www.bleepingcomputer.com Open in urlscan Pro
104.20.59.209 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
Submission: On June 23 via api (June 23rd 2020, 1:57:33 pm UTC) from US

Summary HTTP 306 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 61 IPs in 9 countries across 55 domains to perform 306 HTTP transactions. The main IP is 104.20.59.209, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.bleepingcomputer.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 16th 2020. Valid for: 2 years.

This is the only time www.bleepingcomputer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	104.20.59.209 104.20.59.209	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
31	104.26.12.6 104.26.12.6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
6 6	2a00:1450:400... 2a00:1450:4001:81a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81b::200e	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE)
6	2.21.36.164 2.21.36.164	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 10	151.101.114.217 151.101.114.217	54113 (FASTLY) (FASTLY)
3	2606:4700:20:... 2606:4700:20::681a:18b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	212.71.236.31 212.71.236.31	63949 (LINODE-AP...) (LINODE-AP Linode)
1	185.3.92.12 185.3.92.12	63949 (LINODE-AP...) (LINODE-AP Linode)
5	35.190.64.11 35.190.64.11	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:821::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
3	35.188.71.214 35.188.71.214	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:832	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.210.250.213 23.210.250.213	16625 (AKAMAI-AS) (AKAMAI-AS)
3	172.217.18.166 172.217.18.166	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:814::200e	15169 (GOOGLE) (GOOGLE)
7	3.132.125.47 3.132.125.47	16509 (AMAZON-02) (AMAZON-02)
10	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::ac43:464d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.190.76.239 35.190.76.239	15169 (GOOGLE) (GOOGLE)
1	54.77.255.184 54.77.255.184	16509 (AMAZON-02) (AMAZON-02)
4	13.226.146.86 13.226.146.86	16509 (AMAZON-02) (AMAZON-02)
37	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1	2600:9000:218... 2600:9000:2182:a200:1:af78:4c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:246	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f01... 2a03:2880:f01c:800e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
2	199.232.53.140 199.232.53.140	54113 (FASTLY) (FASTLY)
1	130.211.23.194 130.211.23.194	15169 (GOOGLE) (GOOGLE)
1 2	52.95.118.60 52.95.118.60	16509 (AMAZON-02) (AMAZON-02)
3	52.50.72.216 52.50.72.216	16509 (AMAZON-02) (AMAZON-02)
6	69.173.144.140 69.173.144.140	26667 (RUBICONPR...) (RUBICONPROJECT)
10	37.252.172.36 37.252.172.36	29990 (ASN-APPNEX) (ASN-APPNEX)
1 5	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
4	52.20.31.155 52.20.31.155	14618 (AMAZON-AES) (AMAZON-AES)
5	2a02:fa8:8806... 2a02:fa8:8806:16::1460	41041 (VCLK-EU-) (VCLK-EU-)
9	35.158.189.107 35.158.189.107	16509 (AMAZON-02) (AMAZON-02)
2	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	23.210.249.164 23.210.249.164	16625 (AKAMAI-AS) (AKAMAI-AS)
4	104.16.190.66 104.16.190.66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a00:1450:400... 2a00:1450:4001:816::2001	15169 (GOOGLE) (GOOGLE)
2	91.228.74.134 91.228.74.134	27281 (QUANTCAST) (QUANTCAST)
2	72.247.224.27 72.247.224.27	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	23.42.18.223 23.42.18.223	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.210.250.13 23.210.250.13	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:215... 2600:9000:215d:c000:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	34.234.137.236 34.234.137.236	14618 (AMAZON-AES) (AMAZON-AES)
3	35.226.36.58 35.226.36.58	15169 (GOOGLE) (GOOGLE)
31	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
3	18.196.104.43 18.196.104.43	16509 (AMAZON-02) (AMAZON-02)
3	178.162.133.150 178.162.133.150	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
3	54.246.177.21 54.246.177.21	16509 (AMAZON-02) (AMAZON-02)
10 10	3.120.7.164 3.120.7.164	16509 (AMAZON-02) (AMAZON-02)
4 4	172.217.18.162 172.217.18.162	15169 (GOOGLE) (GOOGLE)
15	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
5 5	52.212.184.249 52.212.184.249	16509 (AMAZON-02) (AMAZON-02)
3 3	185.29.133.199 185.29.133.199	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	185.31.128.129 185.31.128.129	54312 (ROCKETFUEL) (ROCKETFUEL)
2 2	18.185.145.245 18.185.145.245	16509 (AMAZON-02) (AMAZON-02)
6 6	213.19.147.150 213.19.147.150	26120 (RHYTHMONE) (RHYTHMONE)
2 2	198.148.27.140 198.148.27.140	19189 (PULSEPOINT) (PULSEPOINT)
2 2	37.157.6.245 37.157.6.245	198622 (ADFORM) (ADFORM)
2	23.210.249.83 23.210.249.83	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.111.230.142 104.111.230.142	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.210.249.92 23.210.249.92	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	35.157.99.11 35.157.99.11	16509 (AMAZON-02) (AMAZON-02)
306	61

