; Expires=Thu, 14-May-2020 14:25:28 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.184.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 29 Apr 2020 14:25:28 GMT
content-type: text/html
content-length: 482
content-encoding: gzip
via: 1.1 google
alt-svc: clear

Redirect headers

status: 302
set-cookie: i=493aba1e-6ba2-071a-1b2d-65c9d6aa4636|1588170328; Version=1; Expires=Thu, 29-Apr-2021 14:25:28 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.184.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1&us_privacy=1---
date: Wed, 29 Apr 2020 14:25:28 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H2 204 index.html
cdn.districtm.io/ids/ Frame 47FD 0
0 20ms
20ms Document
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html?ccpa=1---
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: cdn.districtm.io
:scheme: https
:path: /ids/index.html?ccpa=1---
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/

Response headers

status: 204
date: Wed, 29 Apr 2020 14:25:28 GMT
set-cookie: __cfduid=d2969f4118eeb4359e8b9ac55852afed11588170328; expires=Fri, 29-May-20 14:25:28 GMT; path=/; domain=.districtm.io; HttpOnly; SameSite=Lax
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: GET, HEAD, POST, OPTIONS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 58b9b14a7fecd925-AMS
cf-request-id: 0267ed22870000d925c1a9a200000001

GET
H2 204 index.html
cdn.districtm.io/ids/ Frame 1951 0
0 21ms
21ms Document
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html?ccpa=1---
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: cdn.districtm.io
:scheme: https
:path: /ids/index.html?ccpa=1---
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/

Response headers

status: 204
date: Wed, 29 Apr 2020 14:25:28 GMT
set-cookie: __cfduid=d2969f4118eeb4359e8b9ac55852afed11588170328; expires=Fri, 29-May-20 14:25:28 GMT; path=/; domain=.districtm.io; HttpOnly; SameSite=Lax
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: GET, HEAD, POST, OPTIONS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 58b9b14a8815d925-AMS
cf-request-id: 0267ed22910000d925c1a9c200000001

GET
H2

200

sync
eb2.3lift.com/ Frame 7538
Redirect Chain

https://eb2.3lift.com/sync?us_privacy=1---&
https://eb2.3lift.com/sync?us_privacy=1---&&ld=1

0
0

181ms
70ms

Document
text/html

52.29.181.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.181.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-181-218.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: eb2.3lift.com
:scheme: https
:path: /sync?us_privacy=1---&&ld=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: sync=CgoIgQIQyJbQspwuCgoIoQEQyJbQspwuCgoI4gEQyJbQspwuCgoI5gEQyJbQspwuCgoI1gEQyJbQspwuCgkIOhDIltCynC4KCQgLEMiW0LKcLgoKCM4BEMiW0LKcLgoJCF8QyJbQspwuCgkIHxDIltCynC4=; tluid=6496417337278114875
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/

Response headers

status: 200
date: Wed, 29 Apr 2020 14:25:29 GMT
content-type: text/html; charset=utf-8
content-length: 600
set-cookie: sync=CgoIgQIQyJbQspwuCgoIoQEQyJbQspwuCgoI4gEQyJbQspwuCgoIggIQjJnQspwuCgoI4wEQjJnQspwuCgoI5gEQyJbQspwuCgoI5wEQjJnQspwuCgkICRCMmdCynC4KCQgLEMiW0LKcLgoKCM4BEMiW0LKcLgoKCI4BEIyZ0LKcLgoJCHMQjJnQspwuCgoI1gEQyJbQspwuCgkIORCMmdCynC4KCQg6EMiW0LKcLgoJCBsQjJnQspwuCgoI3gEQjJnQspwuCgkIXxDIltCynC4KCQgfEMiW0LKcLgoJCD8QjJnQspwu; Max-Age=7776000; Expires=Tue, 28 Jul 2020 14:25:29 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=6496417337278114875; Max-Age=7776000; Expires=Tue, 28 Jul 2020 14:25:29 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

Redirect headers

status: 302
date: Wed, 29 Apr 2020 14:25:28 GMT
content-length: 0
set-cookie: tluid=8043613510466602235; Max-Age=7776000; Expires=Tue, 28 Jul 2020 14:25:28 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
location: /sync?us_privacy=1---&&ld=1
cache-control: no-cache, no-store, must-revalidate
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame D036 0
0 141ms
28ms Document
text/html 72.247.225.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.247.225.17 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-225-17.deploy.static.akamaitechnologies.com
Software: nginx/1.9.13 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/

Response headers

Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: "573e714d-3e3"
Server: nginx/1.9.13
Content-Type: text/html
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Thu, 29 Apr 2021 14:25:28 GMT
Date: Wed, 29 Apr 2020 14:25:28 GMT
Connection: keep-alive

