urlscan.io logo urlscan.io
SecurityTrails logo

www-malwarebytes-com.cdn.ampproject.org Open in urlscan Pro
2404:6800:4006:810::2001  Public Scan

Go To Rescan Add Verdict Report
URL: https://www-malwarebytes-com.cdn.ampproject.org/c/s/www.malwarebytes.com/blog/news/2023/09/ransomware-group-claims-its-compromised-all-of-sony-s...
Submission: On September 29 via manual from NZ — Scanned from NZ
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 7 domains to perform 13 HTTP transactions. The main IP is 2404:6800:4006:810::2001, located in Sydney, Australia and belongs to GOOGLE, US. The main domain is www-malwarebytes-com.cdn.ampproject.org.
TLS certificate: Issued by GTS CA 1C3 on September 4th 2023. Valid for: 3 months.
This is the only time www-malwarebytes-com.cdn.ampproject.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

10    2404:6800:4006:810::2001 (Sydney, Australia)

ASN15169 (GOOGLE, US)
www-malwarebytes-com.cdn.ampproject.org
cdn.ampproject.org
1    2404:6800:4006:814::2011 (Sydney, Australia)

ASN15169 (GOOGLE, US)
csp.withgoogle.com
1    2404:6800:4006:809::200e (Sydney, Australia)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2404:6800:4003:c04::9d (Singapore, Singapore)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2404:6800:4006:80a::2004 (Sydney, Australia)

ASN15169 (GOOGLE, US)
www.google.com
1    2404:6800:4006:814::2003 (Sydney, Australia)

ASN15169 (GOOGLE, US)
www.google.co.nz
Apex Domain
Subdomains		 Transfer
10 ampproject.org
www-malwarebytes-com.cdn.ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 331
237 KB
1 google.co.nz
www.google.co.nz — Cisco Umbrella Rank: 21461
408 B
1 google.com
www.google.com — Cisco Umbrella Rank: 11
533 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 175
425 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 96
453 B
1 withgoogle.com
csp.withgoogle.com — Cisco Umbrella Rank: 2242
0 malwarebytes.com Failed
www.malwarebytes.com Failed
13 7
Domain Requested by
7 cdn.ampproject.org www-malwarebytes-com.cdn.ampproject.org
cdn.ampproject.org
3 www-malwarebytes-com.cdn.ampproject.org www-malwarebytes-com.cdn.ampproject.org
1 www.google.co.nz
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 www.google-analytics.com 1 redirects
1 csp.withgoogle.com www-malwarebytes-com.cdn.ampproject.org
0 www.malwarebytes.com Failed cdn.ampproject.org
13 8

This site contains links to these domains. Also see Links.

Domain
www.malwarebytes.com
www.capcom.co.jp
Subject Issuer Validity Valid
misc-sni.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.appspot.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www-malwarebytes-com.cdn.ampproject.org/c/s/www.malwarebytes.com/blog/news/2023/09/ransomware-group-claims-its-compromised-all-of-sony-systems/amp
Frame ID: 357DD73799CBDE482226F4C26E70E6C6
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Ransomware group claims it's "compromised all of Sony systems"

Page Statistics

13
Requests

85 %
HTTPS

100 %
IPv6

7
Domains

8
Subdomains

4
IPs

2
Countries

238 kB
Transfer

574 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=Ransomware%20group%20claims%20it%27s%20%22compromised%20all%20of%20Sony%20systems%22&sr=1600x1200&_utmht=1695953080109&cid=NAdF4MLDU08PswSR163icAaXTZSdasNWFT3fwb_E-VnV7u5C-QW-rHWsY9r8IhSI&tid=UA-3347303-10&dl=https%3A%2F%2Fwww.malwarebytes.com%2Fblog%2Fnews%2F2023%2F09%2Fransomware-group-claims-its-compromised-all-of-sony-systems%2Famp&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.9012120065798839&_r=1&a=2010&z=0.123417337430058 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-3347303-10&cid=NAdF4MLDU08PswSR163icAaXTZSdasNWFT3fwb_E-VnV7u5C-QW-rHWsY9r8IhSI&jid=0.9012120065798839&_v=a1&z=0.123417337430058 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3347303-10&cid=NAdF4MLDU08PswSR163icAaXTZSdasNWFT3fwb_E-VnV7u5C-QW-rHWsY9r8IhSI&jid=0.9012120065798839&_v=a1&z=0.123417337430058 HTTP 302
  • https://www.google.co.nz/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3347303-10&cid=NAdF4MLDU08PswSR163icAaXTZSdasNWFT3fwb_E-VnV7u5C-QW-rHWsY9r8IhSI&jid=0.9012120065798839&_v=a1&z=0.123417337430058&slf_rd=1&random=3927857219