2 104.20.59.209 (United States)

ASN13335 (CLOUDFLARENET, US)

www.bleepingcomputer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 104.26.12.6 (United States)

ASN13335 (CLOUDFLARENET, US)

www.bleepstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81a::2004 (Frankfurt am Main, Germany) 6 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.21.36.164 (France)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-21-36-164.deploy.static.akamaitechnologies.com

s9.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.114.217 (Frankfurt am Main, Germany) 1 redirects

ASN54113 (FASTLY, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vid.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:18b (United States)

ASN13335 (CLOUDFLARENET, US)

a.pub.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.71.236.31 (London, United Kingdom)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: nb-212-71-236-31.london.nodebalancer.linode.com

ecdn.analysis.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.3.92.12 (London, United Kingdom)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: nb-185-3-92-12.london.nodebalancer.linode.com

ecdn.firstimpression.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.190.64.11 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 11.64.190.35.bc.googleusercontent.com

dapperdiscussion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:821::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.188.71.214 (United States)

ASN15169 (GOOGLE, US)
PTR: 214.71.188.35.bc.googleusercontent.com

d.pub.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:832 (United States)

ASN13335 (CLOUDFLARENET, US)

freestar-io.videoplayerhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.250.213 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-250-213.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s29-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:814::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.132.125.47 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-132-125-47.us-east-2.compute.amazonaws.com

capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:464d (United States)

ASN13335 (CLOUDFLARENET, US)

mrb.upapi.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.76.239 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 239.76.190.35.bc.googleusercontent.com

admiral.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.77.255.184 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-255-184.eu-west-1.compute.amazonaws.com

cdn.firstimpression.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.226.146.86 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-146-86.dus51.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:a200:1:af78:4c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

vendorlist.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:800e:face:b00c:0:2 (Ireland)

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.53.140 (Manchester, United Kingdom)

ASN54113 (FASTLY, US)

www.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.23.194 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com

backend.upapi.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.118.60 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.50.72.216 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-72-216.eu-west-1.compute.amazonaws.com

vid.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 69.173.144.140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 37.252.172.36 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.244.159.8 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

freestar-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.20.31.155 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-31-155.compute-1.amazonaws.com

mantodea.mantisadnetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:fa8:8806:16::1460 (Sweden)

ASN41041 (VCLK-EU-, SE)

web.hb.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 35.158.189.107 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-189-107.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.210.249.164 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-164.deploy.static.akamaitechnologies.com

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.16.190.66 (United States)

ASN13335 (CLOUDFLARENET, US)

dmx.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

vpaid.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ef4053e46eb26f687944052b89a35efa.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.228.74.134 (United Kingdom)

ASN27281 (QUANTCAST, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.247.224.27 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a72-247-224-27.deploy.static.akamaitechnologies.com

hbx.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.42.18.223 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-42-18-223.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.250.13 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-250-13.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:215d:c000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.234.137.236 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-137-236.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.226.36.58 (United States)