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame 6251 0
0 34ms
27ms Document
text/html 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1&us_privacy=1---
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.184.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1&us_privacy=1---
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=493aba1e-6ba2-071a-1b2d-65c9d6aa4636|1588170328; pd=v2|1588170328|mOsLgqgikin0fcmWiygu
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=493aba1e-6ba2-071a-1b2d-65c9d6aa4636|1588170328; Version=1; Expires=Thu, 29-Apr-2021 14:25:28 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1588170328|rsgmkimWfcvmsHqGgqmuiynIsLomgemOgunsn0gi; Version=1; Expires=Thu, 14-May-2020 14:25:28 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.184.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 29 Apr 2020 14:25:28 GMT
content-type: text/html
content-length: 481
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 59E4 0
0 117ms
25ms Document
text/html 72.247.225.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.247.225.17 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-225-17.deploy.static.akamaitechnologies.com
Software: nginx/1.9.13 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/

Response headers

Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: "573e714d-3e3"
Server: nginx/1.9.13
Content-Type: text/html
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Thu, 29 Apr 2021 14:25:28 GMT
Date: Wed, 29 Apr 2020 14:25:28 GMT
Connection: keep-alive

GET
H2 204 index.html
cdn.districtm.io/ids/ Frame 7B7C 0
0 26ms
24ms Document
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html?ccpa=1---
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: cdn.districtm.io
:scheme: https
:path: /ids/index.html?ccpa=1---
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/

Response headers

status: 204
date: Wed, 29 Apr 2020 14:25:28 GMT
set-cookie: __cfduid=d2969f4118eeb4359e8b9ac55852afed11588170328; expires=Fri, 29-May-20 14:25:28 GMT; path=/; domain=.districtm.io; HttpOnly; SameSite=Lax
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: GET, HEAD, POST, OPTIONS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 58b9b14b4a52d925-AMS
cf-request-id: 0267ed23090000d925c1aa6200000001

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 3321 0
0 129ms
26ms Document
text/html 72.247.225.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.247.225.17 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-225-17.deploy.static.akamaitechnologies.com
Software: nginx/1.9.13 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/

Response headers

Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: "573e714d-3e3"
Server: nginx/1.9.13
Content-Type: text/html
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Thu, 29 Apr 2021 14:25:28 GMT
Date: Wed, 29 Apr 2020 14:25:28 GMT
Connection: keep-alive

GET
H2

200

sync
eb2.3lift.com/ Frame 7CAF
Redirect Chain

https://eb2.3lift.com/sync?us_privacy=1---&
https://eb2.3lift.com/sync?us_privacy=1---&&ld=1

0
0

182ms
71ms

Document
text/html

52.29.181.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.181.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-181-218.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: eb2.3lift.com
:scheme: https
:path: /sync?us_privacy=1---&&ld=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: sync=CgoIgQIQyJbQspwuCgoIoQEQyJbQspwuCgoI4gEQyJbQspwuCgoI5gEQyJbQspwuCgoI1gEQyJbQspwuCgkIOhDIltCynC4KCQgLEMiW0LKcLgoKCM4BEMiW0LKcLgoJCF8QyJbQspwuCgkIHxDIltCynC4=; tluid=6496417337278114875
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/

Response headers

status: 200
date: Wed, 29 Apr 2020 14:25:29 GMT
content-type: text/html; charset=utf-8
content-length: 600
set-cookie: sync=CgoIgQIQyJbQspwuCgoIoQEQyJbQspwuCgoI4gEQyJbQspwuCgoIggIQkpnQspwuCgoI4wEQkpnQspwuCgoI5gEQyJbQspwuCgoI5wEQkpnQspwuCgkICRCSmdCynC4KCQgLEMiW0LKcLgoKCM4BEMiW0LKcLgoKCI4BEJKZ0LKcLgoJCHMQkpnQspwuCgoI1gEQyJbQspwuCgkIORCSmdCynC4KCQg6EMiW0LKcLgoJCBsQkpnQspwuCgoI3gEQkpnQspwuCgkIXxDIltCynC4KCQgfEMiW0LKcLgoJCD8QkpnQspwu; Max-Age=7776000; Expires=Tue, 28 Jul 2020 14:25:29 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=6496417337278114875; Max-Age=7776000; Expires=Tue, 28 Jul 2020 14:25:29 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

Redirect headers

status: 302
date: Wed, 29 Apr 2020 14:25:28 GMT
content-length: 0
set-cookie: tluid=6496417337278114875; Max-Age=7776000; Expires=Tue, 28 Jul 2020 14:25:28 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
location: /sync?us_privacy=1---&&ld=1
cache-control: no-cache, no-store, must-revalidate
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame A68B 0
0 554ms
56ms Document
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Thu, 23 Apr 2020 20:31:59 GMT
Content-Encoding: gzip
Content-Length: 9124
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=58689
Expires: Thu, 30 Apr 2020 06:43:38 GMT
Date: Wed, 29 Apr 2020 14:25:29 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame 07C0 0
0 413ms
71ms Document
text/html 72.247.225.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.247.225.32 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-225-32.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/

