urlscan.io logo urlscan.io
SecurityTrails logo

www.bleepingcomputer.com Open in urlscan Pro
104.20.60.209  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Submission: On January 15 via api from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 73 IPs in 7 countries across 47 domains to perform 279 HTTP transactions. The main IP is 104.20.60.209, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.bleepingcomputer.com.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on May 12th 2018. Valid for: 2 years.
This is the only time www.bleepingcomputer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.20.60.209 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
32 104.26.13.6 13335 (CLOUDFLAR...)
2 151.101.14.217 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
2 2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
4 23.210.248.44 16625 (AKAMAI-AS)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 178.79.175.86 63949 (LINODE-AP...)
6 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:21f... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 3 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:20e... 16509 (AMAZON-02)
2 216.58.205.230 15169 (GOOGLE)
9 151.101.114.217 54113 (FASTLY)
3 35.188.71.214 15169 (GOOGLE)
1 13.225.78.58 16509 (AMAZON-02)
5 172.217.16.194 15169 (GOOGLE)
1 23.210.250.213 16625 (AKAMAI-AS)
1 54.236.131.34 14618 (AMAZON-AES)
1 2600:9000:215... 16509 (AMAZON-02)
1 13.225.78.52 16509 (AMAZON-02)
2 13.225.78.17 16509 (AMAZON-02)
17 52.28.239.79 16509 (AMAZON-02)
1 23.210.249.164 16625 (AKAMAI-AS)
16 185.33.223.100 29990 (ASN-APPNEXUS)
1 52.29.208.172 16509 (AMAZON-02)
1 185.64.189.112 62713 (AS-PUBMATIC)
3 104.16.68.69 13335 (CLOUDFLAR...)
6 213.19.162.71 26667 (RUBICONPR...)
3 151.101.13.194 54113 (FASTLY)
1 54.209.206.137 14618 (AMAZON-AES)
2 185.94.180.123 35220 (SPOTX-AMS)
6 3.215.1.64 14618 (AMAZON-AES)
1 13.225.78.86 16509 (AMAZON-02)
7 52.210.0.3 16509 (AMAZON-02)
1 34.205.34.196 14618 (AMAZON-AES)
7 69.16.175.10 20446 (HIGHWINDS3)
7 2a00:1288:f03... 10310 (YAHOO-1)
7 2a02:fa8:8806... 41041 (VCLK-EU-)
7 178.162.133.150 60781 (LEASEWEB-...)
14 2a00:1450:400... 15169 (GOOGLE)
7 52.18.86.70 16509 (AMAZON-02)
2 2a03:2880:f02... 32934 (FACEBOOK)
2 151.101.13.140 54113 (FASTLY)
5 35.226.36.58 15169 (GOOGLE)
9 18.200.219.23 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
1 3.120.155.10 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 6 34.95.120.147 15169 (GOOGLE)
4 172.217.18.98 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 199.166.0.26 7415 (ADSAFE-1)
2 2600:1901:0:f... 15169 (GOOGLE)
1 2 52.1.14.65 14618 (AMAZON-AES)
3 66.155.71.27 13768 (COGECO-PEER1)
1 1 66.155.71.25 13768 (COGECO-PEER1)
1 35.241.44.144 15169 (GOOGLE)
1 176.34.141.200 16509 (AMAZON-02)
1 2 104.108.39.228 16625 (AKAMAI-AS)
5 130.211.115.4 15169 (GOOGLE)
1 13.224.196.13 16509 (AMAZON-02)
5 52.22.174.17 14618 (AMAZON-AES)
1 23.37.55.184 16625 (AKAMAI-AS)
1 2 52.57.98.188 16509 (AMAZON-02)
1 23.210.249.92 16625 (AKAMAI-AS)
1 23.210.249.83 16625 (AKAMAI-AS)
1 2 66.155.71.149 13768 (COGECO-PEER1)
279 73
1    104.20.60.209 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.bleepingcomputer.com
3    2a00:1450:4001:825::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
32    104.26.13.6 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.bleepstatic.com
2    151.101.14.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
cdn.connatix.com
cdns.connatix.com
1    2a00:1450:4001:821::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
2    2a00:1450:4001:81e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
cse.google.com
9    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com
adservice.google.de
adservice.google.com
www.googletagservices.com
4    23.210.248.44 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-210-248-44.deploy.static.akamaitechnologies.com
s9.addthis.com
v1.addthisedge.com
s7.addthis.com
2    2606:4700:20::681a:18b (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
a.pub.network
1    178.79.175.86 (London, United Kingdom)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: nb-178-79-175-86.london.nodebalancer.linode.com
ecdn.analysis.fi
6    2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
1    2600:9000:21f3:2a00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
quantcast.mgr.consensu.org
3    2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
googleads.g.doubleclick.net
3    2a00:1450:4001:816::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
gcdn.2mdn.net
2    2600:9000:20eb:d600:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
static.quantcast.mgr.consensu.org
2    216.58.205.230 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s24-in-f230.1e100.net
ad.doubleclick.net
9    151.101.114.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
ck.connatix.com
i.connatix.com
3    35.188.71.214 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 214.71.188.35.bc.googleusercontent.com
d.pub.network
1    13.225.78.58 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-225-78-58.fra2.r.cloudfront.net
freestar-io.videoplayerhub.com
5    172.217.16.194 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s08-in-f2.1e100.net
securepubads.g.doubleclick.net
1    23.210.250.213 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-210-250-213.deploy.static.akamaitechnologies.com
z.moatads.com
1    54.236.131.34 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-236-131-34.compute-1.amazonaws.com
core.connatix.com
1    2600:9000:2156:b000:1:af78:4c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
vendorlist.consensu.org
1    13.225.78.52 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-225-78-52.fra2.r.cloudfront.net
api.quantcast.mgr.consensu.org
2    13.225.78.17 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-225-78-17.fra2.r.cloudfront.net
ad-delivery.net
17    52.28.239.79 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-28-239-79.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
1    23.210.249.164 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-210-249-164.deploy.static.akamaitechnologies.com
as-sec.casalemedia.com
16    185.33.223.100 (Netherlands)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 373.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    52.29.208.172 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-29-208-172.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)
hbopenbid.pubmatic.com
3    104.16.68.69 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
dmx.districtm.io
cdn.districtm.io
6    213.19.162.71 (United Kingdom)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)
fastlane.rubiconproject.com
3    151.101.13.194 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
confiant-integrations.global.ssl.fastly.net
1    54.209.206.137 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-209-206-137.compute-1.amazonaws.com
rtb.connatix.com
2    185.94.180.123 (Netherlands)

ASN35220 (SPOTX-AMS, NL)
search.spotxchange.com
6    3.215.1.64 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-3-215-1-64.compute-1.amazonaws.com
trk.connatix.com
1    13.225.78.86 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-225-78-86.fra2.r.cloudfront.net
audit.quantcast.mgr.consensu.org
7    52.210.0.3 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-210-0-3.eu-west-1.compute.amazonaws.com
vid.springserve.com
1    34.205.34.196 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-205-34-196.compute-1.amazonaws.com
cluster-na.cdnjquery.com
7    69.16.175.10 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: tlb.hwcdn.net
vpaid.springserve.com
7    2a00:1288:f03d:1fa::4000 (United Kingdom)

ASN10310 (YAHOO-1 - Oath Holdings Inc., US)
cdn-ssl.vidible.tv
7    2a02:fa8:8806:16::1460 (Sweden)

ASN41041 (VCLK-EU-, SE)
web.hb.ad.cpe.dotomi.com
7    178.162.133.150 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com
apex.go.sonobi.com
14    2a00:1450:4001:824::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
tpc.googlesyndication.com
7    52.18.86.70 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
bc-rtb-dub.springserve.com
2    2a03:2880:f02d:e:face:b00c:0:2 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
graph.facebook.com
2    151.101.13.140 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
www.reddit.com
5    35.226.36.58 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 58.36.226.35.bc.googleusercontent.com
c.pub.network
9    18.200.219.23 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-200-219-23.eu-west-1.compute.amazonaws.com
vid-io.springserve.com
6    2a00:1450:4001:814::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
cdn.ampproject.org
1    3.120.155.10 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-3-120-155-10.eu-central-1.compute.amazonaws.com
protected-by.clarium.io
1    2a00:1450:4001:821::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
ima3vpaid.appspot.com
3    2a00:1450:4001:81b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
imasdk.googleapis.com
1    2a00:1450:4001:81f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
s0.2mdn.net
6    34.95.120.147 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 147.120.95.34.bc.googleusercontent.com
springserve-d.openx.net
us-u.openx.net
4    172.217.18.98 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: zrh04s05-in-f98.1e100.net
ade.googlesyndication.com
googleads4.g.doubleclick.net
1    2a00:1450:4001:6d::9 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
r4---sn-4g5edns6.c.2mdn.net
2    199.166.0.26 (United States)

ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US)
PTR: anycast.pixel.adsafeprotected.com
pixel.adsafeprotected.com
2    2600:1901:0:fcac:: (United States)

ASN15169 (GOOGLE - Google LLC, US)
js.ad-score.com
2    52.1.14.65 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-1-14-65.compute-1.amazonaws.com
adrta.com
ipds.adrta.com
3    66.155.71.27 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1 - Cogeco Peer 1, CA)
node-uk-zahhu3.sitescout.com
1    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1 - Cogeco Peer 1, CA)
pixel-sync.sitescout.com
1    35.241.44.144 (Ascension Island)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 144.44.241.35.bc.googleusercontent.com
rtb-europe-west1.openx.net
1    176.34.141.200 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-176-34-141-200.eu-west-1.compute.amazonaws.com
vid-io-dub.springserve.com
2    104.108.39.228 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-108-39-228.deploy.static.akamaitechnologies.com
sb.scorecardresearch.com
5    130.211.115.4 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 4.115.211.130.bc.googleusercontent.com
data.ad-score.com
1    13.224.196.13 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-224-196-13.fra2.r.cloudfront.net
static.adsafeprotected.com
5    52.22.174.17 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-22-174-17.compute-1.amazonaws.com
dt.adsafeprotected.com
1    23.37.55.184 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-37-55-184.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    52.57.98.188 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-57-98-188.eu-central-1.compute.amazonaws.com
eb2.3lift.com
1    23.210.249.92 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-210-249-92.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    23.210.249.83 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-210-249-83.deploy.static.akamaitechnologies.com
acdn.adnxs.com
2    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1 - Cogeco Peer 1, CA)
pixel-a.basis.net
pixel.sitescout.com
Apex Domain
Subdomains		 Transfer
32 bleepstatic.com
www.bleepstatic.com
284 KB
31 springserve.com
vid.springserve.com
vpaid.springserve.com
bc-rtb-dub.springserve.com
vid-io.springserve.com
vid-io-dub.springserve.com
676 KB
20 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
ade.googlesyndication.com
193 KB
19 connatix.com
cdn.connatix.com
cdns.connatix.com
ck.connatix.com
core.connatix.com
rtb.connatix.com
i.connatix.com
trk.connatix.com
451 KB
17 adnxs.com
ib.adnxs.com
acdn.adnxs.com
15 KB
17 sharethrough.com
btlr.sharethrough.com
2 KB
11 doubleclick.net
googleads.g.doubleclick.net
ad.doubleclick.net
securepubads.g.doubleclick.net
googleads4.g.doubleclick.net
132 KB
10 pub.network
a.pub.network
d.pub.network
c.pub.network
241 KB
8 adsafeprotected.com
pixel.adsafeprotected.com
static.adsafeprotected.com
dt.adsafeprotected.com
92 KB
7 ad-score.com
js.ad-score.com
data.ad-score.com
96 KB
7 openx.net
springserve-d.openx.net
us-u.openx.net
rtb-europe-west1.openx.net
920 B
7 sonobi.com
apex.go.sonobi.com
4 KB
7 dotomi.com
web.hb.ad.cpe.dotomi.com
2 KB
7 vidible.tv
cdn-ssl.vidible.tv
55 KB
7 rubiconproject.com
fastlane.rubiconproject.com
eus.rubiconproject.com
10 KB
6 ampproject.org
cdn.ampproject.org
124 KB
6 consensu.org
quantcast.mgr.consensu.org
static.quantcast.mgr.consensu.org
vendorlist.consensu.org
api.quantcast.mgr.consensu.org
audit.quantcast.mgr.consensu.org
140 KB
6 gstatic.com
fonts.gstatic.com
65 KB
6 googleapis.com
fonts.googleapis.com
imasdk.googleapis.com
108 KB
5 sitescout.com
node-uk-zahhu3.sitescout.com
pixel-sync.sitescout.com
pixel.sitescout.com
2 KB
5 google.com
www.google.com
cse.google.com
adservice.google.com
2 KB
3 2mdn.net
s0.2mdn.net
gcdn.2mdn.net
r4---sn-4g5edns6.c.2mdn.net
1 MB
3 fastly.net
confiant-integrations.global.ssl.fastly.net
78 KB
3 districtm.io
dmx.districtm.io
cdn.districtm.io
485 B
3 3lift.com
tlx.3lift.com
eb2.3lift.com
982 B
3 googletagservices.com
www.googletagservices.com
72 KB
3 addthis.com
s9.addthis.com
s7.addthis.com
189 KB
2 scorecardresearch.com
sb.scorecardresearch.com
2 KB
2 adrta.com
adrta.com
ipds.adrta.com
1 KB
2 reddit.com
www.reddit.com
3 KB
2 facebook.com
graph.facebook.com
1018 B
2 spotxchange.com
search.spotxchange.com
3 KB
2 pubmatic.com
hbopenbid.pubmatic.com
ads.pubmatic.com
122 B
2 ad-delivery.net
ad-delivery.net
1 KB
2 google-analytics.com
www.google-analytics.com
18 KB
1 basis.net
pixel-a.basis.net
113 B
1 appspot.com
ima3vpaid.appspot.com
915 B
1 clarium.io
protected-by.clarium.io
345 B
1 cdnjquery.com
cluster-na.cdnjquery.com
357 B
1 casalemedia.com
as-sec.casalemedia.com
998 B
1 addthisedge.com
v1.addthisedge.com
924 B
1 moatads.com
z.moatads.com
1 KB
1 videoplayerhub.com
freestar-io.videoplayerhub.com
19 KB
1 google.de
adservice.google.de
171 B
1 analysis.fi
ecdn.analysis.fi
2 KB
1 googletagmanager.com
www.googletagmanager.com
27 KB
1 bleepingcomputer.com
www.bleepingcomputer.com
16 KB
279 47
Domain Requested by
32 www.bleepstatic.com www.bleepingcomputer.com
cdn.connatix.com
www.bleepstatic.com
pagead2.googlesyndication.com
17 btlr.sharethrough.com a.pub.network
16 ib.adnxs.com a.pub.network
vpaid.springserve.com
14 tpc.googlesyndication.com securepubads.g.doubleclick.net
confiant-integrations.global.ssl.fastly.net
www.bleepingcomputer.com
cdn.ampproject.org
9 vid-io.springserve.com vpaid.springserve.com
8 i.connatix.com www.bleepingcomputer.com
cdns.connatix.com
7 bc-rtb-dub.springserve.com vpaid.springserve.com
7 apex.go.sonobi.com vpaid.springserve.com
7 web.hb.ad.cpe.dotomi.com vpaid.springserve.com
7 cdn-ssl.vidible.tv vpaid.springserve.com
7 vpaid.springserve.com cdns.connatix.com
7 vid.springserve.com cdns.connatix.com
6 cdn.ampproject.org securepubads.g.doubleclick.net
confiant-integrations.global.ssl.fastly.net
6 trk.connatix.com www.bleepingcomputer.com
cdns.connatix.com
6 fastlane.rubiconproject.com a.pub.network
6 fonts.gstatic.com cdn.connatix.com
pagead2.googlesyndication.com
cdn.ampproject.org
5 dt.adsafeprotected.com
5 data.ad-score.com js.ad-score.com
5 c.pub.network a.pub.network
5 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.bleepingcomputer.com
4 springserve-d.openx.net
3 node-uk-zahhu3.sitescout.com
3 ade.googlesyndication.com
3 imasdk.googleapis.com www.bleepingcomputer.com
imasdk.googleapis.com
3 confiant-integrations.global.ssl.fastly.net a.pub.network
confiant-integrations.global.ssl.fastly.net
3 www.googletagservices.com a.pub.network
pagead2.googlesyndication.com
www.bleepingcomputer.com
3 d.pub.network a.pub.network
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
3 pagead2.googlesyndication.com www.bleepingcomputer.com
pagead2.googlesyndication.com
3 fonts.googleapis.com www.bleepingcomputer.com
confiant-integrations.global.ssl.fastly.net
2 eb2.3lift.com 1 redirects a.pub.network
2 sb.scorecardresearch.com 1 redirects
2 us-u.openx.net 1 redirects
2 js.ad-score.com vpaid.springserve.com
js.ad-score.com
2 pixel.adsafeprotected.com vpaid.springserve.com
2 www.reddit.com s9.addthis.com
2 graph.facebook.com s9.addthis.com
2 s7.addthis.com s9.addthis.com
2 search.spotxchange.com cdns.connatix.com
2 dmx.districtm.io a.pub.network
2 ad-delivery.net freestar-io.videoplayerhub.com
www.bleepingcomputer.com
2 ad.doubleclick.net www.bleepingcomputer.com
vpaid.springserve.com
2 static.quantcast.mgr.consensu.org quantcast.mgr.consensu.org
2 www.google-analytics.com www.googletagmanager.com
www.bleepingcomputer.com
2 adservice.google.com pagead2.googlesyndication.com
imasdk.googleapis.com
2 a.pub.network www.bleepingcomputer.com
a.pub.network
2 www.google.com 2 redirects
1 pixel.sitescout.com
1 pixel-a.basis.net 1 redirects
1 acdn.adnxs.com a.pub.network
1 cdn.districtm.io a.pub.network
1 ads.pubmatic.com a.pub.network
1 eus.rubiconproject.com a.pub.network
1 static.adsafeprotected.com www.bleepingcomputer.com
1 vid-io-dub.springserve.com
1 googleads4.g.doubleclick.net
1 rtb-europe-west1.openx.net
1 pixel-sync.sitescout.com 1 redirects
1 ipds.adrta.com
1 adrta.com 1 redirects
1 r4---sn-4g5edns6.c.2mdn.net
1 gcdn.2mdn.net 1 redirects
1 s0.2mdn.net imasdk.googleapis.com
1 ima3vpaid.appspot.com vpaid.springserve.com
1 protected-by.clarium.io www.bleepingcomputer.com
1 cluster-na.cdnjquery.com freestar-io.videoplayerhub.com
1 audit.quantcast.mgr.consensu.org static.quantcast.mgr.consensu.org
1 rtb.connatix.com cdns.connatix.com
1 hbopenbid.pubmatic.com a.pub.network
1 tlx.3lift.com a.pub.network
1 as-sec.casalemedia.com a.pub.network
1 api.quantcast.mgr.consensu.org quantcast.mgr.consensu.org
1 vendorlist.consensu.org quantcast.mgr.consensu.org
1 core.connatix.com cdns.connatix.com
1 v1.addthisedge.com s9.addthis.com
1 z.moatads.com s9.addthis.com
1 freestar-io.videoplayerhub.com a.pub.network
1 ck.connatix.com cdns.connatix.com
1 adservice.google.de pagead2.googlesyndication.com
1 quantcast.mgr.consensu.org www.bleepstatic.com
1 cdns.connatix.com cdn.connatix.com
1 ecdn.analysis.fi www.bleepingcomputer.com
1 s9.addthis.com www.bleepingcomputer.com
1 cse.google.com www.bleepingcomputer.com
1 www.googletagmanager.com www.bleepingcomputer.com
1 cdn.connatix.com www.bleepingcomputer.com
1 www.bleepingcomputer.com
279 87
Subject Issuer Validity Valid
bleepingcomputer.com
COMODO RSA Domain Validation Secure Server CA		 2018-05-12 -
2020-05-17		 2 years crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2019-12-10 -
2020-03-03		 3 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-11-11 -
2020-10-09		 a year crt.sh
j3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-01-15 -
2021-01-14		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-12-10 -
2020-03-03		 3 months crt.sh
*.google.com
GTS CA 1O1		 2019-12-10 -
2020-03-03		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2019-12-20 -
2020-03-13		 3 months crt.sh
odc-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2019-10-10 -
2020-09-04		 a year crt.sh
*.analysis.fi
Sectigo RSA Domain Validation Secure Server CA		 2019-06-13 -
2020-06-12		 a year crt.sh
quantcast.mgr.consensu.org
Amazon		 2019-05-06 -
2020-06-06		 a year crt.sh
*.doubleclick.net
GTS CA 1O1		 2019-12-10 -
2020-03-03		 3 months crt.sh
*.pub.network
Go Daddy Secure Certificate Authority - G2		 2019-02-09 -
2020-05-16		 a year crt.sh
*.videoplayerhub.com
Amazon		 2019-07-18 -
2020-08-18		 a year crt.sh
moatads.com
DigiCert ECC Secure Server CA		 2018-11-10 -
2020-02-09		 a year crt.sh
*.connatix.com
Amazon		 2019-10-19 -
2020-11-19		 a year crt.sh
vendorlist.consensu.org
Amazon		 2019-03-06 -
2020-04-06		 a year crt.sh
ad-delivery.net
Amazon		 2019-03-07 -
2020-04-07		 a year crt.sh
*.sharethrough.com
Amazon		 2019-10-07 -
2020-11-07		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2019-07-17 -
2020-03-09		 8 months crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA		 2019-01-23 -
2021-03-08		 2 years crt.sh
*.3lift.com
Amazon		 2019-07-17 -
2020-08-17		 a year crt.sh
*.pubmatic.com
Sectigo RSA Organization Validation Secure Server CA		 2019-02-22 -
2021-02-21		 2 years crt.sh
districtm.io
CloudFlare Inc ECC CA-2		 2019-03-26 -
2020-03-26		 a year crt.sh
*.rubiconproject.com
DigiCert SHA2 Secure Server CA		 2019-01-10 -
2021-01-14		 2 years crt.sh
*.freetls.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-12-18 -
2020-12-18		 a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2019-03-18 -
2021-03-17		 2 years crt.sh
*.springserve.net
Amazon		 2019-03-28 -
2020-04-28		 a year crt.sh
*.assetbucket.net
Amazon		 2019-09-11 -
2020-10-11		 a year crt.sh
*.springserve.com
COMODO RSA Domain Validation Secure Server CA		 2017-07-27 -
2020-07-26		 3 years crt.sh
cdn-ycs.vidible.tv
DigiCert SHA2 High Assurance Server CA		 2019-09-02 -
2020-02-29		 6 months crt.sh
ad.cpe.dotomi.com
GlobalSign Organization Validation CA - SHA256 - G2		 2018-05-25 -
2020-05-25		 2 years crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2019-02-01 -
2021-02-04		 2 years crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2019-12-10 -
2020-03-03		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-12-06 -
2020-03-05		 3 months crt.sh
*.reddit.com
DigiCert SHA2 Secure Server CA		 2018-08-17 -
2020-09-02		 2 years crt.sh
misc-sni.google.com
GTS CA 1O1		 2019-12-10 -
2020-03-03		 3 months crt.sh
protected-by.clarium.io
Gandi Standard SSL CA 2		 2018-04-26 -
2020-04-26		 2 years crt.sh
*.appspot.com
GTS CA 1O1		 2019-12-10 -
2020-03-03		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2018-01-04 -
2020-07-09		 3 years crt.sh
*.c.docs.google.com
GTS CA 1O1		 2020-01-07 -
2020-03-17		 2 months crt.sh
*.adsafeprotected.com
COMODO RSA Domain Validation Secure Server CA		 2018-08-20 -
2020-09-17		 2 years crt.sh
*.ad-score.com
Go Daddy Secure Certificate Authority - G2		 2019-09-02 -
2020-11-01		 a year crt.sh
*.adrta.com
COMODO RSA Domain Validation Secure Server CA		 2018-09-01 -
2020-08-31		 2 years crt.sh
*.sitescout.com
RapidSSL RSA CA 2018		 2019-01-28 -
2020-02-04		 a year crt.sh
*.scorecardresearch.com
Sectigo RSA Organization Validation Secure Server CA		 2019-12-16 -
2020-12-25		 a year crt.sh
static.adsafeprotected.com
Amazon		 2019-11-01 -
2020-12-01		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2019-10-23 -
2020-11-23		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2019-04-23 -
2020-02-19		 10 months crt.sh

This page contains 28 frames:

Primary Page: https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Frame ID: 2549123824852AEC3A2A39FDC85E410C
Requests: 138 HTTP requests in this frame

Frame: https://cdns.connatix.com/p/1838/min/connatix.renderer.infeed.min_dc.js
Frame ID: 4B1832E1D936D7F9938F3C12A1FD20A9
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200109/r20190131/zrt_lookup.html
Frame ID: C2C5B1DA771595509839E4756A8F009E
Requests: 1 HTTP requests in this frame

Frame: https://static.quantcast.mgr.consensu.org/v28/cmp-3pc-check.html
Frame ID: 2ED2869B33B0A7492CA7C63B0D4C31A3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&adk=1812271804&adf=3025194257&lmt=1578636805&plat=0%3A32%2C1%3A32776%2C2%3A16809992%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fako-ransomware-another-day-another-infection-attacking-businesses%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1579120598890&bpp=2&bdt=290&idt=147&shv=r20200109&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7451222293285&frm=20&pv=2&ga_vid=951501729.1579120599&ga_sid=1579120600&ga_hid=494904638&ga_fc=0&iag=0&icsg=149533625425920&dssz=53&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20040013%2C21065275%2C21065346&oid=3&pvsid=4225047959211155&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=1&uci=a!1&fsb=1&dtd=658
Frame ID: 198ACD8BB7184C10ECF650D8D082B0BB
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 82B546D6288D782287D6E46F7D8B2552
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 2BC1102CEB69B5428B2C4DA837775F47
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 5520E2A3B9B80D2A591805296EA4D247
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: D6E0040A54F9E08B3544AC08C3604D94
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: E5111C03B56911A807A7E522D2DD63AB
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsseLJwsIeEijQrhT7YNdkHaf6t7adJVYDfcwYbpMWS-8rN0ajZMfWrrXfWh8X9eStjus9zfL3m8aspgg_YqL6l28KKuYFndHPCJ8WjrjkrMJR1_R2RlqQ8u90ExwjKKKvem6m3VG6zlngi6iZH37RfkIsrSPbUeV1DnT5XGL6jTk8jmLqkK5Wco7WC-VQKo-5V7p_FW-bSXrI0O-g57BwsJEd-8x4pkboENX8vEIdMk71rR01t-sAiXJIgEjPgSCJnxxRI7Iwayxze2gQ-KeEx_H4UuujDQGCwU&sig=Cg0ArKJSzPCko6GIyq-gEAE&urlfix=1&adurl=
Frame ID: 32B87776376C8D1992EFBADFFBC04801
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 98207FD4CC54969EE169CBFB7311FC6B
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011912050130240/amp4ads-v0.js
Frame ID: 01D52ACF83E2BCD3528A423F745B4649
Requests: 20 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: FF205801EA42DBE940998520322B8C75
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: AA06378D26DE40BBBE629012C4C687A0
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 0C1FD649A7F20AC3487375DE371C9E3C
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: D1D00A3D349304F6D78AF5ED28FBED24
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 1059C0BD351B5376D0B35516516D20EA
Requests: 9 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adTagUrl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F21769024953%2Fadx_video%2Fbleepingcomputer%26description_url%3Dbleepingcomputer.com%252F%26tfcd%3D0%26npa%3D0%26sz%3D400x300%257C640x480%26max_ad_duration%3D30000%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26impl%3Ds%26correlator%3D1579120602407%26ord%3D1579120602407&type=js
Frame ID: D92C65371936904CE5249201F1DE8369
Requests: 6 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.360.0_en.html
Frame ID: 0EC2D0E95F7D06D8F4DA1EE37E8E2ADC
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 312E9837D6A0CF11F82DB43C667D6DFE
Requests: 36 HTTP requests in this frame

Frame: https://js.ad-score.com/x.html?pid=1000426
Frame ID: C5995E42D2C291863688798C9DE2942B
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.4.114.js
Frame ID: FBB10013FD79228BB2DA3D04E3FD89D8
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: AEDE09A2CC1E5441F02A614FB1FE3687
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 983381740C8D0D0A145B244FB4382948
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 087E01EC95DBD5027FBAFC28F09829E8
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: DBFDA77392EC5F3DBF96DD7E68432CF6
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 715F2E5AD54F47E90FB00F8DEE4119EC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