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request amp
www-malwarebytes-com.cdn.ampproject.org/c/s/www.malwarebytes.com/blog/news/2023/09/ransomware-group-claims-its-compromised-all-of-sony-systems/ 		35 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www-malwarebytes-com.cdn.ampproject.org/c/s/www.malwarebytes.com/blog/news/2023/09/ransomware-group-claims-its-compromised-all-of-sony-systems/amp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:810::2001 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
022d2cc75e3b3195a9f63118c0cc63f8efe410d60e6e354bb99353e94100db7f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src 'sha256-0EzT5rjCdQIs7Zb99eHUlAOmKUanRXRrJoqJ+VYepto=' 'sha256-5CxqAdDXlHviOy7zxeRpMobzRK/JNpLvkS+k8Zj3L3A=' 'sha256-FIBGC/wl1Qfnh2Fb5NPFHmRty7BHJdDpWW1FZ8egppI=' 'sha256-UXYprBCAtnqoL5acf14iemip/+HI+gDFh92yyXkM3XI=' 'sha256-dKn2nAtwgzaaXC8ZM58hhldxNyeuu4qrzW4H9//9YMA=' 'sha256-i9nAf5M9USb+lB7ZtayKdAWymLU1MCklCTdsyXbMgCs=' 'sha256-wjUSvXYNfPUUTPZYrn4pOEcf2ecDdjd3N9Av3GDSwZw=' 'sha256-yAAlWuem9ue55JEvxkWhcWWA1Zu0p6cgbYtDWJjsdvs=' blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
https://www.malwarebytes.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=60
content-encoding
br
content-length
10012
content-security-policy
default-src * blob: data:; script-src 'sha256-0EzT5rjCdQIs7Zb99eHUlAOmKUanRXRrJoqJ+VYepto=' 'sha256-5CxqAdDXlHviOy7zxeRpMobzRK/JNpLvkS+k8Zj3L3A=' 'sha256-FIBGC/wl1Qfnh2Fb5NPFHmRty7BHJdDpWW1FZ8egppI=' 'sha256-UXYprBCAtnqoL5acf14iemip/+HI+gDFh92yyXkM3XI=' 'sha256-dKn2nAtwgzaaXC8ZM58hhldxNyeuu4qrzW4H9//9YMA=' 'sha256-i9nAf5M9USb+lB7ZtayKdAWymLU1MCklCTdsyXbMgCs=' 'sha256-wjUSvXYNfPUUTPZYrn4pOEcf2ecDdjd3N9Av3GDSwZw=' 'sha256-yAAlWuem9ue55JEvxkWhcWWA1Zu0p6cgbYtDWJjsdvs=' blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-type
text/html; charset=UTF-8
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-eng"
date
Fri, 29 Sep 2023 02:04:38 GMT
expires
Fri, 29 Sep 2023 02:04:38 GMT
last-modified
Fri, 29 Sep 2023 02:03:23 GMT
link
<https://cdn.ampproject.org/rtv/012309151607000/v0.mjs>; rel=preload; as=script; crossorigin=anonymous
nel
{"report_to":"nel","max_age":604800,"success_fraction":0.05}
report-to
{"group":"nel","max_age":604800,"endpoints":[{"url":"https://beacons.gcp.gvt2.com/nel/upload-nel"},{"url":"https://beacons.gvt2.com/nel/upload-nel"}]} {"group":"amphtml-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-eng"}]}
server
sffe
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-page-speed
0.9.10.99-9999
x-xss-protection
0
v0.mjs
cdn.ampproject.org/rtv/012309151607000/ 		222 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309151607000/v0.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:810::2001 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da624cca26f8dd80b2dfbda372fb04ab7ef0097987620937a5fd4e654e10d5b3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www-malwarebytes-com.cdn.ampproject.org/
Origin
https://www-malwarebytes-com.cdn.ampproject.org
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 26 Sep 2023 19:31:08 GMT
age
196410
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63519
x-xss-protection
0
server
sffe
etag
"ad75d3f92f85a6a0"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 25 Sep 2024 19:31:08 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012309151607000/v0/ 		94 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309151607000/v0/amp-analytics-0.1.mjs
Requested by
Host: www-malwarebytes-com.cdn.ampproject.org
URL: https://www-malwarebytes-com.cdn.ampproject.org/c/s/www.malwarebytes.com/blog/news/2023/09/ransomware-group-claims-its-compromised-all-of-sony-systems/amp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:810::2001 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0021634309d4f589c6803d3d3dbe0ab9402a524993ab8df667d16c33d23d1fec
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www-malwarebytes-com.cdn.ampproject.org/c/s/www.malwarebytes.com/blog/news/2023/09/ransomware-group-claims-its-compromised-all-of-sony-systems/amp
Origin
https://www-malwarebytes-com.cdn.ampproject.org
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 25 Sep 2023 17:11:04 GMT
age
291214
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29001
x-xss-protection
0
server
sffe
etag
"c5564a9c7a93c19c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 24 Sep 2024 17:11:04 GMT
amp-consent-0.1.mjs
cdn.ampproject.org/rtv/012309151607000/v0/ 		51 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309151607000/v0/amp-consent-0.1.mjs
Requested by
Host: www-malwarebytes-com.cdn.ampproject.org
URL: https://www-malwarebytes-com.cdn.ampproject.org/c/s/www.malwarebytes.com/blog/news/2023/09/ransomware-group-claims-its-compromised-all-of-sony-systems/amp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:810::2001 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
252b78596df57a4c0c0238a2b39c53b4eab9ec11c94058436bec8aa4f1fd20ac
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www-malwarebytes-com.cdn.ampproject.org/c/s/www.malwarebytes.com/blog/news/2023/09/ransomware-group-claims-its-compromised-all-of-sony-systems/amp
Origin
https://www-malwarebytes-com.cdn.ampproject.org
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 26 Sep 2023 19:31:08 GMT
age
196410
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15637
x-xss-protection
0
server
sffe
etag
"89c6514bc6c0060f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 25 Sep 2024 19:31:08 GMT
amp
csp.withgoogle.com/csp/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/amp
Requested by
Host: www-malwarebytes-com.cdn.ampproject.org
URL: https://www-malwarebytes-com.cdn.ampproject.org/c/s/www.malwarebytes.com/blog/news/2023/09/ransomware-group-claims-its-compromised-all-of-sony-systems/amp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:814::2011 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www-malwarebytes-com.cdn.ampproject.org/c/s/www.malwarebytes.com/blog/news/2023/09/ransomware-group-claims-its-compromised-all-of-sony-systems/amp
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/csp-report