ASN15169 (GOOGLE, US)
PTR: 58.36.226.35.bc.googleusercontent.com

c.pub.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.196.104.43 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-104-43.eu-central-1.compute.amazonaws.com

hb.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.162.133.150 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.246.177.21 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-177-21.eu-west-1.compute.amazonaws.com

vid-io-dub.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 3.120.7.164 (Frankfurt am Main, Germany) 10 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-7-164.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.162 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s29-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.212.184.249 (Dublin, Ireland) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-184-249.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.133.199 (United Kingdom) 3 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.31.128.129 (Netherlands) 2 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.185.145.245 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-145-245.eu-central-1.compute.amazonaws.com

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 213.19.147.150 (United Kingdom) 6 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.148.27.140 (New York, United States) 2 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.245 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.210.249.83 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-83.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.230.142 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.210.249.92 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-92.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.99.11 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-99-11.eu-central-1.compute.amazonaws.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com ef4053e46eb26f687944052b89a35efa.safeframe.googlesyndication.com	397 KB
31	ampproject.org cdn.ampproject.org	647 KB
31	bleepstatic.com www.bleepstatic.com	306 KB
25	doubleclick.net 4 redirects googleads.g.doubleclick.net ad.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net	127 KB
18	sonobi.com apex.go.sonobi.com sync.go.sonobi.com	17 KB
17	connatix.com 1 redirects cd.connatix.com cds.connatix.com capi.connatix.com vid.connatix.com img.connatix.com	378 KB
12	adnxs.com ib.adnxs.com acdn.adnxs.com	11 KB
12	gstatic.com fonts.gstatic.com	145 KB
10	bidswitch.net 10 redirects x.bidswitch.net	4 KB
9	sharethrough.com btlr.sharethrough.com	1 KB
9	springserve.com vid.springserve.com vpaid.springserve.com vid-io-dub.springserve.com	344 KB
9	pub.network a.pub.network d.pub.network c.pub.network	244 KB
8	google.com 6 redirects www.google.com cse.google.com adservice.google.com	3 KB
7	rubiconproject.com fastlane.rubiconproject.com eus.rubiconproject.com	10 KB
6	amazon-adsystem.com 1 redirects c.amazon-adsystem.com aax-eu.amazon-adsystem.com	31 KB
6	googleapis.com fonts.googleapis.com	5 KB
5	adsrvr.org 5 redirects match.adsrvr.org	2 KB
5	dotomi.com web.hb.ad.cpe.dotomi.com	2 KB
5	openx.net 1 redirects freestar-d.openx.net eu-u.openx.net	1 KB
5	dapperdiscussion.com dapperdiscussion.com	59 KB
5	addthis.com s9.addthis.com s7.addthis.com Failed m.addthis.com	191 KB
4	1rx.io 4 redirects sync.1rx.io	3 KB
4	districtm.io dmx.districtm.io cdn.districtm.io	623 B
4	pubmatic.com hbopenbid.pubmatic.com ads.pubmatic.com	188 B
4	mantisadnetwork.com mantodea.mantisadnetwork.com	692 B
3	mathtag.com 3 redirects sync.mathtag.com	2 KB
3	emxdgt.com hb.emxdgt.com	948 B
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	3 KB
3	upapi.net mrb.upapi.net backend.upapi.net	230 KB
2	adform.net 2 redirects c1.adform.net	591 B
2	creative-serving.com 2 redirects ads.creative-serving.com	1 KB
2	rfihub.com 2 redirects p.rfihub.com	1 KB
2	unrulymedia.com sync.targeting.unrulymedia.com Failed	1 KB
2	contextweb.com bh.contextweb.com Failed	1 KB
2	media.net hbx.media.net	7 KB
2	quantserve.com secure.quantserve.com pixel.quantserve.com	9 KB
2	3lift.com tlx.3lift.com Failed eb2.3lift.com	321 B
2	casalemedia.com as-sec.casalemedia.com	2 KB
2	reddit.com www.reddit.com	926 B
2	facebook.com graph.facebook.com	988 B
2	consensu.org admiral.mgr.consensu.org vendorlist.consensu.org	18 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	googletagservices.com www.googletagservices.com	44 KB
2	firstimpression.io ecdn.firstimpression.io cdn.firstimpression.io	188 KB
2	bleepingcomputer.com www.bleepingcomputer.com	16 KB
1	postrelease.com jadserve.postrelease.com	747 B
1	quantcount.com rules.quantcount.com	1 KB
1	ntv.io s.ntv.io	94 KB
1	ad-delivery.net ad-delivery.net	631 B
1	addthisedge.com v1.addthisedge.com	855 B
1	moatads.com z.moatads.com	1 KB
1	videoplayerhub.com freestar-io.videoplayerhub.com	26 KB
1	google.de adservice.google.de	1009 B
1	analysis.fi ecdn.analysis.fi	2 KB
1	googletagmanager.com www.googletagmanager.com	33 KB
306	55