279
Requests

100 %
HTTPS

30 %
IPv6

47
Domains

87
Subdomains

73
IPs

7
Countries

4219 kB
Transfer

10836 kB
Size

16
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en HTTP 302
  • https://cse.google.com/coop/cse/brand?form=cse-search-box&lang=en
Request Chain 168
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 239
  • https://gcdn.2mdn.net/videoplayback/id/14b965e19bfffcac/itag/18/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3716899861/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/1F9461EFAD23A84DAAA830A0ED3705DC94382AE5.B81AFD3FD46FAE5EB36D27FA914034AD2D192D82/key/ck2/file/file.mp4 HTTP 302
  • https://r4---sn-4g5edns6.c.2mdn.net/videoplayback/id/14b965e19bfffcac/itag/18/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3716899861/sparams/acao,ctier,expire,id,ip,ipbits,itag,mip,mm,mn,ms,mv,mvi,pl,source/signature/757E8D6890DCB954950F35F76EBB2F7F80CDCADE.1D4FB4033D28912BD04EA895E4619D447E3F3F79/key/cms1/cms_redirect/yes/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5edns6/ms/onc/mt/1579120528/mv/m/mvi/3/pl/47/file/file.mp4
Request Chain 245
  • https://adrta.com/i?clid=ss&paid=ss&dvid=v&cb=1579120604023&avid=112053&caid=1194248&publisherId=540226160&kv5=&plid=3616592&segment=12121&kv4=77.243.177.40&kv14=&kv1=large_vid&siteId=540227121&kv7=4&kv15=UNKNOWN&kv16=&kv17=&kv18=&kv24=WEB&kv22=&kv11=5e1f77dc3b25bd6e01ea0004&kv3=&kv27=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_6%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F79.0.3945.88+Safari%2F537.36&kv29=[ERRORCODE]&kv30=[CONTENTPLAYHEAD]_[ADPLAYHEAD]&kv33=[ASSETURI]&kv34=[VASTVERSIONS]&kv35=[IFATYPE]&kv36=[IFA]&kv37=[CLIENTUA]&kv38=[SERVERUA]&kv39=[DEVICEUA]&kv40=[DEVICEIP]&kv41=[LATLONG]&kv42=[DOMAIN]&kv44=autoplay&kv45=[PLAYERSIZE]&kv46=[REGULATIONS]&kv47=[ADTYPE]&kv48=[TRANSACTIONID]&kv49=[BREAKPOSITION]&kv51=[PLACEMENTTYPE]&kv54=[LAT]&kv2=http%3A%2F%2Fbleepingcomputer.com%2F&kv43=[PAGEURL]&kv50=[APPNAME] HTTP 302
  • https://ipds.adrta.com/i?__x=MLCJKHEIMMCIHBEBLGIFEPPEIOKJIMKKNIMAGJLQHGGNFJMMPBHJNOKELONKOPGKJGQGHBIKMNFJGKGLNNM@PMHHHHGNNMGEOIOFKEHBFLOOGGENGIOPNAE@HBE&clid=ss&paid=ss&dvid=v&cb=1579120604023&avid=112053&caid=1194248&publisherId=540226160&kv5=&plid=3616592&segment=12121&kv4=77.243.177.40&kv14=&kv1=large_vid&siteId=540227121&kv7=4&kv15=UNKNOWN&kv16=&kv17=&kv18=&kv24=WEB&kv22=&kv11=5e1f77dc3b25bd6e01ea0004&kv3=&kv27=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_6%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F79.0.3945.88+Safari%2F537.36&kv29=[ERRORCODE]&kv30=[CONTENTPLAYHEAD]_[ADPLAYHEAD]&kv33=[ASSETURI]&kv34=[VASTVERSIONS]&kv35=[IFATYPE]&kv36=[IFA]&kv37=[CLIENTUA]&kv38=[SERVERUA]&kv39=[DEVICEUA]&kv40=[DEVICEIP]&kv41=[LATLONG]&kv42=[DOMAIN]&kv44=autoplay&kv45=[PLAYERSIZE]&kv46=[REGULATIONS]&kv47=[ADTYPE]&kv48=[TRANSACTIONID]&kv49=[BREAKPOSITION]&kv51=[PLACEMENTTYPE]&kv54=[LAT]&kv2=http%3A%2F%2Fbleepingcomputer.com%2F&kv43=[PAGEURL]&kv50=[APPNAME]
Request Chain 247
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&wb=1&hdid=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=no-consent HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072977&val=no-consent
Request Chain 255
  • https://sb.scorecardresearch.com/p?c1=2&c2=17958079&ns_type=hidden&ns_st_sv=6.1.1.171219&ns_st_smv=5.8&ns_st_it=r&ns_st_id=1579120604638&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=15000&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.1.1.171219&ns_st_pn=1&ns_st_tp=1&ns_st_ad=1&ns_st_ci=0&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_ts=1579120604639&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=0&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_an=1&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=va12&ns_st_st=*null&ns_st_pu=*null&c3=*null&c4=*null&c6=*null&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fako-ransomware-another-day-another-infection-attacking-businesses%2F&c8=&c9=&cs_ucfr=0 HTTP 302
  • https://sb.scorecardresearch.com/p2?c1=2&c2=17958079&ns_type=hidden&ns_st_sv=6.1.1.171219&ns_st_smv=5.8&ns_st_it=r&ns_st_id=1579120604638&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=15000&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.1.1.171219&ns_st_pn=1&ns_st_tp=1&ns_st_ad=1&ns_st_ci=0&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_ts=1579120604639&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=0&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_an=1&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=va12&ns_st_st=*null&ns_st_pu=*null&c3=*null&c4=*null&c6=*null&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fako-ransomware-another-day-another-infection-attacking-businesses%2F&c8=&c9=&cs_ucfr=0&cs_ak_ss=1
Request Chain 275
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 281
  • https://pixel-a.basis.net/iap/d665e40bc850dd2a HTTP 301
  • https://pixel.sitescout.com/iap/d665e40bc850dd2a

279 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/ 		71 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.60.209 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8be02838498df5f3659373683e3c055134a7bdf9e3695f78b55306a13e3d10a4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
www.bleepingcomputer.com
:scheme
https
:path
/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Sec-Fetch-User
?1

Response headers

status
200
date
Wed, 15 Jan 2020 20:36:38 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d0a616e37c75e4c03177f74cce3fc35531579120597; expires=Fri, 14-Feb-20 20:36:37 GMT; path=/; domain=.bleepingcomputer.com; HttpOnly; SameSite=Lax; Secure session_id=5a82dfa73d2f13ec01eb9a32aba6cfc1; path=/; domain=.bleepingcomputer.com; httponly;Secure lav=7525; expires=Fri, 14-Feb-2020 20:36:38 GMT; Max-Age=2592000; path=/;Secure
content-security-policy
upgrade-insecure-requests;
x-frame-options
SAMEORIGIN
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
expires
0
last-modified
Fri, 10 Jan 2020 06:13:25 GMT
vary
Accept-Encoding,User-Agent
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
555aa4996ddbbc00-LHR
content-encoding
br
css
fonts.googleapis.com/ 		14 KB
908 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
d229886fc63edf6b95865ad6a9e90b589ca7585d2203bc61b69f73f61f746830
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 15 Jan 2020 20:36:38 GMT
server
ESF
access-control-allow-origin
*
date
Wed, 15 Jan 2020 20:36:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Wed, 15 Jan 2020 20:36:38 GMT
bootstrap.css
www.bleepstatic.com/css/redesign/ 		111 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/css/redesign/bootstrap.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e7c74d95df84ef3a6be5c4fcde54fae313a04a9bd611059e6a97a23ff09f26f

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:38 GMT
content-encoding
br
cf-cache-status
HIT
age
2717
cf-polished
origSize=137522
status
200
cf-bgj
minify
last-modified
Fri, 23 Sep 2016 14:33:06 GMT
server
cloudflare
etag
W/"2184297232"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
555aa49dad64e5f4-LHR
expires
Sat, 23 Mar 2019 05:29:58 GMT
main.css
www.bleepstatic.com/css/redesign/ 		51 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9e727b37a735a7983ea8bdad06a38b246261c239bb80b86cc0ff3663c910adb

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:38 GMT
content-encoding
br
cf-cache-status
HIT
age
2717
cf-polished
origSize=60842
status
200
cf-bgj
minify
last-modified
Thu, 16 Aug 2018 15:28:40 GMT
server
cloudflare
etag
W/"4249134023"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
555aa49dad66e5f4-LHR
expires
Tue, 12 Nov 2019 07:00:33 GMT
home.css
www.bleepstatic.com/css/redesign/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/css/redesign/home.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3498f138f5418bd58413e79e4c0969e618d6f2fee2d9d98c0f4e70a6cbd04ad

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:38 GMT
content-encoding
br
cf-cache-status
HIT
age
2061
cf-polished
origSize=14998
status
200
cf-bgj
minify
last-modified
Sat, 24 Mar 2018 16:18:00 GMT
server
cloudflare
etag
W/"2402535603"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
555aa49dad6ce5f4-LHR
expires
Thu, 28 Mar 2019 00:17:49 GMT
news.css
www.bleepstatic.com/css/redesign/ 		27 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/css/redesign/news.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d44b93a0af159f0d547d7ec89e9227a5667ce1171bc630e6fbf79dae0e596e2d

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:38 GMT
content-encoding
br
cf-cache-status
HIT
age
3750
cf-polished
origSize=32905
status
200
cf-bgj
minify
last-modified
Tue, 26 Nov 2019 02:56:16 GMT
server
cloudflare
etag
W/"400467278"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
555aa49dad6ee5f4-LHR
expires
Tue, 31 Dec 2019 03:31:34 GMT
jquery-1.11.1.min.js
www.bleepstatic.com/js/redesign/ 		94 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/jquery-1.11.1.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 23 Apr 2015 12:36:44 GMT
server
cloudflare
age
4556
etag
W/"3647451394"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
max-age=3024000
cf-ray
555aa49dad71e5f4-LHR
access-control-allow-origin
*
expires
Tue, 07 Jan 2020 05:59:39 GMT
news.js
www.bleepstatic.com/js/redesign/ 		183 B
533 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/news.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
827252be04765631f8ff21fee8ffe1028e27dfa52f62c08ef3182609a0a0e991

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:38 GMT
content-encoding
br
cf-cache-status
HIT
age
1280
cf-polished
origSize=247
status
200
cf-bgj
minify
last-modified
Wed, 16 Dec 2015 15:41:46 GMT
server
cloudflare
etag
W/"4218930423"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
555aa49dad72e5f4-LHR
expires
Thu, 19 Dec 2019 04:54:08 GMT
connatix.renderer.infeed.min.js
cdn.connatix.com/min/ 		956 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.connatix.com/min/connatix.renderer.infeed.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Varnish /
Resource Hash
1b85d63e25aadfa4bdc50188ef6385f450f7c9479136b6f581e9863f0005f253

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:38 GMT
via
1.1 varnish
server
Varnish
age
0
x-cache
HIT
content-type
application/javascript
status
200
x-referer-host
bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
x-cache-hits
0
accept-ranges
bytes
x-timer
S1579120599.688295,VS0,VE0
content-length
956
retry-after
0
x-served-by
cache-fra19165-FRA
qc-consent.js
www.bleepstatic.com/js/qc-consent/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/qc-consent/qc-consent.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b6a84a416edfb98ed7608dad8cd26ffd7123e54bce2bb13a4a3394e0b948382

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:38 GMT
content-encoding
br
cf-cache-status
HIT
age
5296
cf-polished
origSize=3848
status
200
cf-bgj
minify
last-modified
Thu, 07 Feb 2019 13:49:44 GMT
server
cloudflare
etag
W/"3981350888"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
555aa49ddde1e5f4-LHR
expires
Thu, 07 Nov 2019 07:15:12 GMT
js
www.googletagmanager.com/gtag/ 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-91740-1
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3bd0048dce1f98e12fff394727e4f0836cd8b6569b1ae4a9209ac78d54f355c0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:38 GMT
content-encoding
br
last-modified
Wed, 15 Jan 2020 19:21:03 GMT
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
27816
x-xss-protection
0
expires
Wed, 15 Jan 2020 20:36:38 GMT
logo.png
www.bleepstatic.com/images/site/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/logo.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
19db4a2cde712e2ceaac317e732b4ec40b62818a938a8bf8391ad68470845019

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:38 GMT
cf-cache-status
HIT
age
581747
cf-polished
origFmt=png, origSize=1882
status
200
content-disposition
inline; filename="logo.webp"
cf-bgj
imgq:85
content-length
1152
last-modified
Sat, 04 Mar 2017 04:12:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
555aa49e3ee8e5f4-LHR
expires
Sat, 08 Feb 2020 03:00:51 GMT
brand
cse.google.com/coop/cse/
Redirect Chain
  • https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en
  • https://cse.google.com/coop/cse/brand?form=cse-search-box&lang=en
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/coop/cse/brand?form=cse-search-box&lang=en
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
pfe /
Resource Hash
4eeb4df3522892ea2ec61de6a58e870e8262019f8e3c759c099450cefb589313
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:20:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
pfe
age
947
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, max-age=1800
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1181
x-xss-protection
0
expires
Wed, 15 Jan 2020 20:50:51 GMT

Redirect headers

date
Wed, 15 Jan 2020 20:36:38 GMT
x-content-type-options
nosniff
server
sffe
location
https://cse.google.com/coop/cse/brand?form=cse-search-box&lang=en
content-type
text/html; charset=UTF-8
status
302
cache-control
private
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
266
x-xss-protection
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		105 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
5df4a7370b55750f82801f9bd74f80667364473150d06c784e6bf8d991dbf887
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37834
x-xss-protection
0
server
cafe
etag
1852557911418968229
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 15 Jan 2020 20:36:38 GMT
twitter.png
www.bleepstatic.com/images/site/login/ 		282 B
674 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/login/twitter.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
67d86a29de7993fbd23b7dde2c4f26bdc434055c35a4b08c830c0d02fcfa6dd2

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:38 GMT
cf-cache-status
HIT
age
580860
cf-polished
origFmt=png, origSize=475
status
200
content-disposition
inline; filename="twitter.webp"
cf-bgj
imgq:85
content-length
282
last-modified
Sat, 04 Mar 2017 20:46:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
555aa49e3eebe5f4-LHR
expires
Sat, 08 Feb 2020 03:15:38 GMT
bootstrap.js
www.bleepstatic.com/js/redesign/ 		44 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/bootstrap.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5e0f326458e8b8ed839d42a0cf6892df80bf26d7dc7e4f8276a65c41582ab85

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:38 GMT
content-encoding
br
cf-cache-status
HIT
age
2717
cf-polished
origSize=65813
status
200
cf-bgj
minify
last-modified
Thu, 23 Apr 2015 12:36:43 GMT
server
cloudflare
etag
W/"3930092018"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
555aa49e3eede5f4-LHR
expires
Tue, 26 Mar 2019 04:15:43 GMT
blazy.min.js
www.bleepstatic.com/js/blazy/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/blazy/blazy.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f427d0f88a0698c955ff63bf13af4ca80c9b32f218b5e210847450da901a74f

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 16 Aug 2018 21:06:19 GMT
server
cloudflare
age
2717
etag
W/"753357888"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
max-age=3024000
cf-ray
555aa49dfe2ae5f4-LHR
access-control-allow-origin
*
expires
Wed, 01 Jan 2020 06:03:54 GMT
bleep.js
www.bleepstatic.com/js/redesign/ 		3 KB
761 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/bleep.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
22e977346d45bab9f531ce1132d7ecfbe8e46868eaea790a0d4dcd1d0649d74b

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:38 GMT
content-encoding
br
cf-cache-status
HIT
age
2717
cf-polished
origSize=3600
status
200
cf-bgj
minify
last-modified
Mon, 01 Oct 2018 12:47:57 GMT
server
cloudflare
etag
W/"2696894447"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
555aa49e3eeee5f4-LHR
expires
Wed, 01 Jan 2020 06:03:55 GMT
jquery.fancybox.js
www.bleepstatic.com/js/redesign/fancybox/ 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/fancybox/jquery.fancybox.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
31cd7d9398307ca2e6cfaa111bbe7b69d69cbaaed2ff74034412ebc5008671fd

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:38 GMT
content-encoding
br
cf-cache-status
HIT
age
1279
cf-polished
origSize=48706
status
200
cf-bgj
minify
last-modified
Wed, 14 Oct 2015 20:25:51 GMT
server
cloudflare
etag
W/"327140449"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
555aa49e3ef1e5f4-LHR
expires
Tue, 12 Nov 2019 07:00:33 GMT
fixto.min.js
www.bleepstatic.com/js/fixto/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/fixto/fixto.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d6d26827b887aa09b2a5eb7c001e35b93773e53c36ddbfc127ad824e0a6ba39

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 13 Jun 2015 21:34:42 GMT
server
cloudflare
age
1083
etag
W/"1740214911"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
max-age=3024000
cf-ray
555aa49e3ed5e5f4-LHR
access-control-allow-origin
*
expires
Thu, 19 Dec 2019 04:53:37 GMT
addthis_widget.js
s9.addthis.com/js/300/ 		349 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s9.addthis.com/js/300/addthis_widget.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-210-248-44.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
7c20e3e201e3d7c6821e907def1257deb544eb08578c7129b96d53bbf62d34e4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Wed, 30 Oct 2019 19:35:04 GMT
server
nginx/1.15.8
etag
"5db9e5e8-57446"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
status
200
cache-control
public, max-age=600
date
Wed, 15 Jan 2020 20:36:38 GMT
x-host
s9.addthis.com
content-length
114924
pubfig.min.js
a.pub.network/bleepingcomputer-com/ 		439 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:18b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
52900668f621c3ff471517147181fe444f8c6fc969307609ffeccf13ac51ddaf

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:38 GMT
content-encoding
br
cf-cache-status
HIT
age
11
status
200
x-guploader-uploadid
AEnB2UrFKa-eZ5LSFaom-UmiuYx__uhlw9fn8YuELwVaE1u4jOTyIeeS5TipEQWiKQXNwjw5n0YjnFjsyFv-bEDYvdz0fwRqNQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Thu, 09 Jan 2020 17:15:32 GMT
server
cloudflare
etag
W/"027416f9f302ef62f7911dba7786206b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=+O/7lQ==, md5=AnQW+fMC72L3kR26d4Ygaw==
content-type
application/javascript
x-goog-generation
1578590132411970
cache-control
public, max-age=1800
x-goog-stored-content-length
449381
cf-ray
555aa49e6832c277-FRA
expires
Wed, 15 Jan 2020 20:37:27 GMT
fab.js
ecdn.analysis.fi/static/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.analysis.fi/static/js/fab.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.79.175.86 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-178-79-175-86.london.nodebalancer.linode.com
Software
nginx/1.12.2 /
Resource Hash
affd87461f2babd57a2f7aec75e9193e8e71a377e8249a02c95a5f43326e289e

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Wed, 15 Jan 2020 20:39:24 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Jul 2015 00:00:00 GMT
Server
nginx/1.12.2
ETag
"55a5a280-560"
Content-Type
application/javascript
Cache-Control
max-age=3600
Connection
close
Content-Length
1376
Expires
Wed, 15 Jan 2020 21:39:24 GMT
login_bg.png
www.bleepstatic.com/images/site/ 		126 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/login_bg.png
Requested by
Host: cdn.connatix.com
URL: https://cdn.connatix.com/min/connatix.renderer.infeed.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
32e73e8e0eec3e6c1345d84e7ef091b90e71fb0045814043b34c914156235eb9

Request headers

Referer
https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:38 GMT
cf-cache-status
HIT
age
581230
cf-polished
origFmt=png, origSize=187
status
200
content-disposition
inline; filename="login_bg.webp"
cf-bgj
imgq:85
content-length
126
last-modified
Sat, 04 Mar 2017 20:46:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
555aa49e4f0ce5f4-LHR
expires
Sat, 08 Feb 2020 03:09:28 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: cdn.connatix.com
URL: https://cdn.connatix.com/min/connatix.renderer.infeed.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900
Origin
https://www.bleepingcomputer.com

Response headers

date
Thu, 09 Jan 2020 00:21:24 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
591314
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11016
x-xss-protection
0
expires
Fri, 08 Jan 2021 00:21:24 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: cdn.connatix.com
URL: https://cdn.connatix.com/min/connatix.renderer.infeed.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900
Origin
https://www.bleepingcomputer.com

Response headers

date
Fri, 22 Nov 2019 04:03:04 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
4725214
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11020
x-xss-protection
0
expires
Sat, 21 Nov 2020 04:03:04 GMT
connatix.renderer.infeed.min_dc.js
cdns.connatix.com/p/1838/min/ Frame 4B18 		720 KB
188 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdns.connatix.com/p/1838/min/connatix.renderer.infeed.min_dc.js
Requested by
Host: cdn.connatix.com
URL: https://cdn.connatix.com/min/connatix.renderer.infeed.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
454cbaa0c3d827d7d585b92bcdc36047aca5b95fc65b8bf44596fbcf8c57fa82

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:38 GMT
content-encoding
gzip
age
112169
x-cache
HIT, HIT
status
200
content-length
192023
via
1.1 varnish, 1.1 varnish
x-served-by
cache-dca17750-DCA, cache-fra19165-FRA
last-modified
Tue, 14 Jan 2020 13:24:24 GMT
x-timer
S1579120599.772777,VS0,VE0
etag
"14defb54629818d4c691037016dfbfb3"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31557600
accept-ranges
bytes
x-cache-hits
1, 7912
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
image/gif
cmp.js
quantcast.mgr.consensu.org/ 		222 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/cmp.js
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/qc-consent/qc-consent.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:2a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7ef52af34aeee37e2e6433fdec511d86fe9f9ab816d0c6fc3b2fc5e419c438c2

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:26:50 GMT
content-encoding
gzip
last-modified
Mon, 06 Jan 2020 20:13:43 GMT
server
AmazonS3
age
1791
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
status
200
x-amz-meta-qc-ineu
True
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
3rymGB7Ddu1jpzBVQ6dZHO490KEir_Tptd67c9tGAzosmuANhJ6aeA==
via
1.1 f0dda47e8f83bee88cb60d3d2e3fa5e5.cloudfront.net (CloudFront)
nav_bg.png
www.bleepstatic.com/images/site/ 		72 B
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/nav_bg.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/qc-consent/qc-consent.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab52a578c101a14bbc790f87f9a7400dda65469f23c6ce85c461e07cdf776460

Request headers

Referer
https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:38 GMT
cf-cache-status
HIT
age
590166
cf-polished
origFmt=png, origSize=83
status
200
content-disposition
inline; filename="nav_bg.webp"
cf-bgj
imgq:85
content-length
72
last-modified
Sat, 04 Mar 2017 07:57:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
555aa49e5f5fe5f4-LHR
expires
Sat, 08 Feb 2020 00:40:31 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.bleepingcomputer.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bleepingcomputer.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20200109/r20190131/ 		228 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20200109/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0a67b662b7b3cf3a2c1bdead4b64847269e8bb371f0938d3f6638fdce358d6e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
87163
x-xss-protection
0
server
cafe
etag
13268185871178553588
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Jan 2020 20:36:38 GMT
20x20-printer.png
www.bleepstatic.com/images/site/ 		422 B
698 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/20x20-printer.png
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b34676178982122b66b0a55d3ee411fa343b1d19a6c119c0c9b0ea2c892738a1

Request headers

Referer
https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:38 GMT
cf-cache-status
HIT
age
591358
cf-polished
origFmt=png, origSize=824
status
200
content-disposition
inline; filename="20x20-printer.webp"
cf-bgj
imgq:85
content-length
422
last-modified
Sat, 03 Oct 2015 03:18:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
555aa49e8ff6e5f4-LHR
expires
Sat, 08 Feb 2020 00:20:40 GMT
calendar.png
www.bleepstatic.com/images/site/ 		86 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/calendar.png
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
85ae9534729617e69eafa40195c7854697eb3d13b4205f3ee467e07c4af0a24b

Request headers

Referer
https://www.bleepstatic.com/css/redesign/news.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:38 GMT
cf-cache-status
HIT
age
581814
cf-polished
origFmt=png, origSize=129
status
200
content-disposition
inline; filename="calendar.webp"
cf-bgj
imgq:85
content-length
86
last-modified
Sat, 04 Mar 2017 20:46:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
555aa49e8ff9e5f4-LHR
expires
Sat, 08 Feb 2020 02:59:44 GMT
clock.png
www.bleepstatic.com/images/site/ 		252 B
561 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/clock.png
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
82c7fdbc4d001907e1e5d56cd335af3f0d48e0ffa7f0ad2aa3486ebb1123cb21

Request headers

Referer
https://www.bleepstatic.com/css/redesign/news.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:38 GMT
cf-cache-status
HIT
age
589917
cf-polished
origFmt=png, origSize=1316
status
200
content-disposition
inline; filename="clock.webp"
cf-bgj
imgq:85
content-length
252
last-modified
Fri, 29 May 2015 07:08:14 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
555aa49e8ffce5f4-LHR
expires
Sat, 08 Feb 2020 00:44:40 GMT
comment-light.png
www.bleepstatic.com/images/site/ 		96 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/comment-light.png
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfc8e65089dc5421d56ecc71a0328eafd4feb2a602503ae5c15bfa3189c02f7e

Request headers

Referer
https://www.bleepstatic.com/css/redesign/news.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:38 GMT
cf-cache-status
HIT
age
590657
cf-polished
origFmt=png, origSize=1034
status
200
content-disposition
inline; filename="comment-light.webp"
cf-bgj
imgq:85
content-length
96
last-modified
Fri, 29 May 2015 07:08:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
555aa49e8fffe5f4-LHR
expires
Sat, 08 Feb 2020 00:32:21 GMT
32x32-printer.png
www.bleepstatic.com/images/site/ 		256 B
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/32x32-printer.png
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
33eb81af8a0101c1ad2a210f322fb362ce1598e6e37f0a7ecc62d6ff39add590

Request headers

Referer
https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:38 GMT
cf-cache-status
HIT
age
590166
cf-polished
origFmt=png, origSize=618
status
200
content-disposition
inline; filename="32x32-printer.webp"
cf-bgj
imgq:85
content-length
256
last-modified
Fri, 02 Oct 2015 21:57:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
555aa49e8801e5f4-LHR
expires
Sat, 08 Feb 2020 00:40:32 GMT
21beb902b545b086a90ec39f1df36b94.jpg
www.bleepstatic.com/author/photos/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/author/photos/21beb902b545b086a90ec39f1df36b94.jpg
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
19e1dbba639ba68ceb71cdada9621e11d0aec6edba410971f1937d6cc4935b32

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:38 GMT
cf-cache-status
HIT
age
5546
cf-polished
origSize=7617, status=webp_bigger
status
200
cf-bgj
imgq:85
content-length
7581
last-modified
Mon, 26 Oct 2015 17:15:33 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
555aa49e8802e5f4-LHR
expires
Sun, 17 Mar 2019 04:29:34 GMT
h4-bg.png
www.bleepstatic.com/images/site/ 		38 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/h4-bg.png
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
942935ead42820e6c9184f099c77dde34fa4be70d395a17c47b5d7ad07967339

Request headers

Referer
https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:38 GMT
cf-cache-status
HIT
age
580513
cf-polished
origFmt=png, origSize=72
status
200
content-disposition
inline; filename="h4-bg.webp"
cf-bgj
imgq:85
content-length
38
last-modified
Sat, 04 Mar 2017 20:46:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
555aa49e8806e5f4-LHR
expires
Sat, 08 Feb 2020 03:21:25 GMT
news_email_icon.png
www.bleepstatic.com/images/site/ 		126 B
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/news_email_icon.png
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c42933014424dabb2256a0732a9f792559d26ba09a84308c278f52834522f9a

Request headers

Referer
https://www.bleepstatic.com/css/redesign/home.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:38 GMT
cf-cache-status
HIT
age
591207
cf-polished
origFmt=png, origSize=1105
status
200
content-disposition
inline; filename="news_email_icon.webp"
cf-bgj
imgq:85
content-length
126
last-modified
Fri, 29 May 2015 07:10:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
555aa49e9809e5f4-LHR
expires
Sat, 08 Feb 2020 00:23:10 GMT
news_footer_icon.png
www.bleepstatic.com/images/site/ 		110 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/news_footer_icon.png
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d020fa6036628dd1d6dbf760edc742273359e93119832249bdce332d05d6db4d

Request headers

Referer
https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:38 GMT
cf-cache-status
HIT
age
581753
cf-polished
origFmt=png, origSize=186
status
200
content-disposition
inline; filename="news_footer_icon.webp"
cf-bgj
imgq:85
content-length
110
last-modified
Sat, 04 Mar 2017 20:46:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
555aa49e980fe5f4-LHR
expires
Sat, 08 Feb 2020 03:00:45 GMT
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900
Origin
https://www.bleepingcomputer.com

Response headers

date
Tue, 14 Jan 2020 00:35:15 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:52 GMT
server
sffe
age
158483
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11180
x-xss-protection
0
expires
Wed, 13 Jan 2021 00:35:15 GMT
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900
Origin
https://www.bleepingcomputer.com

Response headers

date
Mon, 13 Jan 2020 20:02:32 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:48 GMT
server
sffe
age
174846
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11056
x-xss-protection
0
expires
Tue, 12 Jan 2021 20:02:32 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200109/r20190131/ Frame C2C5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20200109/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20200109/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Thu, 09 Jan 2020 15:53:03 GMT
expires
Thu, 23 Jan 2020 15:53:03 GMT
content-type
text/html; charset=UTF-8
etag
14586270735327668295
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
6570
x-xss-protection
0
cache-control
public, max-age=1209600
age
535415
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-91740-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
3503
date
Wed, 15 Jan 2020 19:38:15 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Wed, 15 Jan 2020 21:38:15 GMT
cyber-lock.jpg
www.bleepstatic.com/content/hl-images/2018/09/21/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/content/hl-images/2018/09/21/cyber-lock.jpg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f404a0e59fe8af5e24248a8bf3b6b347e705beeea87612e68b9db5c514fed10