Response headers

Last-Modified: Tue, 14 Apr 2020 10:27:52 GMT
ETag: "13006b6-a4bb-5a33da6f1a023"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 15243
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=106465
Expires: Thu, 30 Apr 2020 19:59:54 GMT
Date: Wed, 29 Apr 2020 14:25:29 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 sync
eb2.3lift.com/ Frame 9EB6 0
0 34ms
30ms Document
text/html 52.29.181.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?us_privacy=1---&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.181.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-181-218.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: eb2.3lift.com
:scheme: https
:path: /sync?us_privacy=1---&
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: tluid=6496417337278114875
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/

Response headers

status: 200
date: Wed, 29 Apr 2020 14:25:28 GMT
content-type: text/html; charset=utf-8
content-length: 457
set-cookie: sync=CgoIgQIQyJbQspwuCgoIoQEQyJbQspwuCgoI4gEQyJbQspwuCgoI5gEQyJbQspwuCgoI1gEQyJbQspwuCgkIOhDIltCynC4KCQgLEMiW0LKcLgoKCM4BEMiW0LKcLgoJCF8QyJbQspwuCgkIHxDIltCynC4=; Max-Age=7776000; Expires=Tue, 28 Jul 2020 14:25:28 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=6496417337278114875; Max-Age=7776000; Expires=Tue, 28 Jul 2020 14:25:28 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame A348 0
0 102ms
40ms Document
text/html 72.247.225.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.247.225.17 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-225-17.deploy.static.akamaitechnologies.com
Software: nginx/1.9.13 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/

Response headers

Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: "573e714d-3e3"
Server: nginx/1.9.13
Content-Type: text/html
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Thu, 29 Apr 2021 14:25:28 GMT
Date: Wed, 29 Apr 2020 14:25:28 GMT
Connection: keep-alive

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame 8C63 0
0 470ms
50ms Document
text/html 72.247.225.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.247.225.32 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-225-32.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/

Response headers

Last-Modified: Tue, 14 Apr 2020 10:27:52 GMT
ETag: "13006b6-a4bb-5a33da6f1a023"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 15243
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=106465
Expires: Thu, 30 Apr 2020 19:59:54 GMT
Date: Wed, 29 Apr 2020 14:25:29 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame C5D0 0
0 469ms
54ms Document
text/html 72.247.225.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.247.225.32 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-225-32.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/

Response headers

Last-Modified: Tue, 14 Apr 2020 10:27:52 GMT
ETag: "13006b6-a4bb-5a33da6f1a023"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 15243
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=106465
Expires: Thu, 30 Apr 2020 19:59:54 GMT
Date: Wed, 29 Apr 2020 14:25:29 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame 77FB 0
0 36ms
35ms Document
text/html 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1&us_privacy=1---
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.184.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1&us_privacy=1---
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=493aba1e-6ba2-071a-1b2d-65c9d6aa4636|1588170328; pd=v2|1588170328|rsgmkimWfcvmsHqGgqmuiynIsLomgemOgunsn0gi
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=493aba1e-6ba2-071a-1b2d-65c9d6aa4636|1588170328; Version=1; Expires=Thu, 29-Apr-2021 14:25:28 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1588170328|forsj8gmkimWjotufcvmsHtlqGgqvtmuiyfQnIsLiSomgemOgusflEnsn0gi; Version=1; Expires=Thu, 14-May-2020 14:25:28 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.184.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 29 Apr 2020 14:25:28 GMT
content-type: text/html
content-length: 547
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame 3437 0
0 471ms
31ms Document
text/html 72.247.225.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.247.225.32 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-225-32.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/

Response headers

Last-Modified: Tue, 14 Apr 2020 10:27:52 GMT
ETag: "13006b6-a4bb-5a33da6f1a023"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 15243
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=106465
Expires: Thu, 30 Apr 2020 19:59:54 GMT
Date: Wed, 29 Apr 2020 14:25:29 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 sync
eb2.3lift.com/ Frame 07E5 0
0 45ms
45ms Document
text/html 52.29.181.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?us_privacy=1---&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.181.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-181-218.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: eb2.3lift.com
:scheme: https
:path: /sync?us_privacy=1---&
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: sync=CgoIgQIQyJbQspwuCgoIoQEQyJbQspwuCgoI4gEQyJbQspwuCgoI5gEQyJbQspwuCgoI1gEQyJbQspwuCgkIOhDIltCynC4KCQgLEMiW0LKcLgoKCM4BEMiW0LKcLgoJCF8QyJbQspwuCgkIHxDIltCynC4=; tluid=6496417337278114875
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/