Response headers
asset_upload_file98661_283889.jpg
www-malwarebytes-com.cdn.ampproject.org/ii/w820/s/www.malwarebytes.com/blog/news/2023/09/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www-malwarebytes-com.cdn.ampproject.org/ii/w820/s/www.malwarebytes.com/blog/news/2023/09/asset_upload_file98661_283889.jpg
Requested by
Host: www-malwarebytes-com.cdn.ampproject.org
URL: https://www-malwarebytes-com.cdn.ampproject.org/c/s/www.malwarebytes.com/blog/news/2023/09/ransomware-group-claims-its-compromised-all-of-sony-systems/amp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:810::2001 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab50352043e73d6ebef85118620963545247a7fccf28a9c2be3652092cc9628e
Security Headers
Name Value
Content-Security-Policy default-src 'none'; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www-malwarebytes-com.cdn.ampproject.org/c/s/www.malwarebytes.com/blog/news/2023/09/ransomware-group-claims-its-compromised-all-of-sony-systems/amp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy
default-src 'none'; report-uri https://csp.withgoogle.com/csp/amp
date
Fri, 29 Sep 2023 02:04:38 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
content-disposition
attachment
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3598
x-xss-protection
0
last-modified
Fri, 29 Sep 2023 01:40:30 GMT
server
sffe
vary
Accept, Origin
report-to
{"group":"amphtml-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-eng"}]}
content-type
image/avif
cache-control
private, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-eng"
expires
Fri, 29 Sep 2023 02:04:38 GMT
truncated
/ 		84 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
654cefd1d4ac15b6db5d27278d20bd069819733a31ade71c2f7d6ed279be42c3