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:39 GMT
cf-cache-status
REVALIDATED
cf-polished
qual=85, origFmt=jpeg, origSize=88591
status
200
content-disposition
inline; filename="cyber-lock.webp"
cf-bgj
imgq:85
content-length
43226
last-modified
Fri, 21 Sep 2018 16:53:21 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
555aa49f2a1be5f4-LHR
expires
Sat, 02 Nov 2019 07:21:57 GMT
292x176_Windows_7_3.jpg
www.bleepstatic.com/content/hl-images/2019/10/01/thumb/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/content/hl-images/2019/10/01/thumb/292x176_Windows_7_3.jpg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
638998a47bf176798ee15c8fe3863f0711477622c83758384c006a9f6497cadf

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:38 GMT
cf-cache-status
HIT
age
142449
cf-polished
qual=85, origFmt=jpeg, origSize=5759
status
200
content-disposition
inline; filename="292x176_Windows_7_3.webp"
cf-bgj
imgq:85
content-length
4510
last-modified
Tue, 01 Oct 2019 18:11:34 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
555aa49f2a1ce5f4-LHR
expires
Thu, 13 Feb 2020 05:02:29 GMT
292x176_Ryuk.png
www.bleepstatic.com/content/hl-images/2018/08/21/thumb/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/content/hl-images/2018/08/21/thumb/292x176_Ryuk.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d799b60a229931b91833821a80c5a2e372254ba46e1f91ad91e65916572c8eff

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:38 GMT
cf-cache-status
HIT
age
55546
cf-polished
origFmt=png, origSize=66475
status
200
content-disposition
inline; filename="292x176_Ryuk.webp"
cf-bgj
imgq:85
content-length
54360
last-modified
Tue, 21 Aug 2018 09:47:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
555aa49f2a1fe5f4-LHR
expires
Fri, 14 Feb 2020 05:10:51 GMT
cmp-3pc-check.html
static.quantcast.mgr.consensu.org/v28/ Frame 2ED2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://static.quantcast.mgr.consensu.org/v28/cmp-3pc-check.html
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:d600:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

:method
GET
:authority
static.quantcast.mgr.consensu.org
:scheme
https
:path
/v28/cmp-3pc-check.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/

Response headers

status
200
content-type
text/html
content-length
583
last-modified
Mon, 06 Jan 2020 20:13:38 GMT
x-amz-server-side-encryption
AES256
accept-ranges
bytes
server
AmazonS3
date
Wed, 15 Jan 2020 20:32:48 GMT
etag
"2382c3f01978a379e8fa8bc1a3bec605"
x-cache
Hit from cloudfront
via
1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
_AFAQSk7uFJlk42aZtA2xla76FxbRaZ8hDYv38Gsev_V_a8-Nqdtxg==
age
401
favicon.ico
ad.doubleclick.net/ 		1 KB
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.205.230 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s24-in-f230.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 13:20:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26142
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Thu, 16 Jan 2020 13:20:56 GMT
g
ck.connatix.com/ 		46 B
235 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ck.connatix.com/g?callback=cnxJSONP_8d2b11677f9b8d3990a11579120598927
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1838/min/connatix.renderer.infeed.min_dc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Varnish /
Resource Hash
1d52799116d97ec452c48375e00ff6dadd9e91e5fd5f65db91b5a8f3ecefb543

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:39 GMT
via
1.1 varnish
server
Varnish
age
0
x-cache
HIT
status
200
cache-control
no-cache, no-store, must-revalidate, max-age=0
x-cache-hits
0
accept-ranges
bytes
x-timer
S1579120599.012484,VS0,VE0
content-length
46
retry-after
0
x-served-by
cache-hhn4060-HHN
cookie
d.pub.network/ 		36 B
472 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/cookie
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.71.214 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
214.71.188.35.bc.googleusercontent.com
Software
/
Resource Hash
5d4244a8cdc5f524c32d767db95769532199a5d9c5ddf83d25fcbcc4291bd6eb

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Wed, 15 Jan 2020 20:36:39 GMT
Access-Control-Allow-Credentials
true
Content-Length
36
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain;charset=utf-8
gpt.js
www.googletagservices.com/tag/js/ 		52 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
178edd66897f4d3163320b39fd9575b7d23be3e8aab4cbe878a5846933eda49a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"399 / 789 of 1000 / last-modified: 1578960733"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15923
x-xss-protection
0
expires
Wed, 15 Jan 2020 20:36:38 GMT
gallery.js
freestar-io.videoplayerhub.com/ 		67 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://freestar-io.videoplayerhub.com/gallery.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.78.58 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-225-78-58.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4f6913616c498c0c9723d57e9e73e0569539b0c9c9b642dfb62876a82ed52e5e

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-amz-version-id
YxXkPdtiQCbkaw6mP_yLRAWQc8krK97G
Content-Encoding
gzip
Last-Modified
Mon, 13 Jan 2020 20:56:49 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA2-C2
Date
Wed, 15 Jan 2020 20:36:39 GMT
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront)
Transfer-Encoding
chunked
Connection
keep-alive
X-Amz-Cf-Id
rCCz5qDsE0f3HS_WMUGQeh5vhv2E1kxXYTlB4xIZQt-uawFxX6VrwA==
prebid-analytics-2.44.1.js
a.pub.network/core/ 		407 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/prebid-analytics-2.44.1.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:18b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef882b02261b9ba0eaed427e1ad813023a6320cbbdfcc42286f67c25f1704998

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:39 GMT
content-encoding
br
cf-cache-status
BYPASS
status
200
x-guploader-uploadid
AEnB2UrRs1gw1Ezz4BfTDfpNj0JTyeSSjK2rzfpHXYfT0latBX7rvfHFxsgzzhrzB5gvYhaVwjZpVXa6ZXDRnTjDqAUX9e_1OQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
last-modified
Tue, 07 Jan 2020 17:48:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=2lR/Hg==, md5=1gNT24ytv9pAXzN4zs5REA==
content-type
text/html
x-goog-generation
1578419312675785
cache-control
private
x-goog-stored-content-length
416605
cf-ray
555aa49fbcb3c277-FRA
expires
Thu, 14 Jan 2021 20:36:39 GMT
location
d.pub.network/ 		25 B
472 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/location
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.71.214 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
214.71.188.35.bc.googleusercontent.com
Software
/
Resource Hash
d4f4e80186d140ba296b429fd8f894ec2aef24bb2d5568032afe95b21878bfb8

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Wed, 15 Jan 2020 20:36:42 GMT
Access-Control-Allow-Credentials
true
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding
chunked
Content-Type
application/json
collect
www.google-analytics.com/r/ 		35 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=494904638&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fako-ransomware-another-day-another-infection-attacking-businesses%2F&ul=en-us&de=UTF-8&dt=Ako%20Ransomware%3A%20Another%20Day%2C%20Another%20Infection%20Attacking%20Businesses&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=924651828&gjid=1809768067&cid=951501729.1579120599&tid=UA-91740-1&_gid=987177626.1579120599&_r=1&gtm=2ou181&z=1655997817
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Jan 2020 20:36:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
jquery.fancybox.css
www.bleepstatic.com/js/redesign/fancybox/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/fancybox/jquery.fancybox.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e86593083facba2710a2312f26bd7b436d7ef299f99cbc2ccc1b32693ec3144

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:39 GMT
content-encoding
br
cf-cache-status
HIT
age
1473
cf-polished
origSize=4895
status
200
cf-bgj
minify
last-modified
Wed, 14 Oct 2015 20:25:51 GMT
server
cloudflare
etag
W/"9108074"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
555aa4a02d3ee5f4-LHR
expires
Tue, 12 Nov 2019 07:00:27 GMT
font-awesome.css
www.bleepstatic.com/css/redesign/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/css/redesign/font-awesome.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8733e2183f16906b2fa2e58fdab82cf336f249ab71ac1b184470da2dd3c6e29f

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:39 GMT
content-encoding
br
cf-cache-status
HIT
age
2879
cf-polished
origSize=26776
status
200
cf-bgj
minify
last-modified
Tue, 03 May 2016 04:39:29 GMT
server
cloudflare
etag
W/"1700274315"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
555aa4a02d42e5f4-LHR
expires
Thu, 07 Nov 2019 07:15:15 GMT
cmpui-popup.js
static.quantcast.mgr.consensu.org/v28/ 		229 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.quantcast.mgr.consensu.org/v28/cmpui-popup.js
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:d600:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01c00d59c63921b2fe1e39ba741be020fd873448b7cd65507dd4caa7a557dfa9

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:28:37 GMT
content-encoding
gzip
last-modified
Mon, 06 Jan 2020 20:13:37 GMT
server
AmazonS3
age
1263
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
status
200
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
F_ipeHf79dXO6RJO8bqifVAqqPk3ZdJ4n7BMnV8TT8bEbKFleW2vRA==
via
1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
pubads_impl_2020010202.js
securepubads.g.doubleclick.net/gpt/ 		166 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020010202.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
sffe /
Resource Hash
c44e880e262193fc7eda94d6c918a14944c0f98419da7152a701035ab3ee1aea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 08 Jan 2020 21:05:10 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
61825
x-xss-protection
0
expires
Wed, 15 Jan 2020 20:36:39 GMT
moatframe.js
z.moatads.com/addthismoatframe568911941483/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-210-250-213.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Wed, 15 Jan 2020 20:36:39 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Nov 2019 20:13:52 GMT
Server
AmazonS3
x-amz-request-id
D5503D14AA2F06AA
ETag
"f14b4e1f799b14f798a195f43cf58376"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=52383
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
948
x-amz-id-2
JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=
_ate.track.config_resp
v1.addthisedge.com/live/boost/ra-561517d2c7f964d6/ 		2 KB
924 B 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.addthisedge.com/live/boost/ra-561517d2c7f964d6/_ate.track.config_resp
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-210-248-44.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.8.v20180619) /
Resource Hash
5fe405e64b42b49a5813c2c7b8e48ccf290310c5eb351d2b15966856d1a2f06e

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:39 GMT
content-encoding
gzip
surrogate-key
ra-561517d2c7f964d6
server
Jetty(9.4.8.v20180619)
etag
-1808207170--gzip
vary
Accept-Encoding
cache-tag
ra-561517d2c7f964d6
status
200
cache-control
public, max-age=55, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-type
application/javascript;charset=utf-8
content-length
678
pls
core.connatix.com/ Frame 4B18 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://core.connatix.com/pls?callback=jQuery32105318661044463651_1579120598924&token=83c6e833-8c07-474c-b10f-079d46320a80&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fako-ransomware-another-day-another-infection-attacking-businesses%2F&c_v=1838_0_0_0_0&page_guid=5323e5bc870475fe8da41579120599095&spp=1&_=1579120598925
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1838/min/connatix.renderer.infeed.min_dc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.131.34 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-236-131-34.compute-1.amazonaws.com
Software
nginx/1.15.9 (Ubuntu) /
Resource Hash
dab5d79e190f4869eed0fc4c6ac7f59b0aa0780c92a93d6f0dd60e077c75c20d

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status
200
date
Wed, 15 Jan 2020 20:36:39 GMT
content-encoding
gzip
server
nginx/1.15.9 (Ubuntu)
access-control-allow-origin
*
vendorlist.json
vendorlist.consensu.org/ 		93 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vendorlist.consensu.org/vendorlist.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:b000:1:af78:4c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5ae3aa45dddd81d388fdb378ff250b27e08506f3a880277f017429e5e2f2b099

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com

Response headers

date
Thu, 09 Jan 2020 16:10:21 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
534379
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
*
last-modified
Thu, 09 Jan 2020 16:00:34 GMT
server
AmazonS3
access-control-max-age
604800
access-control-allow-methods
GET
x-amz-version-id
_jbBwCAI54NCPDNDbGmA7NHbPXq55.qL
via
1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
FRA50-C1
content-type
application/json; charset=utf-8
x-amz-cf-id
qoqvSMw_s71WysHcPVndV9YabnUVzu9giDpDKGupNDr1L2wOa_DZmQ==
fontawesome-webfont.woff
www.bleepstatic.com/fonts/ 		64 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/fonts/fontawesome-webfont.woff?v=4.2.0
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.bleepstatic.com/css/redesign/font-awesome.css
Origin
https://www.bleepingcomputer.com

Response headers

date
Wed, 15 Jan 2020 20:36:39 GMT
cf-cache-status
HIT
last-modified
Thu, 23 Apr 2015 09:36:00 GMT
server
cloudflare
age
1853
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
status
200
accept-ranges
bytes
cf-ray
555aa4a0cc42f41f-LHR
access-control-allow-origin
*
content-length
65452
CookieAccess
api.quantcast.mgr.consensu.org/ 		30 B
596 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.quantcast.mgr.consensu.org/CookieAccess
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.78.52 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-225-78-52.fra2.r.cloudfront.net
Software
/
Resource Hash
5a4061ff8312e2ad494bd984b7df966438232be64a3b284ab69f66c6705009a6

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com

Response headers

date
Wed, 15 Jan 2020 20:36:39 GMT
content-encoding
gzip
x-amz-cf-pop
FRA2-C2
x-amzn-requestid
05620ee7-002d-43d8-976c-f8c0d9236535
x-cache
Error from cloudfront
status
404
x-amz-apigw-id
GW-ppFrooAMF16g=
content-length
50
access-control-allow-origin
https://www.bleepingcomputer.com
x-amzn-trace-id
Root=1-5e1f77d7-48123c7229414fac09017458;Sampled=0
vary
Origin
access-control-allow-methods
GET, POST
content-type
application/json
via
1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
x-amz-cf-id
W2jPEevHeIYZE-pErqKZy5cTlMgNMZuP3hkgSClKx5hCMOxNWtiaLg==
beacon.js
ad-delivery.net/ 		1 KB
988 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad-delivery.net/beacon.js
Requested by
Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.78.17 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-225-78-17.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7e94fbebf526effec4239c82e5435a412d81ffc4bc9bddf13f9aa1170f6d803e

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
last-modified
Tue, 31 Jan 2017 15:06:54 GMT
server
AmazonS3
age
439
date
Wed, 15 Jan 2020 20:29:26 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=3600
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
tlubQgUUBJTmIPY6f2128cQ_hTUEuwzYYLdWGj5QyIYQ9iKFpUAxvQ==
via
1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=GrVComq83JzCSLK1pi9waoyR&bidId=5965d95d839c8b&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.44.0&strVersion=3.1.0&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.44.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.239.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-28-239-79.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Wed, 15 Jan 2020 20:36:39 GMT
access-control-allow-credentials
true
access-control-allow-origin
https://www.bleepingcomputer.com
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=wDH8n844o8J5LF7qDwHQ7sj5&bidId=6f4abcb587b40e&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.44.0&strVersion=3.1.0&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.44.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.239.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-28-239-79.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Wed, 15 Jan 2020 20:36:39 GMT
access-control-allow-credentials
true
access-control-allow-origin
https://www.bleepingcomputer.com
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=L7rKdgz52e7UZ4fMkwkYmaxf&bidId=7e9b163168e19a&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.44.0&strVersion=3.1.0&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.44.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.239.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-28-239-79.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Wed, 15 Jan 2020 20:36:39 GMT
access-control-allow-credentials
true
access-control-allow-origin
https://www.bleepingcomputer.com
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=GrVComq83JzCSLK1pi9waoyR&bidId=83a40184eb57d6&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.44.0&strVersion=3.1.0&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.44.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.239.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-28-239-79.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Wed, 15 Jan 2020 20:36:39 GMT
access-control-allow-credentials
true
access-control-allow-origin
https://www.bleepingcomputer.com
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=wDH8n844o8J5LF7qDwHQ7sj5&bidId=9f79a8848d735c&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.44.0&strVersion=3.1.0&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.44.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.239.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-28-239-79.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Wed, 15 Jan 2020 20:36:39 GMT
access-control-allow-credentials
true
access-control-allow-origin
https://www.bleepingcomputer.com
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=L7rKdgz52e7UZ4fMkwkYmaxf&bidId=10d51d76318f01c&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.44.0&strVersion=3.1.0&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.44.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.239.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-28-239-79.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Wed, 15 Jan 2020 20:36:39 GMT
access-control-allow-credentials
true
access-control-allow-origin
https://www.bleepingcomputer.com
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=DSthphoQqH66AkQXPDoXn74b&bidId=113bb45832676e7&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.44.0&strVersion=3.1.0&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.44.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.239.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-28-239-79.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Wed, 15 Jan 2020 20:36:39 GMT
access-control-allow-credentials
true
access-control-allow-origin
https://www.bleepingcomputer.com
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=Y2PwNBba8FyKXESSc72DFF25&bidId=12191ef3ef6f556&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.44.0&strVersion=3.1.0&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.44.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.239.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-28-239-79.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Wed, 15 Jan 2020 20:36:39 GMT
access-control-allow-credentials
true
access-control-allow-origin
https://www.bleepingcomputer.com
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=Kwm6ycRx3Uk3CYRoM3xEqtjr&bidId=135ca99afc0640e&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.44.0&strVersion=3.1.0&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.44.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.239.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-28-239-79.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Wed, 15 Jan 2020 20:36:39 GMT
access-control-allow-credentials
true
access-control-allow-origin
https://www.bleepingcomputer.com
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=DSthphoQqH66AkQXPDoXn74b&bidId=149b3ec5bd131cc&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.44.0&strVersion=3.1.0&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.44.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.239.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-28-239-79.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Wed, 15 Jan 2020 20:36:39 GMT
access-control-allow-credentials
true
access-control-allow-origin
https://www.bleepingcomputer.com
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=Y2PwNBba8FyKXESSc72DFF25&bidId=154a83a11a293b6&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.44.0&strVersion=3.1.0&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.44.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.239.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-28-239-79.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Wed, 15 Jan 2020 20:36:39 GMT
access-control-allow-credentials
true
access-control-allow-origin
https://www.bleepingcomputer.com
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=Kwm6ycRx3Uk3CYRoM3xEqtjr&bidId=167c42b15bff7a6&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.44.0&strVersion=3.1.0&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.44.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.239.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-28-239-79.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Wed, 15 Jan 2020 20:36:39 GMT
access-control-allow-credentials
true
access-control-allow-origin
https://www.bleepingcomputer.com
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=GrVComq83JzCSLK1pi9waoyR&bidId=17377632036e727&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.44.0&strVersion=3.1.0&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.44.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.239.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-28-239-79.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Wed, 15 Jan 2020 20:36:39 GMT
access-control-allow-credentials
true
access-control-allow-origin
https://www.bleepingcomputer.com
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=Ggh1aXSgpQAvBpkxoyAsBJPd&bidId=18e996974544631&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.44.0&strVersion=3.1.0&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.44.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.239.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-28-239-79.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Wed, 15 Jan 2020 20:36:39 GMT
access-control-allow-credentials
true
access-control-allow-origin
https://www.bleepingcomputer.com
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=DSthphoQqH66AkQXPDoXn74b&bidId=19724cd3595832a&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.44.0&strVersion=3.1.0&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.44.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.239.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-28-239-79.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Wed, 15 Jan 2020 20:36:39 GMT
access-control-allow-credentials
true
access-control-allow-origin
https://www.bleepingcomputer.com
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=Y2PwNBba8FyKXESSc72DFF25&bidId=20866c803b6d13a&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.44.0&strVersion=3.1.0&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.44.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.239.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-28-239-79.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Wed, 15 Jan 2020 20:36:39 GMT
access-control-allow-credentials
true
access-control-allow-origin
https://www.bleepingcomputer.com
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=Kwm6ycRx3Uk3CYRoM3xEqtjr&bidId=2168d4bd39e928d&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.44.0&strVersion=3.1.0&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.44.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.239.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-28-239-79.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Wed, 15 Jan 2020 20:36:39 GMT
access-control-allow-credentials
true
access-control-allow-origin
https://www.bleepingcomputer.com
vary
Origin
cygnus
as-sec.casalemedia.com/ 		25 B
998 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?s=393562&v=7.2&r=%7B%22id%22%3A%222253b0917a11b67%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2223d5a115dd8a487%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2224d7ce7ca3bf767%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2225f8aaa7f58b9f1%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22262a2eda0a942da%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%222776a33b484e5ff%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2228c1fb973aecb04%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2229090e897cacfd2%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2230cf07820fe5f06%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%223112d88fa9a3cfd%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2232c7b0fe34df3af%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2233e3c3786d56c6e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22349eb413758f0e5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22353ffa92851b8e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fako-ransomware-another-day-another-infection-attacking-businesses%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.44.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0b2fbf0423f41b0992b882dd33877c72f3cbe8123cac4db0cb0849f0b6f92430

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 15 Jan 2020 20:36:39 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
45
Expires
Wed, 15 Jan 2020 20:36:39 GMT
prebid
ib.adnxs.com/ut/v3/ 		723 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.44.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.100 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
373.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
741bd6697fb44347279e0af6133110dfdfa0f7136f1cfef556882856bab41580
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 15 Jan 2020 20:36:41 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
77.243.177.40; 77.243.177.40; 373.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.21:80
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
17755d54-595f-4263-abdb-68b879bd303a
Server
nginx/1.13.4
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
577 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=2.44.0&referrer=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fako-ransomware-another-day-another-infection-attacking-businesses%2F&tmax=1200
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.44.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.208.172 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-29-208-172.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 15 Jan 2020 20:36:39 GMT
status
200
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		711 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.44.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.100 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
373.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
74fcececa7a265a5951e21d93a5c856ac634848506647d47f9afbc2adcb92ace
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 15 Jan 2020 20:36:41 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
77.243.177.40; 77.243.177.40; 373.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.234:80
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
211c7c4e-e408-41c7-b39c-6e028f4cf113
Server
nginx/1.13.4
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
122 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.44.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Wed, 15 Jan 2020 20:36:39 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://www.bleepingcomputer.com
v1
dmx.districtm.io/b/ 		0
39 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.44.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 15 Jan 2020 20:36:39 GMT
cf-cache-status
DYNAMIC
server
cloudflare
status
204
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, Accept-Encoding
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
555aa4a22f226b4d-LHR
access-control-allow-headers
origin, content-type
v1
dmx.districtm.io/b/ 		0
446 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.44.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 15 Jan 2020 20:36:39 GMT
cf-cache-status
DYNAMIC
server
cloudflare
status
204
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, Accept-Encoding
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
555aa4a22f236b4d-LHR
access-control-allow-headers
origin, content-type
fastlane.json
fastlane.rubiconproject.com/a/api/ 		263 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!freestar.io,535,1,,,&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fako-ransomware-another-day-another-infection-attacking-businesses%2F&tk_flint=pbjs_lite_v2.44.0&x_source.tid=cf8b3052-b1ca-425c-bfb9-11fcffe71f8e&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.8115870113568984
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.44.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.71 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
f3f2e26fc8d0b0bbf319d9a6f922c4257fa0f1d16b91f74554132cf4bc62e0eb

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 15 Jan 2020 20:36:39 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=215
Content-Length
263
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		263 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!freestar.io,535,1,,,&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fako-ransomware-another-day-another-infection-attacking-businesses%2F&tk_flint=pbjs_lite_v2.44.0&x_source.tid=1ef95399-9cdb-468f-984b-39619cbcc54f&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.6250496859069088
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.44.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.71 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
bd1c350ff041a3ab0f095cd4324727b477d8a987818d2f9593dc0a2ba6988ab1

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 15 Jan 2020 20:36:39 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=401
Content-Length
263
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		261 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=15&alt_size_ids=10&rp_schain=1.0,1!freestar.io,535,1,,,&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fako-ransomware-another-day-another-infection-attacking-businesses%2F&tk_flint=pbjs_lite_v2.44.0&x_source.tid=7ce9ee9d-f270-418f-a059-c2cb312e8428&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.503120891305763
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.44.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.71 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
4208c6995eaebe4feca975976d81a5841f05a398640025cbef8771b92ad4756c

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 15 Jan 2020 20:36:39 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=233
Content-Length
261
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		261 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=15&alt_size_ids=10&rp_schain=1.0,1!freestar.io,535,1,,,&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fako-ransomware-another-day-another-infection-attacking-businesses%2F&tk_flint=pbjs_lite_v2.44.0&x_source.tid=a476e2bf-49f5-44d5-81c8-78fe31df6144&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.5053395785257158
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.44.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.71 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
eeff201b07eeaea59bf99b1b53f0f91ca7bbc88dceb35a96639e54a4704e67c0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 15 Jan 2020 20:36:39 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=377
Content-Length
261
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		240 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=2&rp_schain=1.0,1!freestar.io,535,1,,,&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fako-ransomware-another-day-another-infection-attacking-businesses%2F&tk_flint=pbjs_lite_v2.44.0&x_source.tid=141a0e40-db31-4afd-85de-0d4d9b35676c&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.3482042964069674
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.44.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.71 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
5071118f02a99dc4a5e7d4a80a3922d5282a77763ed1db3dec87a1ccc8e548c8

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 15 Jan 2020 20:36:39 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=353
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		261 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=15&alt_size_ids=10&rp_schain=1.0,1!freestar.io,535,1,,,&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fako-ransomware-another-day-another-infection-attacking-businesses%2F&tk_flint=pbjs_lite_v2.44.0&x_source.tid=d10e19ec-a590-4db6-ae22-e8319d17f3c5&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.24160157407448013
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.44.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.71 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
2950e6412113dcfd949a5d6999756b58c5c6c41a479ab06f317cc8dfa464d5cc

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 15 Jan 2020 20:36:39 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=2
Content-Length
261
Expires
Wed, 17 Sep 1975 21:32:10 GMT
config.js
confiant-integrations.global.ssl.fastly.net/d5CEaYYEzMwqV3dGpQ3IFjCM27s/gpt_and_prebid/ 		174 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/d5CEaYYEzMwqV3dGpQ3IFjCM27s/gpt_and_prebid/config.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c0b559eb6901ba9ccc4a76dabfec74c024243c9d081edcdc74161988e11d0636

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Wed, 15 Jan 2020 20:36:39 GMT
Content-Encoding
gzip
Age
1005
X-Cache
HIT
Connection
keep-alive
Content-Length
35576
x-amz-id-2
i9YQFa96EZ+NYswh1Solqe3sIIZ4PQ3m0VYu1rYOozQG7VvLJubLEgn4e/TBwGwy9UWYxYVtn9M=
X-Served-By
cache-fra19135-FRA
Last-Modified
Wed, 15 Jan 2020 20:09:30 GMT
Server
AmazonS3
X-Timer
S1579120599.420056,VS0,VE0
ETag
"1a3a9c311892c9d1623d8d8ec1b45570"
x-amz-request-id
F676AA0C403CCB32
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
19
v2
d.pub.network/floors/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/floors/v2?key=535desktop
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.71.214 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
214.71.188.35.bc.googleusercontent.com
Software
/
Resource Hash
2101b4a56ea0239133dbd7169e3b0aed1a2306fd4edc810e2e619cd2eb4f963b

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Wed, 15 Jan 2020 20:36:39 GMT
Access-Control-Allow-Credentials
true
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding
chunked
Content-Type
application/json
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
87562d3773ffab3d0716a70faa73c38b322fde3b8f265c3d646a3cea976ef67e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		715 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
image/png
g
rtb.connatix.com/ 		180 B
345 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb.connatix.com/g?c_pw=834&c_ph=469&c_tk=414C33DE-F293-46CF-ABF8-135274D262E2&c_bu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fako-ransomware-another-day-another-infection-attacking-businesses%2F&c_ivt=0&connatix_sess=wp9DFi6yNmh_br8-aAmKdH2bkMvlc0PbvoRo3x32BJLftYX4SDouY3-99ij7QI8YfvRE2eGKuyHflGp5GQu2xLRKCMiofykT8U0wLVlKcM96BuflwirG6jbX6R4RN7T61_kXID_hZR0eDnTYJGXFBKK55CKXukYcufqumA0siIown29Gwb37b9gxBFhC6oJH&notServed=false&xplr=false&c_s=false&c_pl=i6d0BBRHRs2GJtDZ1Ga_5dtqtdxdcg4f8UHt4gMkTiSgVOeEUagwSJvYbOdvJG_6sSkfilDxjzwgZpgB9OmHqF1M3Lm6aQldkp-a0H4AHZ9bTK_Fxhp8hXzgFnkHAYF2zi1Qe2i9ZDNlo7-Lc9cglYJ3EYWrUTsiDKvXBSQ6kajQzfkCoKLyxpWYfIlG2SlHlyXbQwlnl9sQ2tIMEpzVoEGb5iKReM81bNVtn0PaCR-8zp9NsNlIQyZfe0gvSJIvfn8mmUZCBjdgQ28VhqNqHg&gdpr=1&is_ccpa_b=false&med_id=639404&req_no=0&v=1&c_pt=1&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fako-ransomware-another-day-another-infection-attackin&c_v=1838_0_0_0_0&spp=1&callback=cnxJSONP_f8d95c7ae627661035eb1579120599457
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1838/min/connatix.renderer.infeed.min_dc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.206.137 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-209-206-137.compute-1.amazonaws.com
Software
nginx/1.15.9 (Ubuntu) /
Resource Hash
f37a5e8a01e3319514b058c768158f79f3a15a34feafe5ab56f7beb22a574c68

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 15 Jan 2020 20:36:39 GMT
Content-Encoding
gzip
Server
nginx/1.15.9 (Ubuntu)
Connection
keep-alive
Content-Length
157
367.jpg
i.connatix.com/s3/connatix-uploads/af391ba1-47b0-4ff1-87cb-08a6df11845f/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.connatix.com/s3/connatix-uploads/af391ba1-47b0-4ff1-87cb-08a6df11845f/367.jpg?mode=stretch&connatiximg=true&scale=both&height=469&width=834
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
6b35928516166cd82f6719b7a80d63235675b3da67caa07eee94bf78e963073e