Response headers

status: 200
date: Wed, 29 Apr 2020 14:25:29 GMT
content-type: text/html; charset=utf-8
content-length: 600
set-cookie: sync=CgoIgQIQyJbQspwuCgoIoQEQyJbQspwuCgoI4gEQyJbQspwuCgoIggIQ95fQspwuCgoI4wEQ95fQspwuCgoI5gEQyJbQspwuCgoI5wEQ95fQspwuCgkICRD3l9CynC4KCQgLEMiW0LKcLgoKCM4BEMiW0LKcLgoKCI4BEPeX0LKcLgoJCHMQ95fQspwuCgoI1gEQyJbQspwuCgkIORD3l9CynC4KCQg6EMiW0LKcLgoJCBsQ95fQspwuCgoI3gEQ95fQspwuCgkIXxDIltCynC4KCQgfEMiW0LKcLgoJCD8Q95fQspwu; Max-Age=7776000; Expires=Tue, 28 Jul 2020 14:25:29 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=6496417337278114875; Max-Age=7776000; Expires=Tue, 28 Jul 2020 14:25:29 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame D191 0
0 92ms
78ms Document
text/html 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1&us_privacy=1---
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.184.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1&us_privacy=1---
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=493aba1e-6ba2-071a-1b2d-65c9d6aa4636|1588170328; pd=v2|1588170328|forsj8gmkimWjotufcvmsHtlqGgqvtmuiyfQnIsLiSomgemOgusflEnsn0gi
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=493aba1e-6ba2-071a-1b2d-65c9d6aa4636|1588170328; Version=1; Expires=Thu, 29-Apr-2021 14:25:29 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1588170328.1|forsj8gmkimWjotufcvmsHtlqGgqvtmuiyfQnIsLiSomgemOgusflEnsn0gi.gStKrF; Version=1; Expires=Thu, 14-May-2020 14:25:29 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.184.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 29 Apr 2020 14:25:29 GMT
content-type: text/html
content-length: 322
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 a2ed2202-0579-4c3e-8975-2b3401261205.jpg
img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/ 25 KB
25 KB 39ms
39ms Image
image/webp 151.101.14.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/a2ed2202-0579-4c3e-8975-2b3401261205.jpg?crop=834:541,smart&width=834&height=541&fit=crop
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5e772f6a60f7744cc8b9cdb3e8fd162c964f457b1cc3393a1799b8e294c426a3

Request headers

Referer: https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:25:34 GMT
via: 1.1 varnish, 1.1 varnish
age: 16920
x-cache: HIT, HIT
fastly-io-info: ifsz=72118 idim=1280x450 ifmt=jpeg ofsz=25802 odim=694x450 ofmt=webp
status: 200
fastly-stats: io=1
content-length: 25802
x-served-by: cache-dca17764-DCA, cache-fra19155-FRA
x-timer: S1588170334.418110,VS0,VE1
etag: "z5PRYAuEkGFNpSmi9rk/o6w15gDgBGiquQp4TLTokAI"
vary: Accept
x-amz-request-id: B2723111A23AB73C
access-control-allow-origin: *
cache-control: max-age=31557600
accept-ranges: bytes
content-type: image/webp
x-cache-hits: 1, 1

POST st
capi.connatix.com/tr/ Frame 0885 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: web.hb.ad.cpe.dotomi.com
URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24

Domain: web.hb.ad.cpe.dotomi.com
URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24

Domain: web.hb.ad.cpe.dotomi.com
URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24

Domain: web.hb.ad.cpe.dotomi.com
URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24

Domain: web.hb.ad.cpe.dotomi.com
URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24

Domain: web.hb.ad.cpe.dotomi.com
URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24

Domain: web.hb.ad.cpe.dotomi.com
URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24