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		84 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e0f56cfa0102366ad59bf3f523a8b7845da56975f1f6993db1b3e1644d348880

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
easset_upload_file19417_283889_e.jpg
www-malwarebytes-com.cdn.ampproject.org/i/s/www.malwarebytes.com/blog/news/2023/09/ 		91 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www-malwarebytes-com.cdn.ampproject.org/i/s/www.malwarebytes.com/blog/news/2023/09/easset_upload_file19417_283889_e.jpg
Requested by
Host: www-malwarebytes-com.cdn.ampproject.org
URL: https://www-malwarebytes-com.cdn.ampproject.org/c/s/www.malwarebytes.com/blog/news/2023/09/ransomware-group-claims-its-compromised-all-of-sony-systems/amp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4006:810::2001 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44b6c52307911f8c5f8796d22953cfab6a92403f89a136dcc4e90c0b72205cab
Security Headers
Name Value
Content-Security-Policy default-src 'none'; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www-malwarebytes-com.cdn.ampproject.org/c/s/www.malwarebytes.com/blog/news/2023/09/ransomware-group-claims-its-compromised-all-of-sony-systems/amp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy
default-src 'none'; report-uri https://csp.withgoogle.com/csp/amp
date
Fri, 29 Sep 2023 02:04:39 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
content-disposition
attachment
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
92786
x-xss-protection
0
last-modified
Fri, 29 Sep 2023 01:50:24 GMT
server
sffe
vary
Accept, Origin
report-to
{"group":"amphtml-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-eng"}]}
content-type
image/avif
cache-control
private, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-eng"
expires
Fri, 29 Sep 2023 02:04:39 GMT
amp-auto-lightbox-0.1.mjs
cdn.ampproject.org/rtv/012309151607000/v0/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309151607000/v0/amp-auto-lightbox-0.1.mjs
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012309151607000/v0.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:810::2001 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e58333e6b4f105e0ba72cda99e66908d1f6e3ccef037506f14cf799f489d3706
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www-malwarebytes-com.cdn.ampproject.org/c/s/www.malwarebytes.com/blog/news/2023/09/ransomware-group-claims-its-compromised-all-of-sony-systems/amp
Origin
https://www-malwarebytes-com.cdn.ampproject.org
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 26 Sep 2023 19:31:09 GMT
age
196410
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2817
x-xss-protection
0
server
sffe
etag
"1e435b322755d094"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 25 Sep 2024 19:31:09 GMT
amp-loader-0.1.mjs
cdn.ampproject.org/rtv/012309151607000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309151607000/v0/amp-loader-0.1.mjs
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012309151607000/v0.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:810::2001 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3749f8d86c905567f077d8275c0a9e37cdbbc40e8733882ab6bc051153812b8b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www-malwarebytes-com.cdn.ampproject.org/c/s/www.malwarebytes.com/blog/news/2023/09/ransomware-group-claims-its-compromised-all-of-sony-systems/amp
Origin
https://www-malwarebytes-com.cdn.ampproject.org
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 26 Sep 2023 19:31:09 GMT
age
196410
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3921
x-xss-protection
0
server
sffe
etag
"755a9550b4bbdfaf"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 25 Sep 2024 19:31:09 GMT
get-consent.json
www.malwarebytes.com/js/amp/ 		0
0
amp-lightbox-gallery-0.1.mjs
cdn.ampproject.org/rtv/012309151607000/v0/ 		56 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309151607000/v0/amp-lightbox-gallery-0.1.mjs
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012309151607000/v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4006:810::2001 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69aa9ccd74e8a5030f06982c9ec631ed7ea6bd6ee881f382fc45d67c522564b7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www-malwarebytes-com.cdn.ampproject.org/c/s/www.malwarebytes.com/blog/news/2023/09/ransomware-group-claims-its-compromised-all-of-sony-systems/amp
Origin
https://www-malwarebytes-com.cdn.ampproject.org
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 26 Sep 2023 19:31:23 GMT
age
196396
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16943
x-xss-protection
0
server
sffe
etag
"de1be901be844f5f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 25 Sep 2024 19:31:23 GMT
googleanalytics.json
cdn.ampproject.org/rtv/012309151607000/v0/analytics-vendors/ 		2 KB
886 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309151607000/v0/analytics-vendors/googleanalytics.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012309151607000/v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4006:810::2001 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www-malwarebytes-com.cdn.ampproject.org/c/s/www.malwarebytes.com/blog/news/2023/09/ransomware-group-claims-its-compromised-all-of-sony-systems/amp
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 26 Sep 2023 22:54:59 GMT
age
184180
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
856
x-xss-protection
0
server
sffe
etag
"299923aefdac6510"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 25 Sep 2024 22:54:59 GMT
ga-audiences
www.google.co.nz/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=Ransomware%20group%20claims%20it%27s%20%22compromised%20all%20of%20Sony%20systems%22&sr=1600x1200&_utmht=1695953080109&cid=NA...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-3347303-10&cid=NAdF4MLDU08PswSR163icAaXTZSdasNWFT3fwb_E-VnV7u5C-QW-rHWsY9r8IhSI&jid=0.9012120065798839&_v=a1&z=0.123417337430058
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3347303-10&cid=NAdF4MLDU08PswSR163icAaXTZSdasNWFT3fwb_E-VnV7u5C-QW-rHWsY9r8IhSI&jid=0.9012120065798839&_v=a1&z=0.123417337430058
  • https://www.google.co.nz/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3347303-10&cid=NAdF4MLDU08PswSR163icAaXTZSdasNWFT3fwb_E-VnV7u5C-QW-rHWsY9r8IhSI&jid=0.9012120065798839&_v=a1&z=0.123417337430058...
42 B
408 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.co.nz/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3347303-10&cid=NAdF4MLDU08PswSR163icAaXTZSdasNWFT3fwb_E-VnV7u5C-QW-rHWsY9r8IhSI&jid=0.9012120065798839&_v=a1&z=0.123417337430058&slf_rd=1&random=3927857219
Protocol
H2
Server
2404:6800:4006:814::2003 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www-malwarebytes-com.cdn.ampproject.org/c/s/www.malwarebytes.com/blog/news/2023/09/ransomware-group-claims-its-compromised-all-of-sony-systems/amp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 02:04:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 29 Sep 2023 02:04:41 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.co.nz/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3347303-10&cid=NAdF4MLDU08PswSR163icAaXTZSdasNWFT3fwb_E-VnV7u5C-QW-rHWsY9r8IhSI&jid=0.9012120065798839&_v=a1&z=0.123417337430058&slf_rd=1&random=3927857219
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.malwarebytes.com
URL
https://www.malwarebytes.com/js/amp/get-consent.json?__amp_source_origin=https%3A%2F%2Fwww.malwarebytes.com