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:39 GMT
via
1.1 varnish, 1.1 varnish
age
71870
x-cache
HIT, HIT
content-type
image/jpeg
status
200
cache-control
max-age=31557600
x-cache-hits
1, 1
accept-ranges
bytes
x-timer
S1579120599.493505,VS0,VE1
access-control-allow-origin
*
content-length
38274
x-served-by
cache-sjc10025-SJC, cache-hhn4060-HHN
1.jpg
i.connatix.com/s3/connatix-uploads/585ad60d-5d24-45fc-a67f-b5520b88bf3e/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.connatix.com/s3/connatix-uploads/585ad60d-5d24-45fc-a67f-b5520b88bf3e/1.jpg?mode=crop&width=1001&height=563
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
dc4901c98d2d148275ee34fe6296023ea75accf23b6a3db2bfeca52896333162

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:39 GMT
via
1.1 varnish, 1.1 varnish
age
71869
x-cache
HIT, HIT
content-type
image/jpeg
status
200
cache-control
max-age=31557600
x-cache-hits
1, 1
accept-ranges
bytes
x-timer
S1579120599.493481,VS0,VE1
access-control-allow-origin
*
content-length
55418
x-served-by
cache-sjc10045-SJC, cache-hhn4060-HHN
1.jpg
i.connatix.com/s3/connatix-uploads/e75c25f2-3237-485f-b617-30b947aaee45/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.connatix.com/s3/connatix-uploads/e75c25f2-3237-485f-b617-30b947aaee45/1.jpg?mode=crop&width=1001&height=563
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
9cd23d2af62ed19e4325d8cacdb63479c1ed79321265111c33fd8c72f5f4751a

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:39 GMT
via
1.1 varnish, 1.1 varnish
age
71871
x-cache
HIT, HIT
content-type
image/jpeg
status
200
cache-control
max-age=31557600
x-cache-hits
1, 1
accept-ranges
bytes
x-timer
S1579120599.493452,VS0,VE1
access-control-allow-origin
*
content-length
44105
x-served-by
cache-sjc10047-SJC, cache-hhn4060-HHN
1.jpg
i.connatix.com/s3/connatix-uploads/be29aa36-4c9c-4caa-9146-3d54408539bc/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.connatix.com/s3/connatix-uploads/be29aa36-4c9c-4caa-9146-3d54408539bc/1.jpg?mode=crop&width=1001&height=563
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
a4f56acb6735053bff683bacc809f33b3e1ceb335ad73ecc541c8eb45497932a

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:39 GMT
via
1.1 varnish, 1.1 varnish
age
71871
x-cache
HIT, HIT
content-type
image/jpeg
status
200
cache-control
max-age=31557600
x-cache-hits
8, 1
accept-ranges
bytes
x-timer
S1579120599.493465,VS0,VE1
access-control-allow-origin
*
content-length
33408
x-served-by
cache-sjc10042-SJC, cache-hhn4060-HHN
1.jpg
i.connatix.com/s3/connatix-uploads/bb024be1-604d-4f9a-9d5f-cb478e5251c9/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.connatix.com/s3/connatix-uploads/bb024be1-604d-4f9a-9d5f-cb478e5251c9/1.jpg?mode=crop&width=1001&height=563
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
c80e699ee89e586e9cbfe11a3216be0b3f490bead83aeace4c5b3953c60f9a33

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:39 GMT
via
1.1 varnish, 1.1 varnish
age
71870
x-cache
HIT, HIT
content-type
image/jpeg
status
200
cache-control
max-age=31557600
x-cache-hits
1, 1
accept-ranges
bytes
x-timer
S1579120599.493435,VS0,VE1
access-control-allow-origin
*
content-length
29580
x-served-by
cache-sjc10040-SJC, cache-hhn4060-HHN
1.jpg
i.connatix.com/s3/connatix-uploads/32a7dd3f-ca08-4e0e-a4fc-a1835b07bd87/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.connatix.com/s3/connatix-uploads/32a7dd3f-ca08-4e0e-a4fc-a1835b07bd87/1.jpg?mode=crop&width=1001&height=563
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
6124b7c59aadae279e1f0ecb561ed9b0c4fe22cb31c32c8c934e5423887c5426

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:39 GMT
via
1.1 varnish, 1.1 varnish
age
71871
x-cache
HIT, HIT
content-type
image/jpeg
status
200
cache-control
max-age=31557600
x-cache-hits
1, 1
accept-ranges
bytes
x-timer
S1579120599.493427,VS0,VE1
access-control-allow-origin
*
content-length
14012
x-served-by
cache-sjc10047-SJC, cache-hhn4060-HHN
bleeping-computerlogo-lg.png
www.bleepstatic.com/logos/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/logos/bleeping-computerlogo-lg.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a56e644a617b2d1e4e7d808dfc334a7ea8622979f22999dc9eccd21c61958b3

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:39 GMT
cf-cache-status
HIT
age
581223
cf-polished
origFmt=png, origSize=15281
status
200
content-disposition
inline; filename="bleeping-computerlogo-lg.webp"
cf-bgj
imgq:85
content-length
7156
last-modified
Wed, 07 Jan 2015 22:52:15 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
555aa4a2ad2de5f4-LHR
expires
Sat, 08 Feb 2020 03:09:35 GMT
0_th_1.jpg
i.connatix.com/s3/connatix-videos/af391ba1-47b0-4ff1-87cb-08a6df11845f/ Frame 4B18 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.connatix.com/s3/connatix-videos/af391ba1-47b0-4ff1-87cb-08a6df11845f/0_th_1.jpg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
c3034d0370c5faa09e7a8d7b0c48925afa0371cf17e4827dde23059f56019dae

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:39 GMT
via
1.1 varnish, 1.1 varnish
age
12170818
x-cache
HIT, HIT
content-type
image/jpeg
status
200
cache-control
max-age=31557600
x-cache-hits
1, 1
accept-ranges
bytes
x-timer
S1579120600.566673,VS0,VE1
access-control-allow-origin
*
content-length
23507
x-served-by
cache-sjc3139-SJC, cache-hhn4060-HHN
213007
search.spotxchange.com/vast/2.0/ Frame 4B18 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.0/213007?VPAID=js&content_page_url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fako-ransomware-another-day-another-infection-attacking-businesses%2F&cb=5e8988d8be11fdb43ab61579120599458&player_width=834&player_height=469&schain=1.0,1!connatix.com,102734,1,,,,&us_privacy=&spotx_inapp=1
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1838/min/connatix.renderer.infeed.min_dc.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com

Response headers

Date
Wed, 15 Jan 2020 20:36:39 GMT
Content-Encoding
gzip
X-SpotX-Timing-Transform
0.000417
X-SpotX-Timing-SpotMarket
0.021661
X-SpotX-Timing-Page-Mux
0.000304
X-SpotX-Timing-Page-Require
0.000519
X-fe
092
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000030
Content-Length
76
X-SpotX-Timing-Page
0.026192
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000440
Last-Modified
Wed, 15 Jan 2020 20:36:39 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Vary
Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary
0.021661
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
X-SpotX-Timing-Page-Misc
0.002808
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000012
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
layers.ab5cd98fe1b9a38a4a9f.js
s7.addthis.com/static/ 		263 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/layers.ab5cd98fe1b9a38a4a9f.js
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-210-248-44.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
ecc0c4a707efeb061b7de57440221feb21ab08022938aaacee779e98fe809235
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Wed, 18 Sep 2019 14:16:17 GMT
server
nginx/1.15.8
etag
W/"5d823c31-41b9f"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=86313600
date
Wed, 15 Jan 2020 20:36:39 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
77528
wrap.js
confiant-integrations.global.ssl.fastly.net/gpt/202001101133/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gpt/202001101133/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/d5CEaYYEzMwqV3dGpQ3IFjCM27s/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
764c862d312159b49f8e6fd8b1944c16499713abe7236eb8b6b40f20cf1033fa

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Wed, 15 Jan 2020 20:36:39 GMT
Content-Encoding
gzip
Age
466
X-Cache
HIT
Connection
keep-alive
Content-Length
30065
x-amz-id-2
KIwgZ5aThfvDqbDzaegOSGhU4znLILTYpjooQIY5Kli0EcQVPC9PbaS8lERPlio0tBbtPWA9FhI=
X-Served-By
cache-fra19135-FRA
Last-Modified
Mon, 13 Jan 2020 19:57:14 GMT
Server
AmazonS3
X-Timer
S1579120600.513061,VS0,VE0
ETag
"62e50166bfcd03e9d6305899d1bf1737"
x-amz-request-id
95F219F123E7D42C
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
243
wrap.js
confiant-integrations.global.ssl.fastly.net/prebid/202001101133/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/prebid/202001101133/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/d5CEaYYEzMwqV3dGpQ3IFjCM27s/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cf1091e08a0a0c7b7e407014d53bda0223573859d06351c958a1174479a77752

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Wed, 15 Jan 2020 20:36:39 GMT
Content-Encoding
gzip
Age
484
X-Cache
HIT
Connection
keep-alive
Content-Length
12169
x-amz-id-2
ur+6xzUpKkPz046guhk31drCjM4m9hi8NuzNbYk9y2dcaIlM8NWY3anOWgHExhu20VG5RPMMvac=
X-Served-By
cache-fra19135-FRA
Last-Modified
Mon, 13 Jan 2020 19:57:17 GMT
Server
AmazonS3
X-Timer
S1579120600.554345,VS0,VE0
ETag
"aecd520c5565494b99212f397ace223e"
x-amz-request-id
6EDE3D2FF20EEB90
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
816
r
trk.connatix.com/ Frame 4B18 		0
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk.connatix.com/r?connatix_sess=wp9DFi6yNmh_br8-aAmKdH2bkMvlc0PbvoRo3x32BJLftYX4SDouY3-99ij7QI8YfvRE2eGKuyHflGp5GQu2xLRKCMiofykT8U0wLVlKcM96BuflwirG6jbX6R4RN7T61_kXID_hZR0eDnTYJGXFBKK55CKXukYcufqumA0siIown29Gwb37b9gxBFhC6oJH&videoID=639404&c_pl=i6d0BBRHRs2GJtDZ1Ga_5dtqtdxdcg4f8UHt4gMkTiSgVOeEUagwSJvYbOdvJG_6sSkfilDxjzwgZpgB9OmHqF1M3Lm6aQldkp-a0H4AHZ9bTK_Fxhp8hXzgFnkHAYF2zi1Qe2i9ZDNlo7-Lc9cglYJ3EYWrUTsiDKvXBSQ6kajQzfkCoKLyxpWYfIlG2SlHlyXbQwlnl9sQ2tIMEpzVoEGb5iKReM81bNVtn0PaCR-8zp9NsNlIQyZfe0gvSJIvfn8mmUZCBjdgQ28VhqNqHg&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fako-ransomware-another-day-another-infection-attackin&c_v=1838_0_0_0_0&spp=1
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.1.64 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-215-1-64.compute-1.amazonaws.com
Software
nginx/1.15.9 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 15 Jan 2020 20:36:39 GMT
Server
nginx/1.15.9 (Ubuntu)
Connection
keep-alive
Content-Length
0
ads
googleads.g.doubleclick.net/pagead/ Frame 198A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&adk=1812271804&adf=3025194257&lmt=1578636805&plat=0%3A32%2C1%3A32776%2C2%3A16809992%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fako-ransomware-another-day-another-infection-attacking-businesses%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1579120598890&bpp=2&bdt=290&idt=147&shv=r20200109&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7451222293285&frm=20&pv=2&ga_vid=951501729.1579120599&ga_sid=1579120600&ga_hid=494904638&ga_fc=0&iag=0&icsg=149533625425920&dssz=53&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20040013%2C21065275%2C21065346&oid=3&pvsid=4225047959211155&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=1&uci=a!1&fsb=1&dtd=658
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200109/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-0920899300397823&output=html&adk=1812271804&adf=3025194257&lmt=1578636805&plat=0%3A32%2C1%3A32776%2C2%3A16809992%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fako-ransomware-another-day-another-infection-attacking-businesses%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1579120598890&bpp=2&bdt=290&idt=147&shv=r20200109&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7451222293285&frm=20&pv=2&ga_vid=951501729.1579120599&ga_sid=1579120600&ga_hid=494904638&ga_fc=0&iag=0&icsg=149533625425920&dssz=53&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20040013%2C21065275%2C21065346&oid=3&pvsid=4225047959211155&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=1&uci=a!1&fsb=1&dtd=658
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 15 Jan 2020 20:36:39 GMT
server
cafe
content-length
44
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 15-Jan-2020 20:51:39 GMT; path=/; domain=.doubleclick.net; SameSite=none
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Wed, 15 Jan 2020 20:36:39 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		76 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200109/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ab856b5203ff7aae954d0d3f1a80b52429a622f64462321b99bcde9025aea23f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1578932829520665"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
28669
x-xss-protection
0
expires
Wed, 15 Jan 2020 20:36:39 GMT
/
audit.quantcast.mgr.consensu.org/ 		80 B
486 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audit.quantcast.mgr.consensu.org/?log=;1579120599597;BleepingComputer.com;https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fako-ransomware-another-day-another-infection-attacking-businesses%2F;;;;;p,off,false,,1,en,28,183,true,false,false;displayConsentUi:mandatory,
Requested by
Host: static.quantcast.mgr.consensu.org
URL: https://static.quantcast.mgr.consensu.org/v28/cmpui-popup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.78.86 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-225-78-86.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com

Response headers

date
Fri, 12 Jul 2019 20:41:20 GMT
via
1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
vary
Origin
age
47323
x-cache
Hit from cloudfront
status
200
content-length
80
last-modified
Mon, 11 Jun 2018 22:07:34 GMT
server
AmazonS3
etag
"0614149d8033903db5de46d6c184bbfd"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
Uwbx43jnOPaKl5GQzFx5qbPFGrzrVwFJX6C4VSXoQ1cpo1e40W1bFQ==
514171
vid.springserve.com/vast/ Frame 4B18 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1838/min/connatix.renderer.infeed.min_dc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.0.3 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-210-0-3.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
db80755b844fe96e5b4f65ab72706800012045f18acc568e412fb668b32456c2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com

Response headers

Date
Wed, 15 Jan 2020 20:36:39 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
908
jquery.color-2.1.2.min.js
cluster-na.cdnjquery.com/color/ 		93 B
357 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cluster-na.cdnjquery.com/color/jquery.color-2.1.2.min.js?integrity=btjsonpcallback1579120599775&checksum=%7B%22cbc%22%3A0%2C%22st%22%3A2%2C%22au%22%3A%5B%5D%2C%22hau%22%3A%5B%5D%2C%22ref%22%3A%22https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fako-ransomware-another-day-another-infection-attacking-businesses%2F%22%2C%22aa%22%3A3%2C%22pgid%22%3A%22bb37902f-37d6-11ea-ba06-c1b0664191a0%22%2C%22v%22%3A1%2C%22format%22%3A%22jsonp%22%7D&o=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fako-ransomware-another-day-another-infection-attacking-businesses%2F&csVersion=1.21.17&clearThroughOptions=undefined
Requested by
Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.34.196 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-205-34-196.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
994a3ec84e51a3e1e75d62761006b88eeeed1192c023ba835b3b14d07cf7c336
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Wed, 15 Jan 2020 20:36:40 GMT
Content-Encoding
gzip
Server
nginx/1.12.1
ETag
W/"5d-1ImgFey6MAzhHr6Xgbeb8ORR85o"
X-Frame-Options
DENY
Content-Type
text/javascript; charset=utf-8
Charset
utf8
Connection
keep-alive
Content-Length
85
px.gif
ad-delivery.net/ 		43 B
386 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.40385616694740656
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.78.17 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-225-78-17.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
last-modified
Thu, 27 Jul 2017 18:59:05 GMT
server
AmazonS3
age
81851
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
x-cache
Hit from cloudfront
content-type
image/gif
status
200
date
Wed, 15 Jan 2020 01:14:24 GMT
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
43
x-amz-cf-id
uepSZj9biODgLeS3MRFgE8r031ZXX2MGtIPTWnJkOlYv-MVqwwCKgA==
vpaid_2d0ef349.js
vpaid.springserve.com/production/ Frame 82B5 		421 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1838/min/connatix.renderer.infeed.min_dc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
tlb.hwcdn.net
Software
AmazonS3 /
Resource Hash
9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:39 GMT
content-encoding
gzip
last-modified
Tue, 14 Jan 2020 17:06:38 GMT
server
AmazonS3
x-amz-request-id
4462617E6E77E777
etag
"53a89f9184b1b0306557f2639fb3f7b7"
x-hw
1579120599.dop014.lo4.t,1579120599.cds051.lo4.hn,1579120599.cds093.lo4.c
content-type
application/javascript
status
200
cache-control
max-age=2530799
accept-ranges
bytes
access-control-allow-origin
*
content-length
96293
x-amz-id-2
YtB7IxMy761b+ZQ01Leghcw5CTE/aXIoh/R709XjUC5iamw6cizvMwnPGpwsbnDQiDoasB4hqVw=
oath-viewability-sdk.js
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 82B5 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1 - Oath Holdings Inc., US),
Reverse DNS
Software
ATS /
Resource Hash
ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion
1
date
Fri, 03 Jan 2020 09:49:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1075647
status
200
strict-transport-security
max-age=15552000
content-length
7868
x-amz-id-2
mDnFnlHRCvuYA+U0w8cOG7XFhvL69cXSi57rYnFAQghb7jk9cR0uYZZGRUtJdQABVx3NVSF8oD8=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 23 Jan 2018 04:39:44 GMT
server
ATS
etag
"f89c71522a28b573b7e8c681892779ce-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-request-id
402B682C8C6F4031
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=1209600
x-amz-version-id
MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges
bytes
content-type
application/javascript
prebid
ib.adnxs.com/ut/v3/ Frame 82B5 		160 B
1007 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.100 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
373.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
abe73f199ae0497d55b8f37ad23c5a1aeececdf9d22df7e261c1681317005357
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 15 Jan 2020 20:36:41 GMT
X-Proxy-Origin
77.243.177.40; 77.243.177.40; 373.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.43:80
AN-X-Request-Uuid
e551b07a-c693-4ed9-8413-44c99dd65955
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
160
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
24
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 82B5 		150 B
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software
nginx /
Resource Hash
506b3471a129d69b6fedffc9bf4f12b8d23826f8460b775325918d51dce9be14

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 15 Jan 2020 20:36:40 GMT
server
nginx
status
200
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
150
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame 82B5 		160 B
1007 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.100 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
373.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
a5dc0bc1e9a5cc13e68e732abc09a40c86880663cce78a5364837cde57b09f39
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 15 Jan 2020 20:36:41 GMT
X-Proxy-Origin
77.243.177.40; 77.243.177.40; 373.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.55:80
AN-X-Request-Uuid
7cb8c2d4-5c9c-4e03-a1ed-cff807874857
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
160
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trinity.json
apex.go.sonobi.com/ Frame 82B5 		44 B
674 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker={%22594da7a8%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=594da7a8-7be6-4d8a-83a0-e018b34d2c65&pv=594da7a8-7be6-4d8a-83a0-e018b34d2c65&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
baf26fb67a99412ea53f06cb96a51e8aaa29b8a214846ab861c4099355128c4c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 15 Jan 2020 20:36:40 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-128
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
75
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		128 KB
38 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4225047959211155&correlator=2219443173515854&output=ldjh&impl=fifs&adsid=NT&vrg=2020010202&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200115&iu_parts=15184186%2Cbleepingcomputer_728x90_970x90_970x250_320x50_ATF%2Cbleepingcomputer_728x90_970x90_970x250_320x50_BTF%2Cbleepingcomputer_300x250_300x600_160x600_Right_1%2Cbleepingcomputer_300x250_300x600_160x600_Right_2%2Cbleepingcomputer_728x90_320x50_InContent_1%2Cbleepingcomputer_1x1%2Cbleepingcomputer_300x250_300x600_160x600_Right_3&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7&prev_iu_szs=728x90%7C970x90%7C970x250%2C728x90%7C970x90%7C970x250%2C300x250%7C300x600%2C300x250%7C300x600%2C728x90%2C1x1%2C300x250%7C300x600&eri=1&cust_params=user-agent%3DChrome&cookie_enabled=1&bc=31&abxe=1&lmt=1578636805&dt=1579120600002&dlt=1579120598600&idt=691&frm=20&biw=1600&bih=1200&oid=3&adxs=436%2C436%2C1082%2C1082%2C268%2C800%2C1082&adys=146%2C11408%2C322%2C1131%2C9977%2C11914%2C1656&adks=960084856%2C976516616%2C771041174%2C2389526111%2C4047242158%2C2635258439%2C523518761&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&ifi=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fako-ransomware-another-day-another-infection-attacking-businesses%2F&dssz=53&icsg=149533625425920&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1170x120%7C1200x90%7C306x250%7C306x250%7C834x90%7C1600x11914%7C306x250&msz=1170x90%7C1170x90%7C306x250%7C306x250%7C834x90%7C1600x1%7C306x250&ga_vid=951501729.1579120599&ga_sid=1579120600&ga_hid=494904638&fws=4%2C4%2C4%2C4%2C4%2C4%2C516&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020010202.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
a655d8f1afec2516ac82db7e64c93c930bba6fd5ad738e3682c92019d8faee55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com

Response headers

date
Wed, 15 Jan 2020 20:36:40 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
38510
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1,-1,4893662829,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,-1,-1,-1,138254592126,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_2020010202.js
securepubads.g.doubleclick.net/gpt/ 		63 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020010202.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020010202.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
sffe /
Resource Hash
95b5758dc1241c8b7174a9232cbf7d7b15bd9808a7f1409f3aaf03ce07c23696
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 08 Jan 2020 21:05:10 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
24366
x-xss-protection
0
expires
Wed, 15 Jan 2020 20:36:40 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020010202.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers
bc2
bc-rtb-dub.springserve.com/ Frame 82B5 		20 B
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bc-rtb-dub.springserve.com/bc2?r=594da7a8-7be6-4d8a-83a0-e018b34d2c65-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 15 Jan 2020 20:36:40 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
48.008759e9efe1c1b693dd.js
s7.addthis.com/static/ 		281 B
486 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/48.008759e9efe1c1b693dd.js
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-210-248-44.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
f8a52990bbe6892abb730d241570fbfbd2ff2fc707fdd3004c7dba6e843bbae3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Wed, 18 Sep 2019 14:16:17 GMT
server
nginx/1.15.8
etag
W/"5d823c31-119"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=86313600
date
Wed, 15 Jan 2020 20:36:40 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
246
/
graph.facebook.com/ 		315 B
410 B 		Script
General
Check archive.org
Download Go to
Full URL
https://graph.facebook.com/?id=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fako-ransomware-another-day-another-infection-attacking-businesses%2F&fields=og_object%7Bengagement%7D&callback=_ate.cbs.rcb_7o3m0
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
9c324bf76b4e9f1088abbf0b81a78bbf73e85c40bf0245e8799fdf09169047c8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-app-usage
{"call_count":0,"total_cputime":0,"total_time":0}
status
200
date
Wed, 15 Jan 2020 20:36:40 GMT, Wed, 15 Jan 2020 20:36:40 GMT
x-fb-rev
1001607734
alt-svc
h3-24=":443"; ma=3600
content-length
206
pragma
no-cache
x-fb-debug
JpCbptVtziGQAEIJM7pglzlUFZsKUV5/uZqGze1X+i3R1yEx2Dqp3T/qW5HhPhgX+wVwXak27UoOnqgczNwnVQ==
x-fb-trace-id
HPudOrVamht
etag
"ddfca135225aa1a8f386198e5b2730b36d44e5f3"
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-fb-request-id
AAgOmx3CDjClffcKpycWkvY
cache-control
private, no-cache, no-store, must-revalidate
facebook-api-version
v2.11
expires
Sat, 01 Jan 2000 00:00:00 GMT
info.json
www.reddit.com/api/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.reddit.com/api/info.json?url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fako-ransomware-another-day-another-infection-attacking-businesses%2F&jsonp=_ate.cbs.rcb_gpg90
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
snooserv /
Resource Hash
14c69eb3655f8fae37ce0c2be948d6fa8181f575b8b6b3756e658514426df2bc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish
x-cache
MISS
status
200
x-cache-hits
0
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-length
1749
x-xss-protection
1; mode=block
x-served-by
cache-fra19169-FRA
x-moose
majestic
server
snooserv
x-timer
S1579120600.280434,VS0,VE149
x-frame-options
SAMEORIGIN
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
X-Moose
cache-control
private, s-maxage=0, max-age=0, must-revalidate, no-store, max-age=0, must-revalidate
x-ua-compatible
IE=edge
accept-ranges
bytes
expires
-1
/
graph.facebook.com/ 		153 B
608 B 		Script
General
Check archive.org
Download Go to
Full URL
https://graph.facebook.com/?id=http%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fako-ransomware-another-day-another-infection-attacking-businesses%2F&fields=og_object%7Bengagement%7D&callback=_ate.cbs.rcb_iv2a0
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
cb661fcce7ca25419bc22b0f7809fbfb4bd9f4dc65c7f67564a8ee98f7d1ddbb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
x-app-usage
{"call_count":0,"total_cputime":0,"total_time":0}
status
200
date
Wed, 15 Jan 2020 20:36:40 GMT, Wed, 15 Jan 2020 20:36:40 GMT
x-fb-rev
1001607734
alt-svc
h3-24=":443"; ma=3600
content-length
153
pragma
no-cache
x-fb-debug
XQERThF2Ygtbi5BWSnjZV0pbKq7dclWdezeqHVpe+f1jqKEJiS8U4TVerPjtesRz483UBf8HnDRLdA34VWIREA==
x-fb-trace-id
FBXpcGUgkpf
etag
"ebc974c20c72055e51edbc1c91e7cbc1765ada17"
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-fb-request-id
Arx-ajBk0PSIWEapV3QNCtj
cache-control
private, no-cache, no-store, must-revalidate
facebook-api-version
v2.11
expires
Sat, 01 Jan 2000 00:00:00 GMT
info.json
www.reddit.com/api/ 		126 B
698 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.reddit.com/api/info.json?url=http%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fako-ransomware-another-day-another-infection-attacking-businesses%2F&jsonp=_ate.cbs.rcb_fjro0
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
snooserv /
Resource Hash
2b745d31b7d034bf9e1d941f92af88ce4a99e94016d6c1858332e52a98d7e732
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:40 GMT
via
1.1 varnish
x-content-type-options
nosniff
x-cache
MISS
status
200
x-cache-hits
0
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-length
126
x-xss-protection
1; mode=block
x-served-by
cache-fra19169-FRA
x-moose
majestic
server
snooserv
x-timer
S1579120600.280416,VS0,VE117
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
X-Moose
cache-control
private, s-maxage=0, max-age=0, must-revalidate, no-store, max-age=0, must-revalidate
x-ua-compatible
IE=edge
accept-ranges
bytes
expires
-1
c
c.pub.network/ 		36 B
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.226.36.58 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
58.36.226.35.bc.googleusercontent.com
Software
/
Resource Hash
eb1b0bcf7330607a722d5c3293f24020f2b65621ffe2d03961d5cba2e126b5df

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Wed, 15 Jan 2020 20:36:40 GMT
Access-Control-Allow-Credentials
true
Content-Length
36
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain;charset=utf-8
i
vid-io.springserve.com/vd/ Frame 82B5 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io.springserve.com/vd/i?suuid=594da7a8&ps_id=514171&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.219.23 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-200-219-23.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Wed, 15 Jan 2020 20:36:40 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
0
213007
search.spotxchange.com/vast/2.0/ Frame 4B18 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.0/213007?VPAID=js&content_page_url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fako-ransomware-another-day-another-infection-attacking-businesses%2F&cb=0766d7c50e775a6021cf1579120600635&player_width=834&player_height=470&schain=1.0,1!connatix.com,102734,1,,,,&us_privacy=&spotx_inapp=1
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1838/min/connatix.renderer.infeed.min_dc.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com

Response headers

Date
Wed, 15 Jan 2020 20:36:40 GMT
Content-Encoding
gzip
X-SpotX-Timing-Transform
0.001890
X-SpotX-Timing-SpotMarket
0.025155
X-SpotX-Timing-Page-Mux
0.000286
X-SpotX-Timing-Page-Require
0.000396
X-fe
076
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000042
Content-Length
76
X-SpotX-Timing-Page
0.031589
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000483
Last-Modified
Wed, 15 Jan 2020 20:36:40 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Vary
Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary
0.025155
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
X-SpotX-Timing-Page-Misc
0.003321
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000015
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
514171
vid.springserve.com/vast/ Frame 4B18 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1838/min/connatix.renderer.infeed.min_dc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.0.3 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-210-0-3.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
155a8162f12ac4d9ed25f66a92b14f09a5575ea7b976e2b653f15f727a3a6ed2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com