Domain: capi.connatix.com
URL: https://capi.connatix.com/tr/st

Verdicts & Comments Add Verdict or Comment

160 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://quantcast.mgr.consensu.org/cmp.js(Line 1) Message: Dependency check failed for Publisher Purpose Legitimate Interest IDs: Publisher Purpose Legitimate Interest IDs must be an array containing only purpose IDs contained in the Publisher Purpose IDs array, the following purpose IDs will be ignored: 1, 4, 5
console-api	log	URL: https://freestar-io.videoplayerhub.com/gallery.js(Line 1) Message: Video gallery initializing
console-api	warning	URL: https://static.quantcast.mgr.consensu.org/v32/cmpui-popup.js(Line 1) Message: Unable to get NonIab Vendor list.
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js(Line 6) Message: Exception in queued GPT command TypeError: Cannot read property 'getItem' of null
console-api	info	URL: https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js(Line 407) Message: Powered by AMP ⚡ HTML – Version 2003262059300 https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
console-api	info	URL: https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js(Line 407) Message: Powered by AMP ⚡ HTML – Version 2003262059300 https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
console-api	info	URL: https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js(Line 407) Message: Powered by AMP ⚡ HTML – Version 2003262059300 https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
console-api	info	URL: https://cdn.ampproject.org/rtv/032004071640410/amp4ads-v0.js(Line 406) Message: Powered by AMP ⚡ HTML – Version 2004071640410 https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.pub.network
acdn.adnxs.com
ad.doubleclick.net
admiral.mgr.consensu.org
ads.pubmatic.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
api.quantcast.mgr.consensu.org
as-sec.casalemedia.com
audit.quantcast.mgr.consensu.org
bc-rtb-dub.springserve.com
btlr.sharethrough.com
c.amazon-adsystem.com
c.pub.network
capi.connatix.com
cd.connatix.com
cdn-ssl.vidible.tv
cdn.ampproject.org
cdn.districtm.io
cds.connatix.com
ck.connatix.com
cse.google.com
d.pub.network
dapperdiscussion.com
dmx.districtm.io
eb2.3lift.com
ecdn.analysis.fi
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
freestar-d.openx.net
freestar-io.videoplayerhub.com
googleads.g.doubleclick.net
graph.facebook.com
hb.emxdgt.com
hbopenbid.pubmatic.com
ib.adnxs.com
img.connatix.com
mrb.upapi.net
pagead2.googlesyndication.com
quantcast.mgr.consensu.org
s7.addthis.com
s9.addthis.com
securepubads.g.doubleclick.net
static.quantcast.mgr.consensu.org
stats3.unrulymedia.com
targeting.unrulymedia.com
tlx.3lift.com
tpc.googlesyndication.com
v1.addthisedge.com
vendorlist.consensu.org
vid-io-dub.springserve.com
vid.connatix.com
vid.springserve.com
video.unrulymedia.com
vpaid.springserve.com
web.hb.ad.cpe.dotomi.com
www.bleepingcomputer.com
www.bleepstatic.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.reddit.com
z.moatads.com
capi.connatix.com
web.hb.ad.cpe.dotomi.com
104.111.230.142
104.16.190.66
104.20.60.209
104.26.13.6
13.35.253.52
143.204.202.95
143.204.212.226
151.101.114.217
151.101.14.217
172.217.22.6
172.217.22.66
18.196.104.43
185.64.189.112
199.232.53.140
212.71.236.117
23.210.248.44
2600:9000:2057:fe00:1:af78:4c0:93a1
2600:9000:214f:9800:9:46dc:4700:93a1
2600:9000:214f:d000:9:46dc:4700:93a1
2606:4700:20::681a:81b
2606:4700:20::681a:8b
2606:4700:20::681a:932
2a00:1288:f03d:1fa::2000
2a00:1450:4001:800::2003
2a00:1450:4001:801::200e
2a00:1450:4001:809::2001
2a00:1450:4001:815::200a
2a00:1450:4001:81b::2008
2a00:1450:4001:81b::200a
2a00:1450:4001:81c::200e
2a00:1450:4001:81f::2002
2a00:1450:4001:81f::2004
2a00:1450:4001:820::2001
2a03:2880:f02d:e:face:b00c:0:2
3.132.109.30
34.243.121.135
34.251.232.240
34.95.120.147
35.157.31.10
35.188.71.214
35.190.64.11
35.190.76.239
35.226.36.58
37.252.172.36
52.17.64.209
52.29.181.218
52.50.72.216
52.59.41.102