	Domain	Requested by
37	tpc.googlesyndication.com	dapperdiscussion.com pagead2.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net www.bleepingcomputer.com cdn.ampproject.org
31	cdn.ampproject.org	securepubads.g.doubleclick.net pagead2.googlesyndication.com
31	www.bleepstatic.com	www.bleepingcomputer.com www.bleepstatic.com
15	sync.go.sonobi.com	blank
12	fonts.gstatic.com	www.bleepingcomputer.com www.bleepstatic.com a.pub.network
10	x.bidswitch.net	10 redirects
10	ib.adnxs.com	a.pub.network vpaid.springserve.com
10	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.bleepingcomputer.com
9	btlr.sharethrough.com	a.pub.network
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com
7	img.connatix.com	www.bleepingcomputer.com
7	capi.connatix.com	cds.connatix.com
6	fastlane.rubiconproject.com	a.pub.network
6	pagead2.googlesyndication.com	www.bleepingcomputer.com pagead2.googlesyndication.com
6	www.google.com	6 redirects
6	fonts.googleapis.com	www.bleepingcomputer.com securepubads.g.doubleclick.net
5	match.adsrvr.org	5 redirects
5	web.hb.ad.cpe.dotomi.com	a.pub.network vpaid.springserve.com
5	dapperdiscussion.com	www.bleepingcomputer.com dapperdiscussion.com
4	sync.1rx.io	4 redirects
4	cm.g.doubleclick.net	4 redirects
4	mantodea.mantisadnetwork.com	a.pub.network
4	c.amazon-adsystem.com	a.pub.network c.amazon-adsystem.com
3	eu-u.openx.net	1 redirects a.pub.network
3	sync.mathtag.com	3 redirects
3	vid-io-dub.springserve.com	vpaid.springserve.com
3	apex.go.sonobi.com	vpaid.springserve.com
3	hb.emxdgt.com	vpaid.springserve.com
3	c.pub.network	a.pub.network
3	sb.scorecardresearch.com	1 redirects a.pub.network
3	vpaid.springserve.com	cds.connatix.com
3	vid.springserve.com	cds.connatix.com
3	ad.doubleclick.net	www.bleepingcomputer.com dapperdiscussion.com
3	s7.addthis.com	s9.addthis.com
3	d.pub.network	a.pub.network
3	a.pub.network	www.bleepingcomputer.com a.pub.network
2	cdn.districtm.io	a.pub.network
2	eb2.3lift.com	1 redirects a.pub.network
2	ads.pubmatic.com	a.pub.network
2	acdn.adnxs.com	a.pub.network
2	c1.adform.net	2 redirects
2	ads.creative-serving.com	2 redirects
2	p.rfihub.com	2 redirects
2	sync.targeting.unrulymedia.com	blank
2	bh.contextweb.com	blank
2	hbx.media.net	a.pub.network hbx.media.net
2	dmx.districtm.io	a.pub.network
2	as-sec.casalemedia.com	a.pub.network
2	hbopenbid.pubmatic.com	a.pub.network
2	freestar-d.openx.net	a.pub.network
2	aax-eu.amazon-adsystem.com	1 redirects c.amazon-adsystem.com
2	www.reddit.com	s9.addthis.com
2	graph.facebook.com	s9.addthis.com
2	mrb.upapi.net	freestar-io.videoplayerhub.com mrb.upapi.net
2	www.google-analytics.com	www.googletagmanager.com www.bleepingcomputer.com
2	www.googletagservices.com	a.pub.network pagead2.googlesyndication.com
2	www.bleepingcomputer.com	dapperdiscussion.com
1	eus.rubiconproject.com	a.pub.network
1	pixel.quantserve.com
1	jadserve.postrelease.com	s.ntv.io
1	rules.quantcount.com	secure.quantserve.com
1	s.ntv.io	a.pub.network
1	secure.quantserve.com	a.pub.network
1	ef4053e46eb26f687944052b89a35efa.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	m.addthis.com	s9.addthis.com
1	vid.connatix.com	cds.connatix.com
1	backend.upapi.net	mrb.upapi.net
1	ad-delivery.net	www.bleepingcomputer.com
1	vendorlist.consensu.org	dapperdiscussion.com
1	cdn.firstimpression.io	ecdn.firstimpression.io
1	admiral.mgr.consensu.org	dapperdiscussion.com
1	v1.addthisedge.com	s9.addthis.com
1	z.moatads.com	s9.addthis.com
1	freestar-io.videoplayerhub.com	a.pub.network
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	ecdn.firstimpression.io	www.bleepingcomputer.com
1	ecdn.analysis.fi	www.bleepingcomputer.com
1	cds.connatix.com	www.bleepingcomputer.com
1	cd.connatix.com	1 redirects
1	s9.addthis.com	www.bleepingcomputer.com
1	cse.google.com	www.bleepingcomputer.com
1	www.googletagmanager.com	www.bleepingcomputer.com
0	tlx.3lift.com Failed	a.pub.network
306	84