Response headers

Date
Wed, 15 Jan 2020 20:36:40 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
898
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 2BC1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202001101133/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
timing-allow-origin
*
content-length
2973
date
Wed, 15 Jan 2020 20:21:25 GMT
expires
Thu, 14 Jan 2021 20:21:25 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
915
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 5520 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202001101133/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
timing-allow-origin
*
content-length
2973
date
Wed, 15 Jan 2020 20:21:25 GMT
expires
Thu, 14 Jan 2021 20:21:25 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
915
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame D6E0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202001101133/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
timing-allow-origin
*
content-length
2973
date
Wed, 15 Jan 2020 20:21:25 GMT
expires
Thu, 14 Jan 2021 20:21:25 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
915
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame E511 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202001101133/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
timing-allow-origin
*
content-length
2973
date
Wed, 15 Jan 2020 20:21:25 GMT
expires
Thu, 14 Jan 2021 20:21:25 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
915
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
view
securepubads.g.doubleclick.net/pcs/ Frame 32B8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsseLJwsIeEijQrhT7YNdkHaf6t7adJVYDfcwYbpMWS-8rN0ajZMfWrrXfWh8X9eStjus9zfL3m8aspgg_YqL6l28KKuYFndHPCJ8WjrjkrMJR1_R2RlqQ8u90ExwjKKKvem6m3VG6zlngi6iZH37RfkIsrSPbUeV1DnT5XGL6jTk8jmLqkK5Wco7WC-VQKo-5V7p_FW-bSXrI0O-g57BwsJEd-8x4pkboENX8vEIdMk71rR01t-sAiXJIgEjPgSCJnxxRI7Iwayxze2gQ-KeEx_H4UuujDQGCwU&sig=Cg0ArKJSzPCko6GIyq-gEAE&urlfix=1&adurl=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 15 Jan 2020 20:36:40 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 32B8 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
1cc73be67c45f1d36abb78716c77a65fda71878207fc1bb6e7431498f6d270c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1578932829520665"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
28350
x-xss-protection
0
expires
Wed, 15 Jan 2020 20:36:40 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 9820 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202001101133/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
timing-allow-origin
*
content-length
2973
date
Wed, 15 Jan 2020 20:21:25 GMT
expires
Thu, 14 Jan 2021 20:21:25 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
915
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
amp4ads-host-v0.js
cdn.ampproject.org/rtv/011912050130240/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011912050130240/amp4ads-host-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020010202.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b0e077c071d8cadd7f559a3bfba9b136c071a5a0bc7cb6d952171b5f427cfa11
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
9502
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7140
x-xss-protection
0
server
sffe
date
Wed, 15 Jan 2020 17:58:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d61e8113ad0598ef"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Jan 2021 17:58:18 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/011912050130240/ Frame 01D5 		200 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011912050130240/amp4ads-v0.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202001101133/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0289758c8c964fbe0ec421527203b54fa728f037f3e023b002691158c82d7f98
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
13504
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
55703
x-xss-protection
0
server
sffe
date
Wed, 15 Jan 2020 16:51:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"5d665c0313f255e6"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Jan 2021 16:51:36 GMT
amp-ad-exit-0.1.js
cdn.ampproject.org/rtv/011912050130240/v0/ Frame 01D5 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011912050130240/v0/amp-ad-exit-0.1.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202001101133/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b388700842c722b76892ae257a262436a354966566be5fc2fc06dcb7a006d49d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
18933
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
5590
x-xss-protection
0
server
sffe
date
Wed, 15 Jan 2020 15:21:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"725cf1b04be851c6"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Jan 2021 15:21:07 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/011912050130240/v0/ Frame 01D5 		152 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011912050130240/v0/amp-analytics-0.1.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202001101133/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ab99b94ce42722a9b966906754075df92c870cb9ff1aa1c48920008806079153
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
13494
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
41415
x-xss-protection
0
server
sffe
date
Wed, 15 Jan 2020 16:51:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"66b88e0b1300c1e3"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Jan 2021 16:51:46 GMT
amp-fit-text-0.1.js
cdn.ampproject.org/rtv/011912050130240/v0/ Frame 01D5 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011912050130240/v0/amp-fit-text-0.1.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202001101133/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
627128aa43dc242642c6d678f53ebface174b2a3a3de58522b644fd5c61c5f67
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
19005
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1398
x-xss-protection
0
server
sffe
date
Wed, 15 Jan 2020 15:19:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"0b9648fcbc3c015a"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Jan 2021 15:19:55 GMT
amp-form-0.1.js
cdn.ampproject.org/rtv/011912050130240/v0/ Frame 01D5 		45 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011912050130240/v0/amp-form-0.1.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202001101133/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
816ec7f0b489b0fd32872606d9458c49ac0d3f3fcbb901bd0a38f797d2eb14b1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
18917
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
14335
x-xss-protection
0
server
sffe
date
Wed, 15 Jan 2020 15:21:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"e120bec091dd60ce"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Jan 2021 15:21:23 GMT
css
fonts.googleapis.com/ Frame 01D5 		4 KB
688 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202001101133/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
efe95cb2cc312e0132b0ce914c642ecee0534223df3f1d47579cdabe6cc070cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 15 Jan 2020 20:36:40 GMT
server
ESF
access-control-allow-origin
*
date
Wed, 15 Jan 2020 20:36:40 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Wed, 15 Jan 2020 20:36:40 GMT
css
fonts.googleapis.com/ Frame 01D5 		4 KB
642 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500&text=
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202001101133/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
efe95cb2cc312e0132b0ce914c642ecee0534223df3f1d47579cdabe6cc070cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 15 Jan 2020 20:36:40 GMT
server
ESF
access-control-allow-origin
*
date
Wed, 15 Jan 2020 20:36:40 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Wed, 15 Jan 2020 20:36:40 GMT
truncated
/ Frame 01D5 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
012d6e197386f9ec90f8805f2e87a6c5650f29a6e208d1c8971937c78c9b1eae

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
image/png
pixel
protected-by.clarium.io/ Frame 32B8 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_ZDVDRWFZWUV6TXdxVjNkR3BRM0lGakNNMjdzLzI0NDk3ODMzNDc6MXgx&v=5&s=v31duleo9n6&id=eyJkZnAiOnsiYWQiOjQ0ODMyMDU5MTksImMiOjEzODI1NDU5MjEyNiwibCI6NDg5MzY2MjgyOSwibyI6MjQ0OTc4MzM0NywiQSI6Ii8xNTE4NDE4Ni9ibGVlcGluZ2NvbXB1dGVyXzF4MSIsInkiOjAsImNvIjowLCJzIjoiYmxlZXBpbmdjb21wdXRlcl8xeDEifX0%3D&sb=0&cb=7450706&h=www.bleepingcomputer.com&d=eyJ3aCI6IlpEVkRSV0ZaV1VWNlRYZHhWak5rUjNCUk0wbEdha05OTWpkekx6STBORGszT0RNek5EYzZNWGd4Iiwid2QiOnsibyI6MjQ0OTc4MzM0NywidyI6IjEiLCJoIjoiMSJ9LCJ3ciI6Mn0=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.155.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-120-155-10.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 Jan 2020 20:36:41 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/9471102736520661391/ Frame 01D5 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9471102736520661391/downsize_200k_v1?sqp=4sqPyQSUAUKRAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhgIrAEQWhgBIAEtAAAAPzCsAThaRQAAgD8&rs=AOga4qkNGEHAkBWjGpXgkvLTRDT4-P7GMQ
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
3465c2de1ae10c517ca057b01c0aae9d2c9838d30366beb6938ce2304ca04003
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 09 Dec 2018 19:45:21 GMT
server
sffe
access-control-allow-origin
*
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
5305
x-xss-protection
0
expires
Thu, 14 Jan 2021 20:36:40 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/2673019162358891042/ Frame 01D5 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2673019162358891042/downsize_200k_v1?sqp=4sqPyQSLAUKIAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-Mg8I2AQQ2AQYASABLQAAAD8&rs=AOga4qllN0-F6Ru0MWxb-bJbnI9k_PRCvw
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
82bf258eef3957c50d203a0123586b9038296ebc016641fcec5dbf7cff7924e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Tue, 14 Jan 2020 01:41:31 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Nov 2018 16:44:34 GMT
server
sffe
age
154509
content-type
image/png
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
27290
x-xss-protection
0
expires
Wed, 13 Jan 2021 01:41:31 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 01D5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CcHaQ2HcfXtDuBtSG7_UPofiRiA_3hdP7WuCCi-ftCrCQHxABINrXxTlgu76ug9AKoAHpkK_KA8gBBqkCf9zsw2fYtT7gAgCoAwHIAwqqBMMCT9BuPxPkZo2Gwwbt9SbUi5CuYVGXtM0J3jaMfkRcZX6Bah-FTU4f8ifZ2oIX2kGLZMs_TV2RutRNbL60EzrQBd1aypi4F3itYDBBI2R2J7DfrY-i2jMIvdZ41m25SzzZsgE2t0mTTbsAF2pZ4D7jOF-jy1bQTrFZ2hriLls44q8OuobJuSE7B4muM9N9l5OrHrOpxe4Tks4wj074rKakSJLdafy5vNHoD-JEnTQmwXatRfgMMCdqCxX1h3uuVycTFSRXPxo8OpAvNcpT4zFhMu7iCFBAie_d5_MC7NCSnmyjE9w25vKAeaVmpFNlJyY8p3rbbN_M_byS8zVUvj79o0tjeglEgGQoHy8oLZ5mCU1QTt1t18TWwEVhEopv7RHUQIpBFZrZ2yUksJV79BVQT_knCoMOC1J0a9MJboLDPvQf5nTABKLPi7isAuAEAZIFBAgEGAGSBQQIBRgEoAY3gAf_7tA1qAeOzhuoB9XJG6gHk9gbqAe6BqgH8tkbqAemvhuoB-zVG9gHAfIHBBCavwfSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTE3NDIyNDk2MDMyODkwODOACgPICwHYEwI&sigh=0spAcJtM46Y&template_id=492&tpd=AGWhJmsIi10CssaNhRM0ABGzQ6QUnDPrQM8vHIwUVfOiulkO7A
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 01D5 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 11:08:58 GMT
x-content-type-options
nosniff
content-type
image/png
server
cafe
age
34062
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Thu, 16 Jan 2020 11:08:58 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 01D5 		295 B
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 11:08:48 GMT
x-content-type-options
nosniff
content-type
image/png
server
cafe
age
34072
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Thu, 16 Jan 2020 11:08:48 GMT
vpaid_2d0ef349.js
vpaid.springserve.com/production/ Frame FF20 		421 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1838/min/connatix.renderer.infeed.min_dc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
tlb.hwcdn.net
Software
AmazonS3 /
Resource Hash
9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:40 GMT
content-encoding
gzip
last-modified
Tue, 14 Jan 2020 17:06:38 GMT
server
AmazonS3
x-amz-request-id
4462617E6E77E777
etag
"53a89f9184b1b0306557f2639fb3f7b7"
x-hw
1579120600.dop014.lo4.t,1579120600.cds051.lo4.hn,1579120600.cds093.lo4.c
content-type
application/javascript
status
200
cache-control
max-age=2530798
accept-ranges
bytes
access-control-allow-origin
*
content-length
96293
x-amz-id-2
YtB7IxMy761b+ZQ01Leghcw5CTE/aXIoh/R709XjUC5iamw6cizvMwnPGpwsbnDQiDoasB4hqVw=
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 01D5 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011912050130240/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en
Origin
https://www.bleepingcomputer.com

Response headers

date
Thu, 09 Jan 2020 00:21:24 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
591316
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11016
x-xss-protection
0
expires
Fri, 08 Jan 2021 00:21:24 GMT
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 01D5 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011912050130240/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en
Origin
https://www.bleepingcomputer.com

Response headers

date
Mon, 13 Jan 2020 20:02:32 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:48 GMT
server
sffe
age
174848
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11056
x-xss-protection
0
expires
Tue, 12 Jan 2021 20:02:32 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 01D5
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Redirect headers

date
Wed, 15 Jan 2020 20:36:40 GMT
x-content-type-options
nosniff
server
safe
location
https://googleads.g.doubleclick.net/pagead/drt/si
content-type
text/html; charset=UTF-8
status
302
cache-control
private
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
246
x-xss-protection
0
c
c.pub.network/ 		36 B
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.226.36.58 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
58.36.226.35.bc.googleusercontent.com
Software
/
Resource Hash
eb1b0bcf7330607a722d5c3293f24020f2b65621ffe2d03961d5cba2e126b5df

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Wed, 15 Jan 2020 20:36:41 GMT
Access-Control-Allow-Credentials
true
Content-Length
36
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain;charset=utf-8
oath-viewability-sdk.js
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame FF20 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1 - Oath Holdings Inc., US),
Reverse DNS
Software
ATS /
Resource Hash
ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion
1
date
Fri, 03 Jan 2020 09:49:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1075648
status
200
strict-transport-security
max-age=15552000
content-length
7868
x-amz-id-2
mDnFnlHRCvuYA+U0w8cOG7XFhvL69cXSi57rYnFAQghb7jk9cR0uYZZGRUtJdQABVx3NVSF8oD8=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 23 Jan 2018 04:39:44 GMT
server
ATS
etag
"f89c71522a28b573b7e8c681892779ce-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-request-id
402B682C8C6F4031
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=1209600
x-amz-version-id
MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges
bytes
content-type
application/javascript
prebid
ib.adnxs.com/ut/v3/ Frame FF20 		160 B
1008 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.100 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
373.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
0406a183daff0fdc4ba7415b40291a8b042a12da286052926a8870d1c1a1ac43
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 15 Jan 2020 20:36:43 GMT
X-Proxy-Origin
77.243.177.40; 77.243.177.40; 373.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.135:80
AN-X-Request-Uuid
7df3139f-1eca-4e7f-b423-6269665ecdbf
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
160
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
24
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame FF20 		150 B
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software
nginx /
Resource Hash
dadad2e5dcaaaa4050a0d85124da9d7d12c70aa2bf2861e4a70fe5fd40eb8ba5

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 15 Jan 2020 20:36:41 GMT
server
nginx
status
200
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
150
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame FF20 		160 B
1007 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.100 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
373.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
02e887361b9e6e6d1f56c4773766a8b2a82f12fe7bc604402849d2bd1970372c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 15 Jan 2020 20:36:43 GMT
X-Proxy-Origin
77.243.177.40; 77.243.177.40; 373.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.87:80
AN-X-Request-Uuid
e5ab9c7d-6469-43fe-9062-73f4c9a1ccda
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
160
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trinity.json
apex.go.sonobi.com/ Frame FF20 		44 B
674 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker={%22f0272ed4%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=f0272ed4-08bd-45f3-8031-2ad389f862e9&pv=f0272ed4-08bd-45f3-8031-2ad389f862e9&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
afb56ea7aff3e1ef0e436a0c89d149022d61b20a28cb42e2f55bb6d2cff409d3
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 15 Jan 2020 20:36:41 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-128
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
75
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/9471102736520661391/ Frame 01D5 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9471102736520661391/downsize_200k_v1?sqp=4sqPyQSUAUKRAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhgIrAEQWhgBIAEtAAAAPzCsAThaRQAAgD8&rs=AOga4qkNGEHAkBWjGpXgkvLTRDT4-P7GMQ
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011912050130240/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
3465c2de1ae10c517ca057b01c0aae9d2c9838d30366beb6938ce2304ca04003
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 09 Dec 2018 19:45:21 GMT
server
sffe
age
1
content-type
image/jpeg
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
5305
x-xss-protection
0
expires
Thu, 14 Jan 2021 20:36:40 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/2673019162358891042/ Frame 01D5 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2673019162358891042/downsize_200k_v1?sqp=4sqPyQSLAUKIAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-Mg8I2AQQ2AQYASABLQAAAD8&rs=AOga4qllN0-F6Ru0MWxb-bJbnI9k_PRCvw
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011912050130240/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
82bf258eef3957c50d203a0123586b9038296ebc016641fcec5dbf7cff7924e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Tue, 14 Jan 2020 01:41:31 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Nov 2018 16:44:34 GMT
server
sffe
age
154510
content-type
image/png
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
27290
x-xss-protection
0
expires
Wed, 13 Jan 2021 01:41:31 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 01D5 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011912050130240/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 11:08:58 GMT
x-content-type-options
nosniff
content-type
image/png
server
cafe
age
34063
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Thu, 16 Jan 2020 11:08:58 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 01D5 		295 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011912050130240/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 11:08:48 GMT
x-content-type-options
nosniff
content-type
image/png
server
cafe
age
34073
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Thu, 16 Jan 2020 11:08:48 GMT
bc2
bc-rtb-dub.springserve.com/ Frame FF20 		20 B
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bc-rtb-dub.springserve.com/bc2?r=f0272ed4-08bd-45f3-8031-2ad389f862e9-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 15 Jan 2020 20:36:41 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
i
vid-io.springserve.com/vd/ Frame FF20 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io.springserve.com/vd/i?suuid=f0272ed4&ps_id=514171&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.219.23 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-200-219-23.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Wed, 15 Jan 2020 20:36:41 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
0
514171
vid.springserve.com/vast/ Frame 4B18 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1838/min/connatix.renderer.infeed.min_dc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.0.3 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-210-0-3.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ce2a0fea70fd21f866c591e155c8827b8c7aec2290ef063f60d39edc5c511ae0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com

Response headers

Date
Wed, 15 Jan 2020 20:36:41 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
910
vpaid_2d0ef349.js
vpaid.springserve.com/production/ Frame AA06 		421 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1838/min/connatix.renderer.infeed.min_dc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
tlb.hwcdn.net
Software
AmazonS3 /
Resource Hash
9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:41 GMT
content-encoding
gzip
last-modified
Tue, 14 Jan 2020 17:06:38 GMT
server
AmazonS3
x-amz-request-id
4462617E6E77E777
etag
"53a89f9184b1b0306557f2639fb3f7b7"
x-hw
1579120601.dop014.lo4.t,1579120601.cds051.lo4.hn,1579120601.cds093.lo4.c
content-type
application/javascript
status
200
cache-control
max-age=2530797
accept-ranges
bytes
access-control-allow-origin
*
content-length
96293
x-amz-id-2
YtB7IxMy761b+ZQ01Leghcw5CTE/aXIoh/R709XjUC5iamw6cizvMwnPGpwsbnDQiDoasB4hqVw=
c
c.pub.network/ 		36 B
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.226.36.58 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
58.36.226.35.bc.googleusercontent.com
Software
/
Resource Hash
eb1b0bcf7330607a722d5c3293f24020f2b65621ffe2d03961d5cba2e126b5df

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Wed, 15 Jan 2020 20:36:41 GMT
Access-Control-Allow-Credentials
true
Content-Length
36
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain;charset=utf-8
oath-viewability-sdk.js
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame AA06 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1 - Oath Holdings Inc., US),
Reverse DNS
Software
ATS /
Resource Hash
ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion
1
date
Fri, 03 Jan 2020 09:49:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1075648
status
200
strict-transport-security
max-age=15552000
content-length
7868
x-amz-id-2
mDnFnlHRCvuYA+U0w8cOG7XFhvL69cXSi57rYnFAQghb7jk9cR0uYZZGRUtJdQABVx3NVSF8oD8=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 23 Jan 2018 04:39:44 GMT
server
ATS
etag
"f89c71522a28b573b7e8c681892779ce-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-request-id
402B682C8C6F4031
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=1209600
x-amz-version-id
MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges
bytes
content-type
application/javascript
prebid
ib.adnxs.com/ut/v3/ Frame AA06 		160 B
1007 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.100 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
373.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
01959b20ffb42308edc33244076a822d3082a65870b3b07ac22db47d12d87048
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 15 Jan 2020 20:36:43 GMT
X-Proxy-Origin
77.243.177.40; 77.243.177.40; 373.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.50:80
AN-X-Request-Uuid
ad0cd9cf-b38f-40cc-b4e2-8ba1491a06b7
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
160
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
24
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame AA06 		150 B
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software
nginx /
Resource Hash
a9426bced0788d43c25c048dcbd1af38dab815d33e2eccf58302e495cce53606

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 15 Jan 2020 20:36:41 GMT
server
nginx
status
200
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
150
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame AA06 		160 B
1008 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.100 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
373.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
719ee23c72e39d0f1de0dead502eb83e5bacb68bcd842f177430c16e7ddc35c2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 15 Jan 2020 20:36:43 GMT
X-Proxy-Origin
77.243.177.40; 77.243.177.40; 373.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.245:80
AN-X-Request-Uuid
885726d3-de84-4a08-b9a9-677be9231e06
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
160
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trinity.json
apex.go.sonobi.com/ Frame AA06 		44 B
609 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker={%22a3b94b4c%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=a3b94b4c-c54a-4efd-b9fd-9ecdd171c6fa&pv=a3b94b4c-c54a-4efd-b9fd-9ecdd171c6fa&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
e70285a8a09eeb424647ce468ec4f2c1251acbe0ba3c6ce332237e765abd0a7d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 15 Jan 2020 20:36:41 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-128
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
75
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
bc2
bc-rtb-dub.springserve.com/ Frame AA06 		20 B
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bc-rtb-dub.springserve.com/bc2?r=a3b94b4c-c54a-4efd-b9fd-9ecdd171c6fa-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 15 Jan 2020 20:36:41 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
i
vid-io.springserve.com/vd/ Frame AA06 		0
483 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io.springserve.com/vd/i?suuid=a3b94b4c&ps_id=514171&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.219.23 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-200-219-23.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Wed, 15 Jan 2020 20:36:41 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
0
514171
vid.springserve.com/vast/ Frame 4B18 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1838/min/connatix.renderer.infeed.min_dc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.0.3 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-210-0-3.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
7f3c50c4740822ea40e0785389fb371a684a48e793176820d3ac38bb97c68e86

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com

Response headers

Date
Wed, 15 Jan 2020 20:36:41 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
905
vpaid_2d0ef349.js
vpaid.springserve.com/production/ Frame 0C1F 		421 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1838/min/connatix.renderer.infeed.min_dc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
tlb.hwcdn.net
Software
AmazonS3 /
Resource Hash
9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:41 GMT
content-encoding
gzip
last-modified
Tue, 14 Jan 2020 17:06:38 GMT
server
AmazonS3
x-amz-request-id
4462617E6E77E777
etag
"53a89f9184b1b0306557f2639fb3f7b7"
x-hw
1579120601.dop014.lo4.t,1579120601.cds051.lo4.hn,1579120601.cds093.lo4.c
content-type
application/javascript
status
200
cache-control
max-age=2530797
accept-ranges
bytes
access-control-allow-origin
*
content-length
96293
x-amz-id-2
YtB7IxMy761b+ZQ01Leghcw5CTE/aXIoh/R709XjUC5iamw6cizvMwnPGpwsbnDQiDoasB4hqVw=
oath-viewability-sdk.js
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 0C1F 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1 - Oath Holdings Inc., US),
Reverse DNS
Software
ATS /
Resource Hash
ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion
1
date
Fri, 03 Jan 2020 09:49:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1075648
status
200
strict-transport-security
max-age=15552000
content-length
7868
x-amz-id-2
mDnFnlHRCvuYA+U0w8cOG7XFhvL69cXSi57rYnFAQghb7jk9cR0uYZZGRUtJdQABVx3NVSF8oD8=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 23 Jan 2018 04:39:44 GMT
server
ATS
etag
"f89c71522a28b573b7e8c681892779ce-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-request-id
402B682C8C6F4031
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=1209600
x-amz-version-id
MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges
bytes
content-type
application/javascript
prebid
ib.adnxs.com/ut/v3/ Frame 0C1F 		160 B
862 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.100 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
373.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
014dead4d2849d7266dd1892a920aebd0d784e3d2dc26a2b4b27bb4575bff31c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 15 Jan 2020 20:36:43 GMT
X-Proxy-Origin
77.243.177.40; 77.243.177.40; 373.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.106:80
AN-X-Request-Uuid
7a768f1e-f18d-4013-9f67-c9c0ceea9aae
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
160
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
24
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 0C1F 		150 B
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software
nginx /
Resource Hash
480a5c4ff6bf3b83ee450ff0a5273e95db0828ab19e57aed6dc7cd25a6f9e280

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 15 Jan 2020 20:36:41 GMT
server
nginx
status
200
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
150
expires
0
trinity.json
apex.go.sonobi.com/ Frame 0C1F 		44 B
670 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker={%220e9afc61%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=0e9afc61-254b-4454-8063-655de46a86b0&pv=0e9afc61-254b-4454-8063-655de46a86b0&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
eb106918f8815a6cf58e17b8bbda4538468629a93509a98c2952d3d888ce3ec5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 15 Jan 2020 20:36:41 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
75
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 0C1F 		160 B
862 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.100 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
373.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
3724c71539d2c196641ba6824b20db8b694d3e71f59b6eb63ac9ffce582343e6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 15 Jan 2020 20:36:43 GMT
X-Proxy-Origin
77.243.177.40; 77.243.177.40; 373.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.245:80
AN-X-Request-Uuid
efb16eb6-e68e-46c7-8863-6642a82c60a7
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
160
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bc2
bc-rtb-dub.springserve.com/ Frame 0C1F 		20 B
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bc-rtb-dub.springserve.com/bc2?r=0e9afc61-254b-4454-8063-655de46a86b0-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 15 Jan 2020 20:36:42 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
i
vid-io.springserve.com/vd/ Frame 0C1F 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io.springserve.com/vd/i?suuid=0e9afc61&ps_id=514171&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.219.23 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-200-219-23.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Wed, 15 Jan 2020 20:36:42 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
0
514171
vid.springserve.com/vast/ Frame 4B18 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1838/min/connatix.renderer.infeed.min_dc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.0.3 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-210-0-3.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
93e6650f0e88e7b9ae30e0f323885b3c6cad998bb165752a287667d629ad0b60

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com

Response headers

Date
Wed, 15 Jan 2020 20:36:42 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
900
vpaid_2d0ef349.js
vpaid.springserve.com/production/ Frame D1D0 		421 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1838/min/connatix.renderer.infeed.min_dc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
tlb.hwcdn.net
Software
AmazonS3 /
Resource Hash
9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:42 GMT
content-encoding
gzip
last-modified
Tue, 14 Jan 2020 17:06:38 GMT
server
AmazonS3
x-amz-request-id
4462617E6E77E777
etag
"53a89f9184b1b0306557f2639fb3f7b7"
x-hw
1579120602.dop014.lo4.t,1579120602.cds051.lo4.hn,1579120602.cds093.lo4.c
content-type
application/javascript
status
200
cache-control
max-age=2530796
accept-ranges
bytes
access-control-allow-origin
*
content-length
96293
x-amz-id-2
YtB7IxMy761b+ZQ01Leghcw5CTE/aXIoh/R709XjUC5iamw6cizvMwnPGpwsbnDQiDoasB4hqVw=
oath-viewability-sdk.js
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame D1D0 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1 - Oath Holdings Inc., US),
Reverse DNS
Software
ATS /
Resource Hash
ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion
1
date
Fri, 03 Jan 2020 09:49:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1075649
status
200
strict-transport-security
max-age=15552000
content-length
7868
x-amz-id-2
mDnFnlHRCvuYA+U0w8cOG7XFhvL69cXSi57rYnFAQghb7jk9cR0uYZZGRUtJdQABVx3NVSF8oD8=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 23 Jan 2018 04:39:44 GMT
server
ATS
etag
"f89c71522a28b573b7e8c681892779ce-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-request-id
402B682C8C6F4031
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=1209600
x-amz-version-id
MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges
bytes
content-type
application/javascript
prebid
ib.adnxs.com/ut/v3/ Frame D1D0 		160 B
861 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.100 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
373.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
5755986e6c2ec6f8dcba61d850bd9871794787945d22d164dd9a33e3080a7920
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 15 Jan 2020 20:36:44 GMT
X-Proxy-Origin
77.243.177.40; 77.243.177.40; 373.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.48:80
AN-X-Request-Uuid
00856505-e152-4a78-8f74-65219ae79686
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
160
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
24
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame D1D0 		150 B
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software
nginx /
Resource Hash
826b3467748a5f22dec20cfe0dcbaa77990f69085e25f63ee25574171499944f

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 15 Jan 2020 20:36:42 GMT
server
nginx
status
200
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
150
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame D1D0 		160 B
862 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.100 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
373.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
9d889b741546b865b09f3b42db4655181e913fc838356f5f954970fb5999a67a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 15 Jan 2020 20:36:44 GMT
X-Proxy-Origin
77.243.177.40; 77.243.177.40; 373.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.249:80
AN-X-Request-Uuid
f10b6c31-d43d-4339-8584-1fe10fdb8a65
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
160
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trinity.json
apex.go.sonobi.com/ Frame D1D0 		44 B
607 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker={%22526c8018%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=526c8018-00b7-43f3-95ca-a7e5126079b3&pv=526c8018-00b7-43f3-95ca-a7e5126079b3&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
0489ff023fef2455f4f6d9a25f2fb23bc59be9e4877a55c5d89791a6368d9de8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 15 Jan 2020 20:36:42 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
75
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
bc2
bc-rtb-dub.springserve.com/ Frame D1D0 		20 B
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bc-rtb-dub.springserve.com/bc2?r=526c8018-00b7-43f3-95ca-a7e5126079b3-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 15 Jan 2020 20:36:42 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
i
vid-io.springserve.com/vd/ Frame D1D0 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io.springserve.com/vd/i?suuid=526c8018&ps_id=514171&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.219.23 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-200-219-23.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Wed, 15 Jan 2020 20:36:42 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
0
514171
vid.springserve.com/vast/ Frame 4B18 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1838/min/connatix.renderer.infeed.min_dc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.0.3 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-210-0-3.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
725d7f69918d06acd1e7c9788a28f5d16aeecd7c65386c17681b1a31090a38a7