69.16.175.10
69.173.144.143
72.247.225.17
72.247.225.32
72.247.225.98
72.247.226.64
99.80.176.210
99.86.0.120
035b2b00b4ebf3e8c6ab0692a07eab9719cae717a900c853d42be7de303a7013
03e3ec6cd6650e2ca9de22009a345cd139d1db0bbfc900aaaf2225c3596e7942
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05c80178f620df7acb7f0556ab056db5a05c44c37047fbcdcdd87976173f507c
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
09dbbbfe478c3209aa304df78e72f42265ce0d89c1ea016a6769202f5d810673
09fba596f1ba572cf4b3ceb9c1f3962d1b75bbb4a6d6d7707f1f93e2fe889aee
0b3678d81937a06cba82b9b8d1b69a6e60c1133246d9798e681bf3908aa390bc
0d1ec490e2c13032e3e7db7bd1e1d5ba7f31854108540efcb527410a80d55438
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0f427d0f88a0698c955ff63bf13af4ca80c9b32f218b5e210847450da901a74f
100f9100601452507a82fd7a081329e8617b16a03f42f279b1833cb6909f2c11
10e73f57ed1405cdfe501a57b808fe434d5c073966be89bd7cc917e485c8bda6
112993c13c6a594a490f990e71cd4b51a70b70cd17e21374f85dd11ed0ffd51e
11c155ff580a0d5240e2650ea4e6fafb6b5912f90f273ccbf0219a68164d992e
1263ee6e7bf81591d8d47c530ddb72e5fae762ae7c5ddd3e913665b9d6fd461b
15a58c5c91d080e1a1ba709a8357bbd3225e6fd17a6a792f13de7b041966eda3
1615f1ff025d6fe1f52f8305bb86c36bf7ed8a8849d40936148e85a7f301437c
17e29cfb9c11ac8521b5deec1592ecd22919463c1b7436e86facb637fb1c06a3
18c790de36642529c36bac57e46862c5e6f6139a4670c3aebf6c1eeaeef60e00
18fb50797f7d2108ac50357c46bffbbed42e651710b3d668a941c10d0dbe3309
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
19b20d5fe4f6f2ca2f96070b0f47bd1278c15dfd1f7ab9ed42338a7156a61a61
19db4a2cde712e2ceaac317e732b4ec40b62818a938a8bf8391ad68470845019
19e1dbba639ba68ceb71cdada9621e11d0aec6edba410971f1937d6cc4935b32
1ab38d897fcfc2ea737505b0a53d3e1e061605a24204e87e4fac0b91067dd478
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1cf3eea135c84fa61fc50844f9ffc52b5164216661fb8baa72193b4ae2e979bd
1d28ba92a80af043bec316138bc89bbba15e09301ec6901a665cb9d2ba29e2ac
1ee966e382024032b7ad03df63123377ce1b0b271525b588839adc7e2601ad9c
1f75ab98f22e9dd3968d6a6edc2d43f31857108c5e4c2cfa78f57f0b5ce131fc
2142ebde30909e7e0d116fbc90f350d388e0a89cc785c4bfcb9a410cfd64adc1
22e977346d45bab9f531ce1132d7ecfbe8e46868eaea790a0d4dcd1d0649d74b
23aca4890fe8b2728dcab78ee9f3b9614cd6cdb0dab2b785d2f8d2d666247cac
27624d4f44365d9ee8d2c970e9465b1f0950ffda46ca93e6b4536f6754ed5169
28ce7322dd335d527e11cb097f03052cd7f1599be3a696dde171721b2e69ca2e
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb
2d8c671d4de954e4f58c46514f884d501b9c642c0df85e480c8a206a99ca60d1
2dda7ea92135dcf21660d4d79391d303fc38f6a6524ae74bbe2986f1d2e990d5
2effc137b6f5da1ca48665a912804f2eb23855e069e1ad36c52000ce85bae0a8
30298486f3d8240f74f86f655398eb300a6074232f01cee83a8e5309d7cf8db4
31cd7d9398307ca2e6cfaa111bbe7b69d69cbaaed2ff74034412ebc5008671fd
32e73e8e0eec3e6c1345d84e7ef091b90e71fb0045814043b34c914156235eb9
33eb81af8a0101c1ad2a210f322fb362ce1598e6e37f0a7ecc62d6ff39add590
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3658a66625c19fec3cbd0f2b3399ebdd21b600d7a353b470be9a955e5f84409a
36df5d608f84bc0aea1fd83e0fdb9da5c7b128c2db7fc540451cdf414fdd81d2
36f5968713e593de0803545a576c29eeeb58a9ac25f83ce887f0a67ea6c19d7d
39109e4fc4d2c3521a712f08c7a5e8f23c64492adbe1e7c1505f154c60ec5b9d
3b6a84a416edfb98ed7608dad8cd26ffd7123e54bce2bb13a4a3394e0b948382
3c2d219320caf0bd31bde137353675e882aef62a2fa606c7e0b2291ee0760ea0
3dc2e5dcd675070a4cfe5124471e7201dd686d019143ff4e4c2feaf4e3f46ab5
417e64f682e69e94e72c2738fcad74bbc5cf7cea1e234c901c8858577f2b4d77
4379f9608e7849871f53c92fd6c157a52c1d5122c3622bf9eb182849d426441c
43fbafd9f9ecb62e74f7bec9f1fa005c5fabd2efe8511d16c254e57697b96c08
441648cd30b738cafe7fc759b65110693960f7e427a14814fffce12f768b9808
443581d8f12cd9617c7749f95ba778b89d361cf57287edf0d4fe459ee4e10041
471cc41da4d88922e1fe2d90e72a26d99cb30d9ca1ef178341b55018b6435265
489caa649bc6af24b5de49c2db88c9ec21f992310412f0bdb136c2a9df3c6a87
49538b060389964ffdecbb874c315d308294862bb0ecfc1468ec14b513f9e821