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| AMP_CONFIG object| AMP object| __AMP_LOG object| __AMP_ERRORS function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP__EXPERIMENT_TOGGLES object| __AMP_MODE boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS

0 Cookies

2 Console Messages

Source Level URL
Text
javascript error URL: https://www-malwarebytes-com.cdn.ampproject.org/c/s/www.malwarebytes.com/blog/news/2023/09/ransomware-group-claims-its-compromised-all-of-sony-systems/amp
Message:
Access to fetch at 'https://www.malwarebytes.com/js/amp/get-consent.json?__amp_source_origin=https%3A%2F%2Fwww.malwarebytes.com' from origin 'https://www-malwarebytes-com.cdn.ampproject.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://www.malwarebytes.com/js/amp/get-consent.json?__amp_source_origin=https%3A%2F%2Fwww.malwarebytes.com
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * blob: data:; script-src 'sha256-0EzT5rjCdQIs7Zb99eHUlAOmKUanRXRrJoqJ+VYepto=' 'sha256-5CxqAdDXlHviOy7zxeRpMobzRK/JNpLvkS+k8Zj3L3A=' 'sha256-FIBGC/wl1Qfnh2Fb5NPFHmRty7BHJdDpWW1FZ8egppI=' 'sha256-UXYprBCAtnqoL5acf14iemip/+HI+gDFh92yyXkM3XI=' 'sha256-dKn2nAtwgzaaXC8ZM58hhldxNyeuu4qrzW4H9//9YMA=' 'sha256-i9nAf5M9USb+lB7ZtayKdAWymLU1MCklCTdsyXbMgCs=' 'sha256-wjUSvXYNfPUUTPZYrn4pOEcf2ecDdjd3N9Av3GDSwZw=' 'sha256-yAAlWuem9ue55JEvxkWhcWWA1Zu0p6cgbYtDWJjsdvs=' blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0