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com

Response headers

Date
Wed, 15 Jan 2020 20:36:42 GMT
Content-Encoding
gzip
Server
nginx
transfer-encoding
chunked
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
vpaid_2d0ef349.js
vpaid.springserve.com/production/ Frame 1059 		421 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1838/min/connatix.renderer.infeed.min_dc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
tlb.hwcdn.net
Software
AmazonS3 /
Resource Hash
9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:42 GMT
content-encoding
gzip
last-modified
Tue, 14 Jan 2020 17:06:38 GMT
server
AmazonS3
x-amz-request-id
4462617E6E77E777
etag
"53a89f9184b1b0306557f2639fb3f7b7"
x-hw
1579120602.dop014.lo4.t,1579120602.cds051.lo4.hn,1579120602.cds093.lo4.c
content-type
application/javascript
status
200
cache-control
max-age=2530796
accept-ranges
bytes
access-control-allow-origin
*
content-length
96293
x-amz-id-2
YtB7IxMy761b+ZQ01Leghcw5CTE/aXIoh/R709XjUC5iamw6cizvMwnPGpwsbnDQiDoasB4hqVw=
tracking.png
trk.connatix.com/ Frame 4B18 		0
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk.connatix.com/tracking.png?c_rpobidMeta=[{id:15447,c_wt:253,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:326,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:333,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:428,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:843,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22}]&cb=533acef647a4555a7c551579120602455&c_pl=i6d0BBRHRs2GJtDZ1Ga_5dtqtdxdcg4f8UHt4gMkTiSgVOeEUagwSJvYbOdvJG_6sSkfilDxjzwgZpgB9OmHqF1M3Lm6aQldkp-a0H4AHZ9bTK_Fxhp8hXzgFnkHAYF2zi1Qe2i9ZDNlo7-Lc9cglYJ3EYWrUTsiDKvXBSQ6kajQzfkCoKLyxpWYfIlG2SlHlyXbQwlnl9sQ2tIMEpzVoEGb5iKReM81bNVtn0PaCR-8zp9NsNlIQyZfe0gvSJIvfn8mmUZCBjdgQ28VhqNqHg&c_v=1838_0_0_0_0&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fako-ransomware-another-day-another-infection-attackin&xplt=true&spp=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.1.64 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-215-1-64.compute-1.amazonaws.com
Software
nginx/1.15.9 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 15 Jan 2020 20:36:42 GMT
Server
nginx/1.15.9 (Ubuntu)
Connection
keep-alive
Content-Length
0
c
c.pub.network/ 		0
267 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.226.36.58 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
58.36.226.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Wed, 15 Jan 2020 20:36:42 GMT
Access-Control-Allow-Credentials
true
Content-Length
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
oath-viewability-sdk.js
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 1059 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1 - Oath Holdings Inc., US),
Reverse DNS
Software
ATS /
Resource Hash
ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion
1
date
Fri, 03 Jan 2020 09:49:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1075649
status
200
strict-transport-security
max-age=15552000
content-length
7868
x-amz-id-2
mDnFnlHRCvuYA+U0w8cOG7XFhvL69cXSi57rYnFAQghb7jk9cR0uYZZGRUtJdQABVx3NVSF8oD8=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 23 Jan 2018 04:39:44 GMT
server
ATS
etag
"f89c71522a28b573b7e8c681892779ce-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-request-id
402B682C8C6F4031
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=1209600
x-amz-version-id
MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges
bytes
content-type
application/javascript
prebid
ib.adnxs.com/ut/v3/ Frame 1059 		160 B
862 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.100 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
373.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
9c51ebde460afef5e24fbb9b218907b3ed17defa92515cef1cea3344f8d2d921
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 15 Jan 2020 20:36:44 GMT
X-Proxy-Origin
77.243.177.40; 77.243.177.40; 373.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.144:80
AN-X-Request-Uuid
195ec074-a072-4d97-a996-b10745530593
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
160
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
24
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 1059 		150 B
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software
nginx /
Resource Hash
d060bda92e3f4fca2498854d02a5bae2060734f13ed6a418adef28f8e60f6283

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 15 Jan 2020 20:36:42 GMT
server
nginx
status
200
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
150
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame 1059 		160 B
861 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.100 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
373.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
ad786cfc99c7bafd6583961542ee04324d564f5f15b61c1717b98f012869526c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 15 Jan 2020 20:36:44 GMT
X-Proxy-Origin
77.243.177.40; 77.243.177.40; 373.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.48:80
AN-X-Request-Uuid
e710caa7-3479-40fb-8862-8668b6f25b5e
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
160
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trinity.json
apex.go.sonobi.com/ Frame 1059 		44 B
607 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker={%22ca326192%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=ca326192-9804-4291-a80b-0122fb9c01e1&pv=ca326192-9804-4291-a80b-0122fb9c01e1&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
6d6ba56847c2fd8f96549c14ff9e0d2545fd0615e0c9f7f6d45c69ba9e2ed98f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 15 Jan 2020 20:36:42 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
75
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
bc2
bc-rtb-dub.springserve.com/ Frame 1059 		20 B
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bc-rtb-dub.springserve.com/bc2?r=ca326192-9804-4291-a80b-0122fb9c01e1-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 15 Jan 2020 20:36:42 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
/
ima3vpaid.appspot.com/ Frame 1059 		994 B
915 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ima3vpaid.appspot.com/?adTagUrl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F21769024953%2Fadx_video%2Fbleepingcomputer%26description_url%3Dbleepingcomputer.com%252F%26tfcd%3D0%26npa%3D0%26sz%3D400x300%257C640x480%26max_ad_duration%3D30000%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26impl%3Ds%26correlator%3D1579120602407%26ord%3D1579120602407&type=js
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
f854a5ec9d344b191c52029f50f958b63fa09369418a4f939dc07ec928c9c34a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com

Response headers

date
Wed, 15 Jan 2020 20:36:42 GMT
content-encoding
gzip
server
Google Frontend
status
200
vary
Accept-Encoding
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
x-cloud-trace-context
b4e2dc25cb388cc34cf0226041655ecb
cache-control
no-cache
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
556
vpaid_adapter.js
imasdk.googleapis.com/js/sdkloader/ Frame D92C 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adTagUrl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F21769024953%2Fadx_video%2Fbleepingcomputer%26description_url%3Dbleepingcomputer.com%252F%26tfcd%3D0%26npa%3D0%26sz%3D400x300%257C640x480%26max_ad_duration%3D30000%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26impl%3Ds%26correlator%3D1579120602407%26ord%3D1579120602407&type=js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
253ec34929e04bb2b170dee5c2b82bb9885d3cc203b473aa14fe4264ed872d0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 15 Jan 2020 19:56:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=900
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
14298
x-xss-protection
0
expires
Wed, 15 Jan 2020 20:51:43 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame D92C 		270 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adTagUrl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F21769024953%2Fadx_video%2Fbleepingcomputer%26description_url%3Dbleepingcomputer.com%252F%26tfcd%3D0%26npa%3D0%26sz%3D400x300%257C640x480%26max_ad_duration%3D30000%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26impl%3Ds%26correlator%3D1579120602407%26ord%3D1579120602407&type=js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
c0c7bd5bf25a1c21a2888bc53f59d9d4cb707404d652e07f8da499b0cf4ccf0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
93875
x-xss-protection
0
expires
Wed, 15 Jan 2020 20:36:43 GMT
bridge3.360.0_en.html
imasdk.googleapis.com/js/core/ Frame 0EC2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.360.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.360.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
196427
date
Wed, 15 Jan 2020 05:20:23 GMT
expires
Thu, 14 Jan 2021 05:20:23 GMT
last-modified
Wed, 15 Jan 2020 05:10:44 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
54980
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
client.js
s0.2mdn.net/instream/video/ Frame D92C 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
10523
x-xss-protection
0
expires
Wed, 15 Jan 2020 20:36:43 GMT
integrator.js
adservice.google.com/adsid/ Frame D92C 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bleepingcomputer.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
truncated
/ Frame D92C 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame D92C 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?et=object&lid=126&sdkv=h.3.360.0&e=189176001&id=ima_html5&c=2114141117825043&domain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Jan 2020 20:36:43 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i
vid-io.springserve.com/vd/ Frame 1059 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io.springserve.com/vd/i?suuid=ca326192&ps_id=514171&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.219.23 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-200-219-23.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Wed, 15 Jan 2020 20:36:43 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
0
514171
vid.springserve.com/vast/ Frame 4B18 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1838/min/connatix.renderer.infeed.min_dc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.0.3 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-210-0-3.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
2fed48635c22561e220f33146ded90ed321cf91dabc264cd8d922c69b0ce7feb

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com

Response headers

Date
Wed, 15 Jan 2020 20:36:43 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
919
vpaid_2d0ef349.js
vpaid.springserve.com/production/ Frame 312E 		421 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1838/min/connatix.renderer.infeed.min_dc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
tlb.hwcdn.net
Software
AmazonS3 /
Resource Hash
9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:43 GMT
content-encoding
gzip
last-modified
Tue, 14 Jan 2020 17:06:38 GMT
server
AmazonS3
x-amz-request-id
4462617E6E77E777
etag
"53a89f9184b1b0306557f2639fb3f7b7"
x-hw
1579120603.dop014.lo4.t,1579120603.cds051.lo4.hn,1579120603.cds093.lo4.c
content-type
application/javascript
status
200
cache-control
max-age=2530795
accept-ranges
bytes
access-control-allow-origin
*
content-length
96293
x-amz-id-2
YtB7IxMy761b+ZQ01Leghcw5CTE/aXIoh/R709XjUC5iamw6cizvMwnPGpwsbnDQiDoasB4hqVw=
oath-viewability-sdk.js
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 312E 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1 - Oath Holdings Inc., US),
Reverse DNS
Software
ATS /
Resource Hash
ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion
1
date
Fri, 03 Jan 2020 09:49:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1075650
status
200
strict-transport-security
max-age=15552000
content-length
7868
x-amz-id-2
mDnFnlHRCvuYA+U0w8cOG7XFhvL69cXSi57rYnFAQghb7jk9cR0uYZZGRUtJdQABVx3NVSF8oD8=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 23 Jan 2018 04:39:44 GMT
server
ATS
etag
"f89c71522a28b573b7e8c681892779ce-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-request-id
402B682C8C6F4031
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=1209600
x-amz-version-id
MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges
bytes
content-type
application/javascript
prebid
ib.adnxs.com/ut/v3/ Frame 312E 		160 B
862 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.100 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
373.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
c1622dcb2efceca2f6a39f26a0d3342ea8d126e0d8816589779dc1900b91dee3
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 15 Jan 2020 20:36:45 GMT
X-Proxy-Origin
77.243.177.40; 77.243.177.40; 373.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.101:80
AN-X-Request-Uuid
179c9a03-a47f-4d1c-80bb-b41c3f35a912
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
160
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
24
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 312E 		150 B
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software
nginx /
Resource Hash
ef3752d43c87ebab47c00beac925bef166fe4168f4ddce6fe0c21a0790da59f8

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 15 Jan 2020 20:36:43 GMT
server
nginx
status
200
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
150
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame 312E 		160 B
862 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.100 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
373.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
4b09d7cd58b704b5997909fbafa65fa805df3934e69c38f56039344c6d592eca
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 15 Jan 2020 20:36:45 GMT
X-Proxy-Origin
77.243.177.40; 77.243.177.40; 373.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.101:80
AN-X-Request-Uuid
2575e127-87af-4a19-96a0-3ecdad07af5a
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
160
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trinity.json
apex.go.sonobi.com/ Frame 312E 		44 B
607 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker={%22e0698a0b%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=e0698a0b-47db-4924-a1dd-b709e147bae9&pv=e0698a0b-47db-4924-a1dd-b709e147bae9&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
8b62d70599131c862a9abeb3484f96b90d3c45c57fcec4e2c8375537fab6fb93
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 15 Jan 2020 20:36:43 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
75
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
bc2
bc-rtb-dub.springserve.com/ Frame 312E 		17 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bc-rtb-dub.springserve.com/bc2?r=e0698a0b-47db-4924-a1dd-b709e147bae9-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
3ece895b66f51d3228d73a6a39748f782501ded082e44299ad0c128c0d416850

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 15 Jan 2020 20:36:44 GMT
Content-Encoding
gzip
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2443
xml;dc_sdk_apis=[APIFRAMEWORKS];dc_omid_p=[OMIDPARTNER]
ad.doubleclick.net/ddm/pfadx/N428001.3027484BASISDSP/B23318004.258997655;sz=0x0;u=239650%7C5e1f77dc3b25bd6e01ea0004%7C%7Cbleepingcomputer.com%7CESTA002CP+%5BVCR%5D+GT+%28United+Kingdom%29+-+Video_C... Frame 312E 		34 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/pfadx/N428001.3027484BASISDSP/B23318004.258997655;sz=0x0;u=239650%7C5e1f77dc3b25bd6e01ea0004%7C%7Cbleepingcomputer.com%7CESTA002CP+%5BVCR%5D+GT+%28United+Kingdom%29+-+Video_CP%7CWEB%7C1194248;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dcmt=text/xml;dc_sdk_apis=[APIFRAMEWORKS];dc_omid_p=[OMIDPARTNER]
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.205.230 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s24-in-f230.1e100.net
Software
cafe /
Resource Hash
09f275f1b41cd2ad756117ebf3edaa38324e036c5aa6718964a8b4e745dcc005
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com

Response headers

date
Wed, 15 Jan 2020 20:36:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
8867
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
rv
springserve-d.openx.net/v/1.0/ Frame 312E 		43 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://springserve-d.openx.net/v/1.0/rv?t=mute&ts=2DAABBgABAAECAAIBAAsAAgAAAVEcGAoxSkptVGJSY3QwHBb_zpWxmJaEk-wBFrn8nL6zhYK3_AEAHBbmmOrI_vKEkE0W8766ga3iwduoAQAWuN_74QsVBgAsHBUCABwVAgAcFQIAABwmltmZgwQVBhUGJuLYmYMEFuDJmYMEEcb-ahb-ahb-ahbUNBbUNBbUNBbUNBb0gAEAHBwsFoCxiqS77IOtKhbrsrXZ5-KA56UBAAAWjtqYgAQWoJOrgAQWuoPsgwQWsLXygAQVGBwUwAcUgAoAFQQm9IABFvSAARb0gAERNQ4ALCwWhLHKjM-14YRcFvGhmu-y-tDnmQEAFrjf--ELBiiO2piABBagk6uABBawtfKABBa6g-yDBBgHMzYxNjU5Mhbq3wEW9IABJQQW9hUYBjExMjA1MxUClsrRhgMRKAJPWAx6FAEUAQAoBXZpZGVvgQAMPDgHY2JwLmdvdgAAAA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.173.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Jan 2020 20:36:44 GMT
via
1.1 google
server
OXGW/16.173.0
p3p
CP="CUR ADM OUR NOR STA NID"
status
200
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
dc_oe=ChMIyMep1bqG5wIV0Zl3Ch2TtAnVEAAYACDUt4A7;met=1;ecn1=1;etm1=0;eid1=16;
ade.googlesyndication.com/ddm/activity/ Frame 312E 		42 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIyMep1bqG5wIV0Zl3Ch2TtAnVEAAYACDUt4A7;met=1;ecn1=1;etm1=0;eid1=16;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Jan 2020 20:36:44 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
file.mp4
r4---sn-4g5edns6.c.2mdn.net/videoplayback/id/14b965e19bfffcac/itag/18/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3716899861/sparams/acao,ctier,expire,id,ip,ipbits,itag,mip,m...
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/14b965e19bfffcac/itag/18/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3716899861/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/sign...
  • https://r4---sn-4g5edns6.c.2mdn.net/videoplayback/id/14b965e19bfffcac/itag/18/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3716899861/sparams/acao,ctier,expire,id,ip,ipbits,it...
1 MB
1 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r4---sn-4g5edns6.c.2mdn.net/videoplayback/id/14b965e19bfffcac/itag/18/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3716899861/sparams/acao,ctier,expire,id,ip,ipbits,itag,mip,mm,mn,ms,mv,mvi,pl,source/signature/757E8D6890DCB954950F35F76EBB2F7F80CDCADE.1D4FB4033D28912BD04EA895E4619D447E3F3F79/key/cms1/cms_redirect/yes/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5edns6/ms/onc/mt/1579120528/mv/m/mvi/3/pl/47/file/file.mp4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:6d::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
8fd42efdbe5b2b76b222cf5c5be1552758080212eaa58f9c74e68695fd3ff979
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Wed, 15 Jan 2020 20:36:44 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 30 Oct 2019 16:11:00 GMT
Server
gvs 1.0
Content-Type
video/mp4
Content-Range
bytes 0-1106296/1106297
Cache-Control
private, max-age=86400
Connection
close
Accept-Ranges
bytes
Alt-Svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
Content-Length
1106297
Expires
Wed, 15 Jan 2020 20:36:44 GMT

Redirect headers

pragma
no-cache
date
Wed, 15 Jan 2020 20:36:44 GMT
server
ClientMapServer
status
302
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r4---sn-4g5edns6.c.2mdn.net/videoplayback/id/14b965e19bfffcac/itag/18/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3716899861/sparams/acao,ctier,expire,id,ip,ipbits,itag,mip,mm,mn,ms,mv,mvi,pl,source/signature/757E8D6890DCB954950F35F76EBB2F7F80CDCADE.1D4FB4033D28912BD04EA895E4619D447E3F3F79/key/cms1/cms_redirect/yes/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5edns6/ms/onc/mt/1579120528/mv/m/mvi/3/pl/47/file/file.mp4
cache-control
no-cache, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
642
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rv
springserve-d.openx.net/v/1.0/ Frame 312E 		43 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://springserve-d.openx.net/v/1.0/rv?t=creativeView&ts=2DAABBgABAAECAAIBAAsAAgAAAVEcGAoxSkptVGJSY3QwHBb_zpWxmJaEk-wBFrn8nL6zhYK3_AEAHBbmmOrI_vKEkE0W8766ga3iwduoAQAWuN_74QsVBgAsHBUCABwVAgAcFQIAABwmltmZgwQVBhUGJuLYmYMEFuDJmYMEEcb-ahb-ahb-ahbUNBbUNBbUNBbUNBb0gAEAHBwsFoCxiqS77IOtKhbrsrXZ5-KA56UBAAAWjtqYgAQWoJOrgAQWuoPsgwQWsLXygAQVGBwUwAcUgAoAFQQm9IABFvSAARb0gAERNQ4ALCwWhLHKjM-14YRcFvGhmu-y-tDnmQEAFrjf--ELBiiO2piABBagk6uABBawtfKABBa6g-yDBBgHMzYxNjU5Mhbq3wEW9IABJQQW9hUYBjExMjA1MxUClsrRhgMRKAJPWAx6FAEUAQAoBXZpZGVvgQAMPDgHY2JwLmdvdgAAAA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.173.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Jan 2020 20:36:44 GMT
via
1.1 google
server
OXGW/16.173.0
p3p
CP="CUR ADM OUR NOR STA NID"
status
200
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
jsvid
pixel.adsafeprotected.com/ Frame 312E 		203 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jsvid?videoId=bb3f0bc956b5e6cd7a86f2b1c8e2569b&anId=926608&placementId=514171&impId=e0698a0b-47db-4924-a1dd-b709e147bae9&planId=decl_d=bleepingcomputer.com|decl_w=640|decl_h=480|det_d=www.bleepingcomputer.com|det_w=834|det_h=469|advId=962|a_cc=s.514171-d.528021-dc.73338_s.401172-a.733-d.530025-ias.1|ssid=91caa406-44a5-42ee-b2b3-91ba2e3ebd68|country=GB
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.166.0.26 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
anycast.pixel.adsafeprotected.com
Software
nginx /
Resource Hash
868445991cf301f6b70acc20e52f9ff54a245ecb7a04d209c5b621b5bcc24fd9

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 Jan 2020 20:36:44 GMT
Content-Encoding
gzip
X-Server-Name
app60ami.ami.303net.pvt
Transfer-Encoding
chunked
Content-Type
application/javascript;charset=utf-8
Access-Control-Allow-Origin
pixel.adsafeprotected.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Server
nginx
Expires
Wed, 31 Dec 1969 23:59:59 GMT
score.min.js
js.ad-score.com/ Frame 312E 		276 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.ad-score.com/score.min.js?pid=1000426&tt=if
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1901:0:fcac:: , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash
e17adc65e5c03cac7a52854e68d04810afcb3e640dc4429643dc91904fa421f9

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 19:26:25 GMT
content-encoding
gzip
last-modified
Wed, 15 Jan 2020 19:26:25 GMT
age
4219
access-control-allow-methods
GET
content-type
application/javascript
status
200
alt-svc
clear
cache-control
public, max-age=86400
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
access-control-allow-origin
*
content-length
96182
via
1.1 google
expires
Thu, 16 Jan 2020 19:26:25 GMT
i
vid-io.springserve.com/vd/ Frame 312E 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io.springserve.com/vd/i?suuid=e0698a0b&ps_id=514171&batch=1&imp=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.219.23 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-200-219-23.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Wed, 15 Jan 2020 20:36:44 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
0
i
vid-io.springserve.com/vd/ Frame 312E 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io.springserve.com/vd/i?suuid=e0698a0b&ps_id=514171&batch=2
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.219.23 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-200-219-23.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Wed, 15 Jan 2020 20:36:44 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
0
i
ipds.adrta.com/ Frame 312E
Redirect Chain
  • https://adrta.com/i?clid=ss&paid=ss&dvid=v&cb=1579120604023&avid=112053&caid=1194248&publisherId=540226160&kv5=&plid=3616592&segment=12121&kv4=77.243.177.40&kv14=&kv1=large_vid&siteId=540227121&kv7...
  • https://ipds.adrta.com/i?__x=MLCJKHEIMMCIHBEBLGIFEPPEIOKJIMKKNIMAGJLQHGGNFJMMPBHJNOKELONKOPGKJGQGHBIKMNFJGKGLNNM@PMHHHHGNNMGEOIOFKEHBFLOOGGENGIOPNAE@HBE&clid=ss&paid=ss&dvid=v&cb=1579120604023&avid...
0
86 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ipds.adrta.com/i?__x=MLCJKHEIMMCIHBEBLGIFEPPEIOKJIMKKNIMAGJLQHGGNFJMMPBHJNOKELONKOPGKJGQGHBIKMNFJGKGLNNM@PMHHHHGNNMGEOIOFKEHBFLOOGGENGIOPNAE@HBE&clid=ss&paid=ss&dvid=v&cb=1579120604023&avid=112053&caid=1194248&publisherId=540226160&kv5=&plid=3616592&segment=12121&kv4=77.243.177.40&kv14=&kv1=large_vid&siteId=540227121&kv7=4&kv15=UNKNOWN&kv16=&kv17=&kv18=&kv24=WEB&kv22=&kv11=5e1f77dc3b25bd6e01ea0004&kv3=&kv27=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_6%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F79.0.3945.88+Safari%2F537.36&kv29=[ERRORCODE]&kv30=[CONTENTPLAYHEAD]_[ADPLAYHEAD]&kv33=[ASSETURI]&kv34=[VASTVERSIONS]&kv35=[IFATYPE]&kv36=[IFA]&kv37=[CLIENTUA]&kv38=[SERVERUA]&kv39=[DEVICEUA]&kv40=[DEVICEIP]&kv41=[LATLONG]&kv42=[DOMAIN]&kv44=autoplay&kv45=[PLAYERSIZE]&kv46=[REGULATIONS]&kv47=[ADTYPE]&kv48=[TRANSACTIONID]&kv49=[BREAKPOSITION]&kv51=[PLACEMENTTYPE]&kv54=[LAT]&kv2=http%3A%2F%2Fbleepingcomputer.com%2F&kv43=[PAGEURL]&kv50=[APPNAME]
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.14.65 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-1-14-65.compute-1.amazonaws.com
Software
Apache/2.4.39 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status
200
date
Wed, 15 Jan 2020 20:36:45 GMT
server
Apache/2.4.39 (Amazon) OpenSSL/1.0.2k-fips
content-length
0

Redirect headers

status
302
date
Wed, 15 Jan 2020 20:36:44 GMT
server
Apache/2.4.39 (Amazon) OpenSSL/1.0.2k-fips
content-length
0
location
https://ipds.adrta.com/i?__x=MLCJKHEIMMCIHBEBLGIFEPPEIOKJIMKKNIMAGJLQHGGNFJMMPBHJNOKELONKOPGKJGQGHBIKMNFJGKGLNNM@PMHHHHGNNMGEOIOFKEHBFLOOGGENGIOPNAE@HBE&clid=ss&paid=ss&dvid=v&cb=1579120604023&avid=112053&caid=1194248&publisherId=540226160&kv5=&plid=3616592&segment=12121&kv4=77.243.177.40&kv14=&kv1=large_vid&siteId=540227121&kv7=4&kv15=UNKNOWN&kv16=&kv17=&kv18=&kv24=WEB&kv22=&kv11=5e1f77dc3b25bd6e01ea0004&kv3=&kv27=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_6%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F79.0.3945.88+Safari%2F537.36&kv29=[ERRORCODE]&kv30=[CONTENTPLAYHEAD]_[ADPLAYHEAD]&kv33=[ASSETURI]&kv34=[VASTVERSIONS]&kv35=[IFATYPE]&kv36=[IFA]&kv37=[CLIENTUA]&kv38=[SERVERUA]&kv39=[DEVICEUA]&kv40=[DEVICEIP]&kv41=[LATLONG]&kv42=[DOMAIN]&kv44=autoplay&kv45=[PLAYERSIZE]&kv46=[REGULATIONS]&kv47=[ADTYPE]&kv48=[TRANSACTIONID]&kv49=[BREAKPOSITION]&kv51=[PLACEMENTTYPE]&kv54=[LAT]&kv2=http%3A%2F%2Fbleepingcomputer.com%2F&kv43=[PAGEURL]&kv50=[APPNAME]
aid:5e1f77dc3b25bd6e01ea0004;c:AAABb6rsM5ebJMM3wECaVTZnJZC9AFRNRo7lcg;s:;cid:1194248;ts:1579120604023
node-uk-zahhu3.sitescout.com/openx/px/ Frame 312E 		43 B
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://node-uk-zahhu3.sitescout.com/openx/px/aid:5e1f77dc3b25bd6e01ea0004;c:AAABb6rsM5ebJMM3wECaVTZnJZC9AFRNRo7lcg;s:;cid:1194248;ts:1579120604023
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.155.71.27 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1 - Cogeco Peer 1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 Jan 2020 20:36:45 GMT
Server
AC1.1
P3P
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
Cache-Control
max-age=0,no-cache,no-store
Connection
close, close
Content-Type
image/gif
Content-Length
43
Expires
Tue, 11 Oct 1977 12:34:56 GMT
sd
us-u.openx.net/w/1.0/ Frame 312E
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&wb=1&hdid=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=no-consent
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072977&val=no-consent
43 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072977&val=no-consent
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.173.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Jan 2020 20:36:45 GMT
via
1.1 google
server
OXGW/16.173.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
status
200
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Wed, 15 Jan 2020 20:36:45 GMT
via
1.1 google
server
OXGW/16.173.0
location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072977&val=no-consent
p3p
CP="CUR ADM OUR NOR STA NID"
status
302
alt-svc
clear
content-length
0
springserve
rtb-europe-west1.openx.net/win/ Frame 312E 		43 B
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-europe-west1.openx.net/win/springserve?p=6.847&t=2DAABBgABAAECAAIBAAsAAgAAAVEcGAoxSkptVGJSY3QwHBb_zpWxmJaEk-wBFrn8nL6zhYK3_AEAHBbmmOrI_vKEkE0W8766ga3iwduoAQAWuN_74QsVBgAsHBUCABwVAgAcFQIAABwmltmZgwQVBhUGJuLYmYMEFuDJmYMEEcb-ahb-ahb-ahbUNBbUNBbUNBbUNBb0gAEAHBwsFoCxiqS77IOtKhbrsrXZ5-KA56UBAAAWjtqYgAQWoJOrgAQWuoPsgwQWsLXygAQVGBwUwAcUgAoAFQQm9IABFvSAARb0gAERNQ4ALCwWhLHKjM-14YRcFvGhmu-y-tDnmQEAFrjf--ELBiiO2piABBagk6uABBawtfKABBa6g-yDBBgHMzYxNjU5Mhbq3wEW9IABJQQW9hUYBjExMjA1MxUClsrRhgMRKAJPWAx6FAEUAQAoBXZpZGVvgQAMPDgHY2JwLmdvdgAAAA&ph=514f901f-2114-42f1-94ca-d19baee8f0ec&vtqe=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.241.44.144 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
144.44.241.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:44 GMT
via
1.1 google
p3p
CP="CUR ADM OUR NOR STA NID"
status
200
alt-svc
clear
content-length
43
x-request-id
eqgoj69t18bn0034kiplu5f52p659t8v
pragma
no-cache
server
Cowboy
vary
Origin
content-type
image/gif
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
expires
Mon, 26 Jul 1997 05:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 312E 		0
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstJV-YFWlJDA5tL3CJ3Y9jlfT-_XWHX59-lfrRb3rZjNtscF-rx9rR3e_zC4KSzMTuWcltgXg7jW8ndwjtDd8s0zHSZO4-BBZjxtZBAiB1Nmi5ljnBke4GmtyHVxlp44EmIfxQv2LAxq7H3VeZHgUhd_D6O&sig=Cg0ArKJSzFqhRX8d7PATEAE&urlfix=1&adurl=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:44 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
private
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
1194248
node-uk-zahhu3.sitescout.com/vastEvent/start/5e1f77dc3b25bd6e01ea0004/ Frame 312E 		0
310 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://node-uk-zahhu3.sitescout.com/vastEvent/start/5e1f77dc3b25bd6e01ea0004/1194248
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.155.71.27 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1 - Cogeco Peer 1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 Jan 2020 20:36:45 GMT
Server
AC1.1
P3P
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
Access-Control-Allow-Origin
*
Cache-Control
max-age=0,no-cache,no-store
Connection
close
Content-Length
0
Expires
Tue, 11 Oct 1977 12:34:56 GMT
rv
springserve-d.openx.net/v/1.0/ Frame 312E 		43 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://springserve-d.openx.net/v/1.0/rv?t=start&ts=2DAABBgABAAECAAIBAAsAAgAAAVEcGAoxSkptVGJSY3QwHBb_zpWxmJaEk-wBFrn8nL6zhYK3_AEAHBbmmOrI_vKEkE0W8766ga3iwduoAQAWuN_74QsVBgAsHBUCABwVAgAcFQIAABwmltmZgwQVBhUGJuLYmYMEFuDJmYMEEcb-ahb-ahb-ahbUNBbUNBbUNBbUNBb0gAEAHBwsFoCxiqS77IOtKhbrsrXZ5-KA56UBAAAWjtqYgAQWoJOrgAQWuoPsgwQWsLXygAQVGBwUwAcUgAoAFQQm9IABFvSAARb0gAERNQ4ALCwWhLHKjM-14YRcFvGhmu-y-tDnmQEAFrjf--ELBiiO2piABBagk6uABBawtfKABBa6g-yDBBgHMzYxNjU5Mhbq3wEW9IABJQQW9hUYBjExMjA1MxUClsrRhgMRKAJPWAx6FAEUAQAoBXZpZGVvgQAMPDgHY2JwLmdvdgAAAA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.173.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Jan 2020 20:36:44 GMT
via
1.1 google
server
OXGW/16.173.0
p3p
CP="CUR ADM OUR NOR STA NID"
status
200
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
dc_oe=ChMIyMep1bqG5wIV0Zl3Ch2TtAnVEAAYACDUt4A7;met=1;ecn1=1;etm1=0;eid1=11;
ade.googlesyndication.com/ddm/activity/ Frame 312E 		42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIyMep1bqG5wIV0Zl3Ch2TtAnVEAAYACDUt4A7;met=1;ecn1=1;etm1=0;eid1=11;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Jan 2020 20:36:44 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
0_th_1.jpg
i.connatix.com/s3/connatix-videos/af391ba1-47b0-4ff1-87cb-08a6df11845f/ Frame 4B18 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.connatix.com/s3/connatix-videos/af391ba1-47b0-4ff1-87cb-08a6df11845f/0_th_1.jpg
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1838/min/connatix.renderer.infeed.min_dc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
c3034d0370c5faa09e7a8d7b0c48925afa0371cf17e4827dde23059f56019dae