4ae54bf5af9ae99bbb75a1145fdf994222580ffab2899759bcea09a449868266
4cef923dd4bb7203ccd56b6f1e394fd309f46228771fe4ce07e0b8e5788652b0
4d30ac22ab046870c2859ae90b8598967936e693bf0773ef5e41dae33a04f0a5
4e61073dd59a17ef60e8f3661104772d10b69d1ce7267562f6d865d015139f73
4ed2c6ce1d2a33048fa3d26a3bddbfd4f68b99e1e3d58a2fe16f636281981b88
4eeb4df3522892ea2ec61de6a58e870e8262019f8e3c759c099450cefb589313
4f6d48af065ccaf916673bdf0810e78ed805f08e4c0e50c45d14a6cb5d0f6ea5
51c56935854bed13b06e04dd8a756cb635edca2f98d1f55b3608ecc200162426
52008fa6b53dc0fb50d80c588c6ee9720d36c30e79d07e6eb7baacfed08f59cb
53fff7cdf2a34d38bb6f8dae4a137fbac9ccc5a691bfb3dc69d681260365f386
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
558ff22f76012c6572aa5c8c3eff709f9514628c422f3beddd46e0b45984befb
57194dc30acd0fdee283528bffce5287d662eb8de66ae12573456344dbe4f17d
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5a4061ff8312e2ad494bd984b7df966438232be64a3b284ab69f66c6705009a6
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5e772f6a60f7744cc8b9cdb3e8fd162c964f457b1cc3393a1799b8e294c426a3
5fb477ff5920d74e463f44978ed19395ae623226d0c9203687e9a8a4eda55567
65105598e3320d806e2c957ff970beb036b363753b21c837dec2c70462699199
65902ea002e12561d31f5d5d60196ec91d14a83337f2932ae537614118cf22ae
678dd7cda68669c2a7b73b451445e10ab7d3c701f10a576efcec5e658efdb501
67d86a29de7993fbd23b7dde2c4f26bdc434055c35a4b08c830c0d02fcfa6dd2
6d04bbd61f5107f4226e0a208772cd70e6f94c31da3d4e1c64c7c7c6d55058a1
6d23d10111755a12c87198df1c71cce449de31eca9643030c6327a2157f9bd86
6e86593083facba2710a2312f26bd7b436d7ef299f99cbc2ccc1b32693ec3144
6ffe8c38f0ecf63bc22acf29e733065746956b810a0dd10f5f8a8fcb76cb6e17
71b708302d49504e2c6b65803c87a1cbf033f1b1e6319fa8ceb13be1a2868c2d
71b8e707dce01c867b057625d854dc613364777822d6626c5309bb0b6d5dcb58
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74fd8d03f63d99ec2b0425d939945ace5e3645a61b187cbbb5ddc2d31571a812
757356e3395a14678ad98d34ab39325de29d79752e66ae1748d0015cfd5d007e
7853f30b8d97f4ea1936818b0b01f1757e46fe3f99571a572582d4eec53e6875
79b713d858bbeee3a5bb7617c582aff43a1f8e40710254a572b72afd3b846ce8
7bee3a5ad33b029f119b2245f33ba68b6e3aff305c17379b180545b4e50ad178
7c42933014424dabb2256a0732a9f792559d26ba09a84308c278f52834522f9a
7d6d26827b887aa09b2a5eb7c001e35b93773e53c36ddbfc127ad824e0a6ba39
7e7c74d95df84ef3a6be5c4fcde54fae313a04a9bd611059e6a97a23ff09f26f
7eb262bf675543a120221bbdd8dd8135c414214db1c48b8cead8014947e9000b
7f64b4cab88250c726f0baec6657db4c11047fc785b509de52b19e8fd9f0cddc
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
807f4b1d0cdcef9efbc803a7ace004a355fa402cf85f24619427e402ad16c982
81181a7353c55a00a6c9d91b38dcc1a7d13c2e3ee1f7f46927adc312a4ddfe9f
815b95fe5ef251b383ff3051085d45a3c9a26720aa3d19cab9d85c279919be44
827252be04765631f8ff21fee8ffe1028e27dfa52f62c08ef3182609a0a0e991
82c7fdbc4d001907e1e5d56cd335af3f0d48e0ffa7f0ad2aa3486ebb1123cb21
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
85ae9534729617e69eafa40195c7854697eb3d13b4205f3ee467e07c4af0a24b
864d16904328f4218d049ea3fb07e13a5bc48f1ed1701872626b8461d27ef932
8733e2183f16906b2fa2e58fdab82cf336f249ab71ac1b184470da2dd3c6e29f
87562d3773ffab3d0716a70faa73c38b322fde3b8f265c3d646a3cea976ef67e
879050e160fbacb2e07fa03c7cd2425c293362a0a47c961bb1d6721e7c1ac3c4
894cc1c8de94f90662cb6d4408651b69d6190e13ce107069d28e643045464e1b
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89cb41499c6c688dd580e3c846463849e8ae6ff85ef2cb27e509e1e01677c48f
8a729df0f6435cd25e9ca002e7e4d7f6fd64193d07bd5b9798f13f57ee87b6f7
8ae29c160b1366a1875a245e7da998f7c8fd1660f1eaa3e93646518598842517
8b8e3eecb1d40364b281207debf28220e0d042b8ad9e78e679ab828f419ae18f
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
942935ead42820e6c9184f099c77dde34fa4be70d395a17c47b5d7ad07967339
95c5fbe1b28dbd131e5b9261db983f584d975fe3b215df3cf48f6da775747f82
9ce3eb044ddae52a23a6be77a9806bcfc26a6c4122dc8f5d9a0e25318d9b7802
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
9d864244e6595f136525dc301a9c77ad013081464dc19620cd9689e9368af400