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 20:36:44 GMT
via
1.1 varnish, 1.1 varnish
age
12170823
x-cache
HIT, HIT
content-type
image/jpeg
status
200
cache-control
max-age=31557600
x-cache-hits
1, 2
accept-ranges
bytes
x-timer
S1579120605.675663,VS0,VE0
access-control-allow-origin
*
content-length
23507
x-served-by
cache-sjc3139-SJC, cache-hhn4060-HHN
i
vid-io-dub.springserve.com/vd/ Frame 4B18 		43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-dub.springserve.com/vd/i?event=vast_flash_impression
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.34.141.200 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-176-34-141-200.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Wed, 15 Jan 2020 20:36:44 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
p2
sb.scorecardresearch.com/ Frame 4B18
Redirect Chain
  • https://sb.scorecardresearch.com/p?c1=2&c2=17958079&ns_type=hidden&ns_st_sv=6.1.1.171219&ns_st_smv=5.8&ns_st_it=r&ns_st_id=1579120604638&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_...
  • https://sb.scorecardresearch.com/p2?c1=2&c2=17958079&ns_type=hidden&ns_st_sv=6.1.1.171219&ns_st_smv=5.8&ns_st_it=r&ns_st_id=1579120604638&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns...
43 B
575 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p2?c1=2&c2=17958079&ns_type=hidden&ns_st_sv=6.1.1.171219&ns_st_smv=5.8&ns_st_it=r&ns_st_id=1579120604638&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=15000&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.1.1.171219&ns_st_pn=1&ns_st_tp=1&ns_st_ad=1&ns_st_ci=0&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_ts=1579120604639&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=0&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_an=1&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=va12&ns_st_st=*null&ns_st_pu=*null&c3=*null&c4=*null&c6=*null&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fako-ransomware-another-day-another-infection-attacking-businesses%2F&c8=&c9=&cs_ucfr=0&cs_ak_ss=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.39.228 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-39-228.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 Jan 2020 20:36:45 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Expires
Mon, 01 Jan 1990 00:00:00 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://sb.scorecardresearch.com/p2?c1=2&c2=17958079&ns_type=hidden&ns_st_sv=6.1.1.171219&ns_st_smv=5.8&ns_st_it=r&ns_st_id=1579120604638&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=15000&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.1.1.171219&ns_st_pn=1&ns_st_tp=1&ns_st_ad=1&ns_st_ci=0&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_ts=1579120604639&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=0&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_an=1&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=va12&ns_st_st=*null&ns_st_pu=*null&c3=*null&c4=*null&c6=*null&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fako-ransomware-another-day-another-infection-attacking-businesses%2F&c8=&c9=&cs_ucfr=0&cs_ak_ss=1
Pragma
no-cache
Date
Wed, 15 Jan 2020 20:36:45 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
impression
trk.connatix.com/ 		338 B
493 B 		Script
General
Check archive.org
Download Go to
Full URL
https://trk.connatix.com/impression?c_aid=15447&c_mt=application%2Fjavascript&connatix_sess=wp9DFi6yNmh_br8-aAmKdH2bkMvlc0PbvoRo3x32BJLftYX4SDouY3-99ij7QI8YfvRE2eGKuyHflGp5GQu2xLRKCMiofykT8U0wLVlKcM96BuflwirG6jbX6R4RN7T61_kXID_hZR0eDnTYJGXFBKK55CKXukYcufqumA0siIown29Gwb37b9gxBFhC6oJH&c_ph=470&c_pw=834&c_vid=639404&c_wt=816&c_wc=7&c_rc=7&c_tad=2&c_adp=1&c_pl=i6d0BBRHRs2GJtDZ1Ga_5dtqtdxdcg4f8UHt4gMkTiSgVOeEUagwSJvYbOdvJG_6sSkfilDxjzwgZpgB9OmHqF1M3Lm6aQldkp-a0H4AHZ9bTK_Fxhp8hXzgFnkHAYF2zi1Qe2i9ZDNlo7-Lc9cglYJ3EYWrUTsiDKvXBSQ6kajQzfkCoKLyxpWYfIlG2SlHlyXbQwlnl9sQ2tIMEpzVoEGb5iKReM81bNVtn0PaCR-8zp9NsNlIQyZfe0gvSJIvfn8mmUZCBjdgQ28VhqNqHg&id_va=a2ad0420070f5edcf5311579120604655&c_v=1838_0_0_0_0&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fako-ransomware-another-day-another-infection-attackin&spp=1&xplt=true&callback=cnxJSONP_48df9f231a597df8f3801579120604655
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1838/min/connatix.renderer.infeed.min_dc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.1.64 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-215-1-64.compute-1.amazonaws.com
Software
nginx/1.15.9 (Ubuntu) /
Resource Hash
c319af5c5ca7ff390c1791b8592111f52e080ac99f076efa1ab36c518adccd05

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 15 Jan 2020 20:36:44 GMT
Content-Encoding
gzip
Server
nginx/1.15.9 (Ubuntu)
Connection
keep-alive
Content-Length
305
cors
data.ad-score.com/data/ Frame 312E 		42 B
719 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=iMpepnNGRfMLiqucDslldXkgVVxOCvuf-EU/fPs5udVrnKD8b33LOFk7ENA==-E0/GNcxmbVHqMw==&pm_ct=34afcc7e5cd28f1e32913333&pm_pl=1579120604712&pm_td=17&pid=1000426&en=1&callback=__pm_glbl_hEcRgfatsvIPtdtP8PpVQ2Tc._gc1&tt=if&v=bf7ffc2
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000426&tt=if
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
11b87f97f383be16feacaf42c1eca02ff7bb7a4a45562f538d80d92f021de2eb

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 15 Jan 2020 20:36:45 GMT
Age
0
Access-Control-Allow-Methods
POST
P3p
CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/plain; charset=utf-8
Content-Length
42
a908585c-e5ce-4225-bd15-9b2db54ee42e
https://www.bleepingcomputer.com/ Frame 312E 		720 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.bleepingcomputer.com/a908585c-e5ce-4225-bd15-9b2db54ee42e
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000426&tt=if
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Length
720
Content-Type
application/javascript
x.html
js.ad-score.com/ Frame C599 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.ad-score.com/x.html?pid=1000426
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000426&tt=if
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1901:0:fcac:: , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
js.ad-score.com
:scheme
https
:path
/x.html?pid=1000426
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/

Response headers

status
200
date
Wed, 15 Jan 2020 19:26:29 GMT
content-type
text/html; charset=utf-8
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-methods
GET
access-control-allow-origin
*
content-encoding
gzip
last-modified
Wed, 15 Jan 2020 19:12:30 GMT
via
1.1 google
content-length
5138
age
4215
cache-control
public, max-age=86400
alt-svc
clear
truncated
/ Frame 312E 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
image/png
cors
data.ad-score.com/data/ Frame 312E 		1 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=iMpepnNGRfMLiqucDslldXkgVVxOCvuf-EU/fPs5udVrnKD8b33LOFk7ENA==-E0/GNcxmbVHqMw==&pm_ct=34afcc7e5cd28f1e32913333&pm_pl=1579120604712&pm_td=170&pid=1000426&en=1&callback=__pm_glbl_hEcRgfatsvIPtdtP8PpVQ2Tc._gc2&tt=if&v=bf7ffc2
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000426&tt=if
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Wed, 15 Jan 2020 20:36:45 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
truncated
/ Frame 312E 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
image/gif
sca.17.4.114.js
static.adsafeprotected.com/ Frame FBB1 		81 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.4.114.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.196.13 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-224-196-13.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ad9ae0374e0334d2511e951a2381a164fa87ce86594fc027d25a8624774c3c96

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 13 Jan 2020 23:54:57 GMT
content-encoding
gzip
age
160909
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
x-amz-replication-status
COMPLETED
last-modified
Mon, 13 Jan 2020 23:54:54 GMT
server
AmazonS3
vary
Accept-Encoding
x-amz-version-id
gSPddsS9N0PGtUp2YQy7vCAfLQOR874Z
via
1.1 c7f7b4cf7fd5efe64bac95586db3f62b.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA2-C1
content-type
application/javascript
x-amz-cf-id
PR4bFbzmP68p8eTlqEgige0ps5IrlZje1AV16puo00GF-ha2wpCZiw==
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=926608&asId=cce7d980-86eb-5cb7-30e4-480fa05ddd7a&tv={c:1p7OPJ,pingTime:-8,time:32,type:l,vv:3.5.0,es:0,sc:1,ha:1,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:{i:0,o:32,n:0,pp:0,pm:0},slEvents:[{sl:o,t:30,wc:0.0.1600.1200,ac:215.1888.834.469,am:v,cc:215.1888.834.469,piv:0,obst:0,th:0,reas:l,bkn:{piv:[21~0],as:[21~834.469]}}],slEventCount:1,em:true,fr:true,e:,tt:jsvid,dtt:0,fm:rNGd83R+11|12|13|14|15|16|171|172|173|174|1811|1812|1813|1814|191|192|193|194|1a1|1a2|1a3|1a4|1b|1c11|1c12|1c13|1c14|1d|1e*.926608|1e1|1e2|1e3,idMap:1e*,rend:1,renddet:env,rmeas:1}&br=u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.174.17 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-22-174-17.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Jan 2020 20:36:45 GMT
x-server-name
dt41.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
status
200
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
mon
pixel.adsafeprotected.com/ 		43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?videoId=bb3f0bc956b5e6cd7a86f2b1c8e2569b&anId=926608&placementId=514171&impId=e0698a0b-47db-4924-a1dd-b709e147bae9&planId=decl_d=bleepingcomputer.com|decl_w=640|decl_h=480|det_d=www.bleepingcomputer.com|det_w=834|det_h=469|advId=962|a_cc=s.514171-d.528021-dc.73338_s.401172-a.733-d.530025-ias.1|ssid=91caa406-44a5-42ee-b2b3-91ba2e3ebd68|country=GB&adsafe_url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fako-ransomware-another-day-another-infection-attacking-businesses%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:cce7d980-86eb-5cb7-30e4-480fa05ddd7a,c:1p7OPH,sl:outOfView,em:true,fr:true,mn:app60ami,pt:2-5-15,wc:0.0.1600.1200,ac:215.1888.834.469,am:v,cc:215.1888.834.469,piv:0,obst:0,th:0,reas:l,br:u,abv:na,an:n,oam:0,vc:jv3,scm:publ2.grpm2,fm:rNGd83R+11|12|13|14|15|16|171|172|173|174|1811|1812|1813|1814|191|192|193|194|1a1|1a2|1a3|1a4|1b|1c11|1c12|1c13|1c14|1d|1e*.926608|1e1|1e2|1e3,idMap:1e*,pl:,rend:1,renddet:env,rmeas:1,es:0,sc:1,ha:1,gmnp:0,for:0,b11:0,cnod:1,gm:1,tt:jsvid,thd:1,et:31,oid:be818639-37d6-11ea-8ea3-70106fb72980,v:19.8.40,sp:0,wr:1600.1200,sr:1600.1200,ov:0,x_vv:3.5.0,x_vanstag:cm,x_xplac:514171,x_ximp:e0698a0b-47db-4924-a1dd-b709e147bae9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.166.0.26 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
anycast.pixel.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 Jan 2020 20:36:44 GMT
X-Server-Name
app60ami.ami.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
cors
data.ad-score.com/data/ Frame 312E 		1 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=iMpepnNGRfMLiqucDslldXkgVVxOCvuf-EU/fPs5udVrnKD8b33LOFk7ENA==-E0/GNcxmbVHqMw==&pm_ct=34afcc7e5cd28f1e32913333&pm_pl=1579120604712&pm_td=248&pid=1000426&en=1&callback=__pm_glbl_hEcRgfatsvIPtdtP8PpVQ2Tc._gc3&tt=if&v=bf7ffc2
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000426&tt=if
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Wed, 15 Jan 2020 20:36:45 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=926608&asId=cce7d980-86eb-5cb7-30e4-480fa05ddd7a&tv={c:1p7OQb,pingTime:-2,time:60,type:a,im:{sf:0,pom:1,prf:{beA:1085,beZ:1091,mfA:1092,cmA:1093,inA:1093,inZ:1100,prA:1100,prZ:1110,si:1116,poA:1118,poZ:1128,cmZ:1128,mfZ:1128,loA:1136,loZ:1137,ltA:1144,ltZ:1144}},sca:{dfp:{df:4,sz:834.469,dom:body}},env:{gca:1},clog:[{piv:0,vs:o,r:l,w:834,h:469,t:30}],ve:{vEventCount:3,vEvents:[{t:-273,tp:adImpression,sl:undefined,ad_duration:15.018667,ad_dimensions:834x470,player_dimensions:0x0,volume:0,x_vv:3.5.0,x_vanstag:cm,x_xplac:514171,x_ximp:e0698a0b-47db-4924-a1dd-b709e147bae9},{t:-272,tp:adVideoStart,sl:o,ad_duration:15.018667,ad_dimensions:834x470,player_dimensions:0x0,volume:0},{t:-269,tp:resizeAd,sl:o,ad_duration:15.018667,ad_dimensions:834x470,player_dimensions:0x0,volume:0,width:834,height:470,viewMode:normal}]},vv:3.5.0,es:0,sc:1,ha:1,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:{i:0,o:60,n:0,pp:0,pm:0},slEvents:[{sl:o,t:30,wc:0.0.1600.1200,ac:215.1888.834.469,am:v,cc:215.1888.834.469,piv:0,obst:0,th:0,reas:l,bkn:{piv:[49~0],as:[49~834.469]}}],slEventCount:1,em:true,fr:true,e:,tt:jsvid,dtt:0,fm:rNGd83R+11|12|13|14|15|16|171|172|173|174|1811|1812|1813|1814|191|192|193|194|1a1|1a2|1a3|1a4|1b|1c11|1c12|1c13|1c14|1d|1e*.926608|1e1|1e2|1e3,idMap:1e*,rend:1,renddet:env,rmeas:1,slid:[vpaid_6ce8c5196a08941005e01579120603818,cnx-ad-slot4ad57a2d12a95bc437ff1579120603817,44234e383a2b2724bfe71579120599437],sinceFw:27,readyFired:true}&br=u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.174.17 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-22-174-17.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Jan 2020 20:36:45 GMT
x-server-name
dt38.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
status
200
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
c
c.pub.network/ 		0
267 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.226.36.58 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
58.36.226.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Wed, 15 Jan 2020 20:36:45 GMT
Access-Control-Allow-Credentials
true
Content-Length
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=926608&asId=cce7d980-86eb-5cb7-30e4-480fa05ddd7a&tv={c:1p7OQJ,time:94,type:e,env:{gcd:{appl:1,cnst:na,glbl:1,mtdt:null}},vv:3.5.0,es:0,sc:1,ha:1,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:{i:0,o:94,n:0,pp:0,pm:0},slEvents:[{sl:o,t:30,wc:0.0.1600.1200,ac:215.1888.834.469,am:v,cc:215.1888.834.469,piv:0,obst:0,th:0,reas:l,bkn:{piv:[83~0],as:[83~834.469]}}],slEventCount:1,em:true,fr:true,e:,tt:jsvid,dtt:0,fm:rNGd83R+11|12|13|14|15|16|171|172|173|174|1811|1812|1813|1814|191|192|193|194|1a1|1a2|1a3|1a4|1b|1c11|1c12|1c13|1c14|1d|1e*.926608|1e1|1e2|1e3,idMap:1e*,rend:1,renddet:env,rmeas:1}&br=u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.174.17 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-22-174-17.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Jan 2020 20:36:45 GMT
x-server-name
dt34.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
status
200
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
cors
data.ad-score.com/data/ Frame 312E 		1 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=iMpepnNGRfMLiqucDslldXkgVVxOCvuf-EU/fPs5udVrnKD8b33LOFk7ENA==-E0/GNcxmbVHqMw==&pm_ct=34afcc7e5cd28f1e32913333&pm_pl=1579120604712&pm_td=337&pid=1000426&en=1&callback=__pm_glbl_hEcRgfatsvIPtdtP8PpVQ2Tc._gc4&tt=if&v=bf7ffc2
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000426&tt=if
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Wed, 15 Jan 2020 20:36:45 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
cors
data.ad-score.com/data/ Frame 312E 		1 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=iMpepnNGRfMLiqucDslldXkgVVxOCvuf-EU/fPs5udVrnKD8b33LOFk7ENA==-E0/GNcxmbVHqMw==&pm_ct=34afcc7e5cd28f1e32913333&pm_pl=1579120604712&pm_td=437&pid=1000426&en=1&callback=__pm_glbl_hEcRgfatsvIPtdtP8PpVQ2Tc._gc5&tt=if&v=bf7ffc2
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000426&tt=if
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Wed, 15 Jan 2020 20:36:45 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=926608&asId=cce7d980-86eb-5cb7-30e4-480fa05ddd7a&tv={c:1p7OWn,pingTime:-10,time:444,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.4.114v220002022020220000022002222000022220202020222220222220002222022002222200002220222022222222222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002002202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022222220020222222000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNC4xMTR2MTIwMHx8MTYwMHx8MXx8MXx8MjR8fDEyMDB8fDB8fDB8fDF8fGxhbmRzY2FwZS1wcmltYXJ5fHwyNHx8NC8zfHw0LzN8fDB8fDE2MDA-,no:MTcuNC4xMTR2TW96aWxsYXx8TmV0c2NhcGV8fG58fDE2fHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8LTYwfHxNb3ppbGxhLzUuMCAoTWFjaW50b3NoOyBJbnRlbCBNYWMgT1MgWCAxMF8xNF82KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvNzkuMC4zOTQ1Ljg4IFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,asp:1579120605346||605c83c75a249b18b4df97c4391e0424||a9cfc38c8c27d8aade7b19701097beda||3c1d763398e2b290eaea917a1173a3d5||d015d9717bd0ec2e0ee7042bbd693110||6bad774be1ab7675947c62b8cb54ea89||9fbee53b5edb5aba1026f3f8afe0ab91||f4c1f6ad7e17b1e62608f4ec4e2fab64||1576000828}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.174.17 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-22-174-17.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Jan 2020 20:36:45 GMT
x-server-name
dt39.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
status
200
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
tracking.png
trk.connatix.com/ Frame 4B18 		0
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk.connatix.com/tracking.png?c_rpobidMeta=[{id:15447,c_wt:1340,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22}]&c_rbid=[{id:15447,c_wt:39}]&cb=79e20f0d4efd233d266c1579120605455&c_pl=i6d0BBRHRs2GJtDZ1Ga_5dtqtdxdcg4f8UHt4gMkTiSgVOeEUagwSJvYbOdvJG_6sSkfilDxjzwgZpgB9OmHqF1M3Lm6aQldkp-a0H4AHZ9bTK_Fxhp8hXzgFnkHAYF2zi1Qe2i9ZDNlo7-Lc9cglYJ3EYWrUTsiDKvXBSQ6kajQzfkCoKLyxpWYfIlG2SlHlyXbQwlnl9sQ2tIMEpzVoEGb5iKReM81bNVtn0PaCR-8zp9NsNlIQyZfe0gvSJIvfn8mmUZCBjdgQ28VhqNqHg&c_v=1838_0_0_0_0&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fako-ransomware-another-day-another-infection-attackin&xplt=true&spp=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.1.64 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-215-1-64.compute-1.amazonaws.com
Software
nginx/1.15.9 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 15 Jan 2020 20:36:45 GMT
Server
nginx/1.15.9 (Ubuntu)
Connection
keep-alive
Content-Length
0
usync.html
eus.rubiconproject.com/ Frame AEDE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.44.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.55.184 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-37-55-184.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/

Response headers

Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified
Tue, 07 Jan 2020 22:21:23 GMT
Content-Encoding
gzip
Content-Length
7750
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=67781
Expires
Thu, 16 Jan 2020 15:26:27 GMT
Date
Wed, 15 Jan 2020 20:36:46 GMT
Connection
keep-alive
Vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 9833
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.44.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.98.188 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-57-98-188.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

:method
GET
:authority
eb2.3lift.com
:scheme
https
:path
/sync?&ld=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
accept-encoding
gzip, deflate, br
cookie
tluid=17391093314437023125
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/

Response headers

status
200
date
Wed, 15 Jan 2020 20:36:46 GMT
content-type
text/html; charset=utf-8
content-length
493
set-cookie
sync=CgoIgQIQmfew1_otCgoI4gEQmfew1_otCgoI5gEQmfew1_otCgkICRCZ97DX-i0KCgipARCZ97DX-i0KCQg5EJn3sNf6LQoJCDoQmfew1_otCgkICxCZ97DX-i0KCgjOARCZ97DX-i0KCQgfEJn3sNf6LQ==; Max-Age=7776000; Expires=Tue, 14 Apr 2020 20:36:46 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=17391093314437023125; Max-Age=7776000; Expires=Tue, 14 Apr 2020 20:36:46 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure tlcookieable=0; Max-Age=0; Expires=Wed, 15 Jan 2020 20:36:46 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate

Redirect headers

status
302
date
Wed, 15 Jan 2020 20:36:46 GMT
content-length
0
set-cookie
tluid=17391093314437023125; Max-Age=7776000; Expires=Tue, 14 Apr 2020 20:36:46 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure tlcookieable=0; Max-Age=0; Expires=Wed, 15 Jan 2020 20:36:46 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
location
/sync?&ld=1
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
Cookie set showad.js
ads.pubmatic.com/AdServer/js/ Frame 087E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.44.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.92 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-210-249-92.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/

Response headers

Last-Modified
Tue, 07 Jan 2020 10:54:20 GMT
ETag
"13006b6-973e-59b8a991d1e73"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
Set-Cookie
KTPCACOOKIE=YES; domain=.pubmatic.com; path=/; max-age=7776000;
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14477
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=68823
Expires
Thu, 16 Jan 2020 15:43:49 GMT
Date
Wed, 15 Jan 2020 20:36:46 GMT
Connection
keep-alive
Vary
Accept-Encoding
index.html
cdn.districtm.io/ids/ Frame DBFD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.44.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:method
GET
:authority
cdn.districtm.io
:scheme
https
:path
/ids/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/

Response headers

status
200
date
Wed, 15 Jan 2020 20:36:46 GMT
content-type
text/html
set-cookie
__cfduid=d91504e8071aea7e8c345ea44641136181579120606; expires=Fri, 14-Feb-20 20:36:46 GMT; path=/; domain=.districtm.io; HttpOnly; SameSite=Lax
cf-ray
555aa4cc0ef86b4d-LHR
cache-control
s-maxage=1209600, max-age=14400
last-modified
Thu, 10 Jan 2019 16:50:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
content-encoding
br
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 715F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.44.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.83 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-210-249-83.deploy.static.akamaitechnologies.com
Software
nginx/1.9.13 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/

Response headers

Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Server
nginx/1.9.13
Content-Type
text/html
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Length
506
Cache-Control
max-age=31536000
Expires
Thu, 14 Jan 2021 20:36:46 GMT
Date
Wed, 15 Jan 2020 20:36:46 GMT
Connection
keep-alive
i
vid-io.springserve.com/vd/ Frame 312E 		0
483 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io.springserve.com/vd/i?suuid=e0698a0b&ps_id=514171&batch=3
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.219.23 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-200-219-23.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Wed, 15 Jan 2020 20:36:48 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
0
1194248
node-uk-zahhu3.sitescout.com/vastEvent/firstquartile/5e1f77dc3b25bd6e01ea0004/ Frame 312E 		0
310 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://node-uk-zahhu3.sitescout.com/vastEvent/firstquartile/5e1f77dc3b25bd6e01ea0004/1194248
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.155.71.27 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1 - Cogeco Peer 1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 Jan 2020 20:36:48 GMT
Server
AC1.1
P3P
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
Access-Control-Allow-Origin
*
Cache-Control
max-age=0,no-cache,no-store
Connection
close
Content-Length
0
Expires
Tue, 11 Oct 1977 12:34:56 GMT
d665e40bc850dd2a
pixel.sitescout.com/iap/ Frame 312E
Redirect Chain
  • https://pixel-a.basis.net/iap/d665e40bc850dd2a
  • https://pixel.sitescout.com/iap/d665e40bc850dd2a
0
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.sitescout.com/iap/d665e40bc850dd2a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1 - Cogeco Peer 1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 Jan 2020 20:36:48 GMT
Cache-Control
max-age=0,no-cache,no-store
Expires
Tue, 11 Oct 1977 12:34:56 GMT
Server
AC1.1
P3P
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"