a2deddad8c3b18a05e32ffdbb3e57004f820bf30d3ba341cd529b9156db47f41
a452b4cf42ce31d965cec634cb1708120726889e73dd5962583a9b5a75a76d43
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a58db5adf9958450ff7368808e322df972146f6c86546e471b0608af84e93bb3
ab52a578c101a14bbc790f87f9a7400dda65469f23c6ce85c461e07cdf776460
ab8ceea757a634f5ce5a9ed6f6b4bcdd555869b385d315854e16914a2f5a3bc7
acef9b7770ef40c81a02927552ab39038a09ed2f123fbdb79fbe7e591e056e2d
aef0bedc993fedc80b4c70c6d7f4c3476c0e088cae9980f2a7ad7a2a5a625d7c
af1d66f930ec3a48d53916d3b040ad09163783f5ddc3158e37804461ae10065f
affd87461f2babd57a2f7aec75e9193e8e71a377e8249a02c95a5f43326e289e
b34676178982122b66b0a55d3ee411fa343b1d19a6c119c0c9b0ea2c892738a1
b3498f138f5418bd58413e79e4c0969e618d6f2fee2d9d98c0f4e70a6cbd04ad
b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb49ffd89147180ae5a79edba8315ef8660d11cb33adad155de87a9dee327d1e
bc73cc3b5fbc98895f0b459237df3d9aa111098c787650e72cda7eadf27388df
bd6b502c34919683743558fe50029dbfbedda461affb44585801c659a2a150d4
be3cd6b77119c87a7314668530726c55dfba8183082e1946d7a015712eea6643
bfc8e65089dc5421d56ecc71a0328eafd4feb2a602503ae5c15bfa3189c02f7e
c203d80677729ad9632bda472ec855e65d35b25ac0a1ec5ec6cd5a48ebe3708e
c2dd3a53be6b47cd71caf097061ef67b5a57ed9cba7a455dfde9ca4480a82380
c351bdd8618e7fadb9398b77049d7b676cfa0d6b12188fc72c2555f0aa21bf4c
c4a7b4babd8d76af2ddc0840bda733cd5a0b409895bb74d5302ff1155c9b32bc
c9e727b37a735a7983ea8bdad06a38b246261c239bb80b86cc0ff3663c910adb
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cacf1a4af372d2f3cb8e778f38e0f223cbd91dbca4af50ba4e1798f06e73b00f
cc99761dd1551803ae2d653f9f0b19e9fc06802c1eb6c27453151ca59a649b1f
ccd40ac227234cf6e9f7724dad96ce563f27f74c99d54e764af1451c424cdf0b
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfb7a82fce6138ecaddbb87f4595f3eabe282af245852d99faa8ab01c7574fb1
d020fa6036628dd1d6dbf760edc742273359e93119832249bdce332d05d6db4d
d6891e4bc41124ac51b29a2baba757f7186d0ecdc523e2b9511673738edd697f
d8ef1dca732171b51043f38952a88febf00422bbbc60a0a84cf33eddb9dacf0a
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
da8c4bacc841dac6fd247e95d34e81f9896c52f1c9560e1dc300b628c37330d1
db9503febe37403ac701d3482cc35bbb66a23dd6ebaed5d15cb69254f8a81817
df1cc069e5f49aae4ea8c39dc3de3d44e35de53420fd279d038a8f936678ba49
df8186e6600c5303b0935356187c84dc601a62dc332bb23f728771e9dc04c979
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5e0f326458e8b8ed839d42a0cf6892df80bf26d7dc7e4f8276a65c41582ab85
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ecc0c4a707efeb061b7de57440221feb21ab08022938aaacee779e98fe809235
ee7486874253005effe4bb853d1e5bf0590b9f39de777fae6e1544ec80101011
ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1be475b28feb52ab0df005d33076800c610c5231f0dfc490a495bc51f88c101
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
f4835739ea23c396092a1b4f13457c91c0dd309754000daa0fa1a3ed3d226c7b
f5dd2e8a0299db5af82928d2c212d6455c3092b481be1d44b13b092d0ec19421
f87c026e7d30f938d36f30278fb1976b871a70f92ef16fc423e63bf5c1f0e209
f8a52990bbe6892abb730d241570fbfbd2ff2fc707fdd3004c7dba6e843bbae3
f8b35a82a6a7c1365feb8f130f7a875265bb3fc4961f00b2c147a85cc3976ee5
fa7998903339f4a860d696c2be9494f9c14f2abcf35f8485b2a5c7b4381a0bd6
fef5e989f03de7413353bbfa2320235ce9d04b923b8c593001d1e8093cadb2ef
ffd88402bd7da213453634115d1872431f2ff6132e2a7c6aa38644606b3de809

www.bleepingcomputer.com Open in urlscan Pro 104.20.60.209 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

323 Requests

98 %HTTPS

32 %IPv6

38 Domains

68 Subdomains

57 IPs

6 Countries

4314 kBTransfer

11632 kBSize

0 Cookies

10 Outgoing links

Redirected requests

323 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.bleepingcomputer.com Open in urlscan Pro
104.20.60.209 Public Scan

Screenshot
Live screenshot

Full Image

323
Requests

98 %
HTTPS

32 %
IPv6

38
Domains

68
Subdomains

57
IPs

6
Countries

4314 kB
Transfer

11632 kB
Size

0
Cookies

323 HTTP transactions
9 data transactions