Redirect headers

Location
https://pixel.sitescout.com/iap/d665e40bc850dd2a
Content-length
0
rv
springserve-d.openx.net/v/1.0/ Frame 312E 		43 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://springserve-d.openx.net/v/1.0/rv?t=firstQuartile&ts=2DAABBgABAAECAAIBAAsAAgAAAVEcGAoxSkptVGJSY3QwHBb_zpWxmJaEk-wBFrn8nL6zhYK3_AEAHBbmmOrI_vKEkE0W8766ga3iwduoAQAWuN_74QsVBgAsHBUCABwVAgAcFQIAABwmltmZgwQVBhUGJuLYmYMEFuDJmYMEEcb-ahb-ahb-ahbUNBbUNBbUNBbUNBb0gAEAHBwsFoCxiqS77IOtKhbrsrXZ5-KA56UBAAAWjtqYgAQWoJOrgAQWuoPsgwQWsLXygAQVGBwUwAcUgAoAFQQm9IABFvSAARb0gAERNQ4ALCwWhLHKjM-14YRcFvGhmu-y-tDnmQEAFrjf--ELBiiO2piABBagk6uABBawtfKABBa6g-yDBBgHMzYxNjU5Mhbq3wEW9IABJQQW9hUYBjExMjA1MxUClsrRhgMRKAJPWAx6FAEUAQAoBXZpZGVvgQAMPDgHY2JwLmdvdgAAAA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.173.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Jan 2020 20:36:48 GMT
via
1.1 google
server
OXGW/16.173.0
p3p
CP="CUR ADM OUR NOR STA NID"
status
200
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
dc_oe=ChMIyMep1bqG5wIV0Zl3Ch2TtAnVEAAYACDUt4A7;met=1;ecn1=1;etm1=0;eid1=960584;
ade.googlesyndication.com/ddm/activity/ Frame 312E 		42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIyMep1bqG5wIV0Zl3Ch2TtAnVEAAYACDUt4A7;met=1;ecn1=1;etm1=0;eid1=960584;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Jan 2020 20:36:48 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=926608&asId=cce7d980-86eb-5cb7-30e4-480fa05ddd7a&tv={c:1p7PNq,pingTime:-4,time:3733,type:m,clog:[{piv:0,vs:o,r:l,w:834,h:469,t:30}],ve:{vEventCount:4,vEvents:[{t:-273,tp:adImpression,sl:undefined,ad_duration:15.018667,ad_dimensions:834x470,player_dimensions:0x0,volume:0,x_vv:3.5.0,x_vanstag:cm,x_xplac:514171,x_ximp:e0698a0b-47db-4924-a1dd-b709e147bae9},{t:-272,tp:adVideoStart,sl:o,ad_duration:15.018667,ad_dimensions:834x470,player_dimensions:0x0,volume:0},{t:-269,tp:resizeAd,sl:o,ad_duration:15.018667,ad_dimensions:834x470,player_dimensions:0x0,volume:0,width:834,height:470,viewMode:normal},{t:3727,tp:adVideoFirstQuartile,sl:o,ad_duration:15.018667,ad_dimensions:834x470,player_dimensions:0x0,volume:0}]},vv:3.5.0,es:0,sc:1,ha:1,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:{i:0,o:3733,n:0,pp:0,pm:0},slEvents:[{sl:o,t:30,wc:0.0.1600.1200,ac:215.1888.834.469,am:v,cc:215.1888.834.469,piv:0,obst:0,th:0,reas:l,bkn:{piv:[3723~0],as:[3723~834.469]}}],slEventCount:1,em:true,fr:true,e:,tt:jsvid,dtt:104,fm:rNGd83R+11|12|13|14|15|16|171|172|173|174|1811|1812|1813|1814|191|192|193|194|1a1|1a2|1a3|1a4|1b|1c11|1c12|1c13|1c14|1d|1e*.926608|1e1|1e2|1e3,idMap:1e*,rend:1,renddet:env,rmeas:1}&br=u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.174.17 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-22-174-17.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Jan 2020 20:36:48 GMT
x-server-name
dt09.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
status
200
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
tracking.png
trk.connatix.com/ Frame 4B18 		0
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk.connatix.com/tracking.png?connatix_sess=fz3zJcPi5LtypDsvOOCnH4PIgdwnO_IMjm5ROFPuX_Vw7bZQ9i3f9Kzmuf2zL0BNxyTmfHp9ctvGmSHOOeD4CXti0WGsINNuctCVcaNMlpDZeCGwcD60zZfdQfsLoIrDS7LZQPC4I67t11TBucmumzKHbQ2DCkzCJU7hxUbqdguGKoI3FBioMGoVAyR7Aggm&c_aid=15447&c_vid=639404&cb=ce98b4ec2d4445cc68741579120608658&quartile=1&c_v=1838_0_0_0_0&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fako-ransomware-another-day-another-infection-attackin&xplt=true&spp=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.1.64 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-215-1-64.compute-1.amazonaws.com
Software
nginx/1.15.9 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 15 Jan 2020 20:36:48 GMT
Server
nginx/1.15.9 (Ubuntu)
Connection
keep-alive
Content-Length
0
qt
trk.connatix.com/ Frame 4B18 		0
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk.connatix.com/qt?c_q=1&c_pl=i6d0BBRHRs2GJtDZ1Ga_5dtqtdxdcg4f8UHt4gMkTiSgVOeEUagwSJvYbOdvJG_6sSkfilDxjzwgZpgB9OmHqF1M3Lm6aQldkp-a0H4AHZ9bTK_Fxhp8hXzgFnkHAYF2zi1Qe2i9ZDNlo7-Lc9cglYJ3EYWrUTsiDKvXBSQ6kajQzfkCoKLyxpWYfIlG2SlHlyXbQwlnl9sQ2tIMEpzVoEGb5iKReM81bNVtn0PaCR-8zp9NsNlIQyZfe0gvSJIvfn8mmUZCBjdgQ28VhqNqHg&id_va=a2ad0420070f5edcf5311579120604655&c_v=1838_0_0_0_0&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fako-ransomware-another-day-another-infection-attackin&xplt=true&spp=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.1.64 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-215-1-64.compute-1.amazonaws.com
Software
nginx/1.15.9 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 15 Jan 2020 20:36:48 GMT
Server
nginx/1.15.9 (Ubuntu)
Connection
keep-alive
Content-Length
0

Verdicts & Comments Add Verdict or Comment

152 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery object| freestar object| apd_options function| gtag object| dataLayer object| elem object| scpt function| __cmp object| adsbygoogle function| Blazy object| google_tag_manager object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad boolean| _gfp_p_ function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| google_t12n_vars string| GoogleAnalyticsObject function| ga object| fixto function| validate_comment_box_not_empty function| cz_strip_tags function| cz_br2nl function| editForm string| loginhash boolean| main_nav_hide_flag number| scrollTop string| main_nav_hide_timer function| call_main_nav_hide number| cz_header_pos number| prevScrollTop object| jQuery1111005992558439384332 function| loadDeferredStyles function| raf function| __uspapi boolean| fifabAlready function| fi_fab object| cnxUmm object| cnxEnfStorage function| cnxsetTimeout function| cnxsetInterval function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async undefined| _ object| fsdata function| load_script object| googletag object| fsprebid object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| closure_memoize_cache_ function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto object| addthis_share object| addthis_config string| cnxPageGuid number| spp object| cnxJSONP_8d2b11677f9b8d3990a11579120598927 function| __cmpui function| _slicedToArray function| _nonIterableRest function| _iterableToArrayLimit function| _arrayWithHoles function| _typeof function| ownKeys function| _objectSpread function| _defineProperty object| _0x49dc function| _0x38d8 object| BT object| BT_PAGEVIEW_MAP object| blockthrough object| BT_RETRY object| BT_REDIRECT_RULES boolean| __@@##MUH function| fsprebidChunk object| _pbjsGlobals object| __core-js_shared__ function| JSEncrypt object| confiant string| btID object| oattr object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| confiantTryToGetConfig function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| _atw function| btjsonpcallback1579120599775 object| cnxJSONP_f8d95c7ae627661035eb1579120599457 string| addthis_exclude boolean| addthis_use_personalization string| addthis_options_default string| addthis_options_rank string| addthis_options object| __callbacks function| err__1579120600800 object| __AMP_LOG object| __AMP_ERRORS boolean| ampInaboxInitialized object| __AMP_MODE function| __AMP_REPORT_ERROR object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| AMP object| MoatSuperV26 object| closure_lm_420500 object| cnxJSONP_48df9f231a597df8f3801579120604655 function| cnxAddEventListener

16 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
www.bleepingcomputer.com/ Name: _fsuid
Value: f778df50-cae5-4c04-8b0e-f25b68b2f7bb
.bleepingcomputer.com/ Name: __beaconTrackerID
Value: rj4szmexb
www.bleepingcomputer.com/ Name: _pubcid
Value: d92ddb9b-a3bd-4f97-ae58-d7bad836583f
www.bleepingcomputer.com/ Name: __atuvs
Value: 5e1f77d7a313f7c0000
www.bleepingcomputer.com/ Name: _cmpQcif3pcsupported
Value: 1
.bleepingcomputer.com/ Name: _ga
Value: GA1.2.951501729.1579120599
www.bleepingcomputer.com/ Name: fssts
Value: false
www.bleepingcomputer.com/ Name: lav
Value: 7525
.bleepingcomputer.com/ Name: _gat_gtag_UA_91740_1
Value: 1
www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses Name: fsbotchecked
Value: true
.bleepingcomputer.com/ Name: session_id
Value: 5a82dfa73d2f13ec01eb9a32aba6cfc1
www.bleepingcomputer.com/ Name: _fssid
Value: fadf94a2-35ac-4e47-96cc-97e5e562b225
.bleepingcomputer.com/ Name: _gid
Value: GA1.2.987177626.1579120599
www.bleepingcomputer.com/ Name: __atuvc
Value: 1%7C3
.bleepingcomputer.com/ Name: __cfduid
Value: d0a616e37c75e4c03177f74cce3fc35531579120597

15 Console Messages

Source Level URL
Text
console-api warning URL: https://quantcast.mgr.consensu.org/cmp.js(Line 1)
Message:
Dependency check failed for Publisher Purpose Legitimate Interest IDs: Publisher Purpose Legitimate Interest IDs must be an array containing only purpose IDs contained in the Publisher Purpose IDs array, the following purpose IDs will be ignored: 1, 4, 5
console-api warning URL: https://static.quantcast.mgr.consensu.org/v28/cmpui-popup.js(Line 1)
Message:
Unable to get NonIab Vendor list.
console-api log URL: https://freestar-io.videoplayerhub.com/gallery.js(Line 1)
Message:
Video gallery initializing
console-api error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020010202.js(Line 6)
Message:
Exception in queued GPT command TypeError: Cannot read property 'getItem' of null
console-api warning URL: https://cdns.connatix.com/p/1838/min/connatix.renderer.infeed.min_dc.js(Line 2)
Message:
AdStopped
console-api info URL: https://cdn.ampproject.org/rtv/011912050130240/amp4ads-v0.js(Line 412)
Message:
Powered by AMP ⚡ HTML – Version 1912050130240 https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
console-api warning URL: https://cdns.connatix.com/p/1838/min/connatix.renderer.infeed.min_dc.js(Line 2)
Message:
AdStopped
console-api warning URL: https://cdns.connatix.com/p/1838/min/connatix.renderer.infeed.min_dc.js(Line 2)
Message:
AdStopped
console-api warning URL: https://cdns.connatix.com/p/1838/min/connatix.renderer.infeed.min_dc.js(Line 2)
Message:
AdStopped
console-api warning URL: https://cdns.connatix.com/p/1838/min/connatix.renderer.infeed.min_dc.js(Line 2)
Message:
AdStopped
console-api warning URL: https://cdns.connatix.com/p/1838/min/connatix.renderer.infeed.min_dc.js(Line 2)
Message:
AdStopped
console-api warning URL: https://cdns.connatix.com/p/1838/min/connatix.renderer.infeed.min_dc.js(Line 2)
Message:
AdImpression
console-api log URL: https://js.ad-score.com/score.min.js?pid=1000426&tt=if(Line 179)
Message:
[object Text]
console-api debug URL: https://js.ad-score.com/score.min.js?pid=1000426&tt=if(Line 154)
Message:
console-api debug URL: https://static.adsafeprotected.com/sca.17.4.114.js(Line 32)
Message:
a: 0.0009765625ms

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.pub.network
acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
ade.googlesyndication.com
adrta.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
apex.go.sonobi.com
api.quantcast.mgr.consensu.org
as-sec.casalemedia.com
audit.quantcast.mgr.consensu.org
bc-rtb-dub.springserve.com
btlr.sharethrough.com
c.pub.network
cdn-ssl.vidible.tv
cdn.ampproject.org
cdn.connatix.com
cdn.districtm.io
cdns.connatix.com
ck.connatix.com
cluster-na.cdnjquery.com
confiant-integrations.global.ssl.fastly.net
core.connatix.com
cse.google.com
d.pub.network
data.ad-score.com
dmx.districtm.io
dt.adsafeprotected.com
eb2.3lift.com
ecdn.analysis.fi
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
freestar-io.videoplayerhub.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
graph.facebook.com
hbopenbid.pubmatic.com
i.connatix.com
ib.adnxs.com
ima3vpaid.appspot.com
imasdk.googleapis.com
ipds.adrta.com
js.ad-score.com
node-uk-zahhu3.sitescout.com
pagead2.googlesyndication.com
pixel-a.basis.net
pixel-sync.sitescout.com
pixel.adsafeprotected.com
pixel.sitescout.com
protected-by.clarium.io
quantcast.mgr.consensu.org
r4---sn-4g5edns6.c.2mdn.net
rtb-europe-west1.openx.net
rtb.connatix.com
s0.2mdn.net
s7.addthis.com
s9.addthis.com
sb.scorecardresearch.com
search.spotxchange.com
securepubads.g.doubleclick.net
springserve-d.openx.net
static.adsafeprotected.com
static.quantcast.mgr.consensu.org
tlx.3lift.com
tpc.googlesyndication.com
trk.connatix.com
us-u.openx.net
v1.addthisedge.com
vendorlist.consensu.org
vid-io-dub.springserve.com
vid-io.springserve.com
vid.springserve.com
vpaid.springserve.com
web.hb.ad.cpe.dotomi.com
www.bleepingcomputer.com
www.bleepstatic.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.reddit.com
z.moatads.com
104.108.39.228
104.16.68.69
104.20.60.209
104.26.13.6
13.224.196.13
13.225.78.17
13.225.78.52
13.225.78.58
13.225.78.86
130.211.115.4
151.101.114.217
151.101.13.140
151.101.13.194
151.101.14.217
172.217.16.194
172.217.18.98
176.34.141.200
178.162.133.150
178.79.175.86
18.200.219.23
185.33.223.100
185.64.189.112
185.94.180.123
199.166.0.26
213.19.162.71
216.58.205.230
23.210.248.44
23.210.249.164
23.210.249.83
23.210.249.92
23.210.250.213
23.37.55.184
2600:1901:0:fcac::
2600:9000:20eb:d600:9:46dc:4700:93a1
2600:9000:2156:b000:1:af78:4c0:93a1
2600:9000:21f3:2a00:9:46dc:4700:93a1
2606:4700:20::681a:18b
2a00:1288:f03d:1fa::4000
2a00:1450:4001:6d::9
2a00:1450:4001:800::2002
2a00:1450:4001:80b::200e
2a00:1450:4001:814::2001
2a00:1450:4001:816::200e
2a00:1450:4001:81b::200a
2a00:1450:4001:81d::2002
2a00:1450:4001:81d::2003
2a00:1450:4001:81e::2004
2a00:1450:4001:81f::2006
2a00:1450:4001:821::2008
2a00:1450:4001:821::2014
2a00:1450:4001:824::2001
2a00:1450:4001:825::200a
2a02:fa8:8806:16::1460
2a03:2880:f02d:e:face:b00c:0:2
3.120.155.10
3.215.1.64
34.205.34.196
34.95.120.147
35.188.71.214
35.226.36.58
35.241.44.144
52.1.14.65
52.18.86.70
52.210.0.3
52.22.174.17
52.28.239.79
52.29.208.172
52.57.98.188
54.209.206.137
54.236.131.34
66.155.71.149
66.155.71.25
66.155.71.27
69.16.175.10
012d6e197386f9ec90f8805f2e87a6c5650f29a6e208d1c8971937c78c9b1eae
014dead4d2849d7266dd1892a920aebd0d784e3d2dc26a2b4b27bb4575bff31c
01959b20ffb42308edc33244076a822d3082a65870b3b07ac22db47d12d87048
01c00d59c63921b2fe1e39ba741be020fd873448b7cd65507dd4caa7a557dfa9
0289758c8c964fbe0ec421527203b54fa728f037f3e023b002691158c82d7f98
02e887361b9e6e6d1f56c4773766a8b2a82f12fe7bc604402849d2bd1970372c
0406a183daff0fdc4ba7415b40291a8b042a12da286052926a8870d1c1a1ac43
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0489ff023fef2455f4f6d9a25f2fb23bc59be9e4877a55c5d89791a6368d9de8
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
09f275f1b41cd2ad756117ebf3edaa38324e036c5aa6718964a8b4e745dcc005
0a67b662b7b3cf3a2c1bdead4b64847269e8bb371f0938d3f6638fdce358d6e5
0b2fbf0423f41b0992b882dd33877c72f3cbe8123cac4db0cb0849f0b6f92430
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0f427d0f88a0698c955ff63bf13af4ca80c9b32f218b5e210847450da901a74f
11b87f97f383be16feacaf42c1eca02ff7bb7a4a45562f538d80d92f021de2eb
14c69eb3655f8fae37ce0c2be948d6fa8181f575b8b6b3756e658514426df2bc
155a8162f12ac4d9ed25f66a92b14f09a5575ea7b976e2b653f15f727a3a6ed2
178edd66897f4d3163320b39fd9575b7d23be3e8aab4cbe878a5846933eda49a
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
19db4a2cde712e2ceaac317e732b4ec40b62818a938a8bf8391ad68470845019
19e1dbba639ba68ceb71cdada9621e11d0aec6edba410971f1937d6cc4935b32
1b85d63e25aadfa4bdc50188ef6385f450f7c9479136b6f581e9863f0005f253
1cc73be67c45f1d36abb78716c77a65fda71878207fc1bb6e7431498f6d270c1
1d52799116d97ec452c48375e00ff6dadd9e91e5fd5f65db91b5a8f3ecefb543
2101b4a56ea0239133dbd7169e3b0aed1a2306fd4edc810e2e619cd2eb4f963b
22e977346d45bab9f531ce1132d7ecfbe8e46868eaea790a0d4dcd1d0649d74b
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
253ec34929e04bb2b170dee5c2b82bb9885d3cc203b473aa14fe4264ed872d0b
2950e6412113dcfd949a5d6999756b58c5c6c41a479ab06f317cc8dfa464d5cc
2b745d31b7d034bf9e1d941f92af88ce4a99e94016d6c1858332e52a98d7e732
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb
2fed48635c22561e220f33146ded90ed321cf91dabc264cd8d922c69b0ce7feb
31cd7d9398307ca2e6cfaa111bbe7b69d69cbaaed2ff74034412ebc5008671fd
32e73e8e0eec3e6c1345d84e7ef091b90e71fb0045814043b34c914156235eb9
33eb81af8a0101c1ad2a210f322fb362ce1598e6e37f0a7ecc62d6ff39add590
3465c2de1ae10c517ca057b01c0aae9d2c9838d30366beb6938ce2304ca04003
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3724c71539d2c196641ba6824b20db8b694d3e71f59b6eb63ac9ffce582343e6
3b6a84a416edfb98ed7608dad8cd26ffd7123e54bce2bb13a4a3394e0b948382
3bd0048dce1f98e12fff394727e4f0836cd8b6569b1ae4a9209ac78d54f355c0
3ece895b66f51d3228d73a6a39748f782501ded082e44299ad0c128c0d416850
4208c6995eaebe4feca975976d81a5841f05a398640025cbef8771b92ad4756c
454cbaa0c3d827d7d585b92bcdc36047aca5b95fc65b8bf44596fbcf8c57fa82
480a5c4ff6bf3b83ee450ff0a5273e95db0828ab19e57aed6dc7cd25a6f9e280
4b09d7cd58b704b5997909fbafa65fa805df3934e69c38f56039344c6d592eca
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eeb4df3522892ea2ec61de6a58e870e8262019f8e3c759c099450cefb589313
4f404a0e59fe8af5e24248a8bf3b6b347e705beeea87612e68b9db5c514fed10
4f6913616c498c0c9723d57e9e73e0569539b0c9c9b642dfb62876a82ed52e5e
506b3471a129d69b6fedffc9bf4f12b8d23826f8460b775325918d51dce9be14
5071118f02a99dc4a5e7d4a80a3922d5282a77763ed1db3dec87a1ccc8e548c8
52900668f621c3ff471517147181fe444f8c6fc969307609ffeccf13ac51ddaf
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5755986e6c2ec6f8dcba61d850bd9871794787945d22d164dd9a33e3080a7920
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5a4061ff8312e2ad494bd984b7df966438232be64a3b284ab69f66c6705009a6
5ae3aa45dddd81d388fdb378ff250b27e08506f3a880277f017429e5e2f2b099
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5d4244a8cdc5f524c32d767db95769532199a5d9c5ddf83d25fcbcc4291bd6eb
5df4a7370b55750f82801f9bd74f80667364473150d06c784e6bf8d991dbf887
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
5fe405e64b42b49a5813c2c7b8e48ccf290310c5eb351d2b15966856d1a2f06e
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
6124b7c59aadae279e1f0ecb561ed9b0c4fe22cb31c32c8c934e5423887c5426
627128aa43dc242642c6d678f53ebface174b2a3a3de58522b644fd5c61c5f67
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
638998a47bf176798ee15c8fe3863f0711477622c83758384c006a9f6497cadf
67d86a29de7993fbd23b7dde2c4f26bdc434055c35a4b08c830c0d02fcfa6dd2
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b35928516166cd82f6719b7a80d63235675b3da67caa07eee94bf78e963073e
6d6ba56847c2fd8f96549c14ff9e0d2545fd0615e0c9f7f6d45c69ba9e2ed98f
6e86593083facba2710a2312f26bd7b436d7ef299f99cbc2ccc1b32693ec3144
719ee23c72e39d0f1de0dead502eb83e5bacb68bcd842f177430c16e7ddc35c2
725d7f69918d06acd1e7c9788a28f5d16aeecd7c65386c17681b1a31090a38a7
741bd6697fb44347279e0af6133110dfdfa0f7136f1cfef556882856bab41580
74fcececa7a265a5951e21d93a5c856ac634848506647d47f9afbc2adcb92ace
764c862d312159b49f8e6fd8b1944c16499713abe7236eb8b6b40f20cf1033fa
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d
7c20e3e201e3d7c6821e907def1257deb544eb08578c7129b96d53bbf62d34e4
7c42933014424dabb2256a0732a9f792559d26ba09a84308c278f52834522f9a
7d6d26827b887aa09b2a5eb7c001e35b93773e53c36ddbfc127ad824e0a6ba39
7e7c74d95df84ef3a6be5c4fcde54fae313a04a9bd611059e6a97a23ff09f26f
7e94fbebf526effec4239c82e5435a412d81ffc4bc9bddf13f9aa1170f6d803e
7ef52af34aeee37e2e6433fdec511d86fe9f9ab816d0c6fc3b2fc5e419c438c2
7f3c50c4740822ea40e0785389fb371a684a48e793176820d3ac38bb97c68e86
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
816ec7f0b489b0fd32872606d9458c49ac0d3f3fcbb901bd0a38f797d2eb14b1
826b3467748a5f22dec20cfe0dcbaa77990f69085e25f63ee25574171499944f
827252be04765631f8ff21fee8ffe1028e27dfa52f62c08ef3182609a0a0e991
82bf258eef3957c50d203a0123586b9038296ebc016641fcec5dbf7cff7924e1
82c7fdbc4d001907e1e5d56cd335af3f0d48e0ffa7f0ad2aa3486ebb1123cb21
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85ae9534729617e69eafa40195c7854697eb3d13b4205f3ee467e07c4af0a24b
868445991cf301f6b70acc20e52f9ff54a245ecb7a04d209c5b621b5bcc24fd9
8733e2183f16906b2fa2e58fdab82cf336f249ab71ac1b184470da2dd3c6e29f
87562d3773ffab3d0716a70faa73c38b322fde3b8f265c3d646a3cea976ef67e
8a56e644a617b2d1e4e7d808dfc334a7ea8622979f22999dc9eccd21c61958b3
8b62d70599131c862a9abeb3484f96b90d3c45c57fcec4e2c8375537fab6fb93
8be02838498df5f3659373683e3c055134a7bdf9e3695f78b55306a13e3d10a4
8fd42efdbe5b2b76b222cf5c5be1552758080212eaa58f9c74e68695fd3ff979
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
93e6650f0e88e7b9ae30e0f323885b3c6cad998bb165752a287667d629ad0b60
942935ead42820e6c9184f099c77dde34fa4be70d395a17c47b5d7ad07967339
95b5758dc1241c8b7174a9232cbf7d7b15bd9808a7f1409f3aaf03ce07c23696
994a3ec84e51a3e1e75d62761006b88eeeed1192c023ba835b3b14d07cf7c336
9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a
9c324bf76b4e9f1088abbf0b81a78bbf73e85c40bf0245e8799fdf09169047c8
9c51ebde460afef5e24fbb9b218907b3ed17defa92515cef1cea3344f8d2d921
9cd23d2af62ed19e4325d8cacdb63479c1ed79321265111c33fd8c72f5f4751a
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
9d889b741546b865b09f3b42db4655181e913fc838356f5f954970fb5999a67a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4f56acb6735053bff683bacc809f33b3e1ceb335ad73ecc541c8eb45497932a
a5dc0bc1e9a5cc13e68e732abc09a40c86880663cce78a5364837cde57b09f39
a655d8f1afec2516ac82db7e64c93c930bba6fd5ad738e3682c92019d8faee55
a9426bced0788d43c25c048dcbd1af38dab815d33e2eccf58302e495cce53606
ab52a578c101a14bbc790f87f9a7400dda65469f23c6ce85c461e07cdf776460
ab856b5203ff7aae954d0d3f1a80b52429a622f64462321b99bcde9025aea23f
ab99b94ce42722a9b966906754075df92c870cb9ff1aa1c48920008806079153
abe73f199ae0497d55b8f37ad23c5a1aeececdf9d22df7e261c1681317005357
ad786cfc99c7bafd6583961542ee04324d564f5f15b61c1717b98f012869526c
ad9ae0374e0334d2511e951a2381a164fa87ce86594fc027d25a8624774c3c96
afb56ea7aff3e1ef0e436a0c89d149022d61b20a28cb42e2f55bb6d2cff409d3
affd87461f2babd57a2f7aec75e9193e8e71a377e8249a02c95a5f43326e289e
b0e077c071d8cadd7f559a3bfba9b136c071a5a0bc7cb6d952171b5f427cfa11
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b34676178982122b66b0a55d3ee411fa343b1d19a6c119c0c9b0ea2c892738a1
b3498f138f5418bd58413e79e4c0969e618d6f2fee2d9d98c0f4e70a6cbd04ad
b388700842c722b76892ae257a262436a354966566be5fc2fc06dcb7a006d49d
b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad
baf26fb67a99412ea53f06cb96a51e8aaa29b8a214846ab861c4099355128c4c
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd1c350ff041a3ab0f095cd4324727b477d8a987818d2f9593dc0a2ba6988ab1
bfc8e65089dc5421d56ecc71a0328eafd4feb2a602503ae5c15bfa3189c02f7e
c0b559eb6901ba9ccc4a76dabfec74c024243c9d081edcdc74161988e11d0636
c0c7bd5bf25a1c21a2888bc53f59d9d4cb707404d652e07f8da499b0cf4ccf0a
c1622dcb2efceca2f6a39f26a0d3342ea8d126e0d8816589779dc1900b91dee3
c3034d0370c5faa09e7a8d7b0c48925afa0371cf17e4827dde23059f56019dae
c319af5c5ca7ff390c1791b8592111f52e080ac99f076efa1ab36c518adccd05
c44e880e262193fc7eda94d6c918a14944c0f98419da7152a701035ab3ee1aea
c80e699ee89e586e9cbfe11a3216be0b3f490bead83aeace4c5b3953c60f9a33
c9e727b37a735a7983ea8bdad06a38b246261c239bb80b86cc0ff3663c910adb
cb661fcce7ca25419bc22b0f7809fbfb4bd9f4dc65c7f67564a8ee98f7d1ddbb
ce2a0fea70fd21f866c591e155c8827b8c7aec2290ef063f60d39edc5c511ae0
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
cf1091e08a0a0c7b7e407014d53bda0223573859d06351c958a1174479a77752
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d020fa6036628dd1d6dbf760edc742273359e93119832249bdce332d05d6db4d
d060bda92e3f4fca2498854d02a5bae2060734f13ed6a418adef28f8e60f6283
d229886fc63edf6b95865ad6a9e90b589ca7585d2203bc61b69f73f61f746830
d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f
d44b93a0af159f0d547d7ec89e9227a5667ce1171bc630e6fbf79dae0e596e2d
d4f4e80186d140ba296b429fd8f894ec2aef24bb2d5568032afe95b21878bfb8
d799b60a229931b91833821a80c5a2e372254ba46e1f91ad91e65916572c8eff
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dab5d79e190f4869eed0fc4c6ac7f59b0aa0780c92a93d6f0dd60e077c75c20d
dadad2e5dcaaaa4050a0d85124da9d7d12c70aa2bf2861e4a70fe5fd40eb8ba5
db80755b844fe96e5b4f65ab72706800012045f18acc568e412fb668b32456c2
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dc4901c98d2d148275ee34fe6296023ea75accf23b6a3db2bfeca52896333162
e17adc65e5c03cac7a52854e68d04810afcb3e640dc4429643dc91904fa421f9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5e0f326458e8b8ed839d42a0cf6892df80bf26d7dc7e4f8276a65c41582ab85
e70285a8a09eeb424647ce468ec4f2c1251acbe0ba3c6ce332237e765abd0a7d
eb106918f8815a6cf58e17b8bbda4538468629a93509a98c2952d3d888ce3ec5
eb1b0bcf7330607a722d5c3293f24020f2b65621ffe2d03961d5cba2e126b5df
ecc0c4a707efeb061b7de57440221feb21ab08022938aaacee779e98fe809235
ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34
eeff201b07eeaea59bf99b1b53f0f91ca7bbc88dceb35a96639e54a4704e67c0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3752d43c87ebab47c00beac925bef166fe4168f4ddce6fe0c21a0790da59f8
ef882b02261b9ba0eaed427e1ad813023a6320cbbdfcc42286f67c25f1704998
efe95cb2cc312e0132b0ce914c642ecee0534223df3f1d47579cdabe6cc070cd
f37a5e8a01e3319514b058c768158f79f3a15a34feafe5ab56f7beb22a574c68
f3f2e26fc8d0b0bbf319d9a6f922c4257fa0f1d16b91f74554132cf4bc62e0eb
f854a5ec9d344b191c52029f50f958b63fa09369418a4f939dc07ec928c9c34a
f8a52990bbe6892abb730d241570fbfbd2ff2fc707fdd3004c7dba6e843bbae3