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com
deals.bleepingcomputer.com
www.webarxsecurity.com
support.google.com
wordpress.org
stackoverflow.com
www.bitcoinabuse.com
freestar.io

Subject Issuer	Validity	Valid
bleepingcomputer.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-16` - `2022-05-15`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-11-11` - `2020-10-09`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-06-10` - `2020-09-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
odc-prod-01.oracle.com DigiCert Secure Site ECC CA-1	`2020-06-20` - `2020-09-04`	3 months	crt.sh
j3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-05-06` - `2021-04-20`	a year	crt.sh
*.analysis.fi Sectigo RSA Domain Validation Secure Server CA	`2020-05-17` - `2021-06-16`	a year	crt.sh
*.firstimpression.io Sectigo RSA Organization Validation Secure Server CA	`2019-11-06` - `2020-12-04`	a year	crt.sh
dapperdiscussion.com Let's Encrypt Authority X3	`2020-05-08` - `2020-08-06`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.pub.network Go Daddy Secure Certificate Authority - G2	`2020-03-17` - `2021-05-16`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.connatix.com Go Daddy Secure Certificate Authority - G2	`2019-09-05` - `2020-10-19`	a year	crt.sh
admiral.mgr.consensu.org GTS CA 1D2	`2020-06-04` - `2020-09-02`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2019-10-07` - `2020-09-29`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
vendorlist.consensu.org Amazon	`2020-02-07` - `2021-03-07`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-05-14` - `2020-08-05`	3 months	crt.sh
*.reddit.com DigiCert SHA2 Secure Server CA	`2020-04-06` - `2020-10-03`	6 months	crt.sh
*.upapi.net Let's Encrypt Authority X3	`2020-04-25` - `2020-07-24`	3 months	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2020-06-15` - `2021-06-15`	a year	crt.sh
*.springserve.com Amazon	`2020-05-28` - `2021-06-28`	a year	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2018-01-04` - `2020-07-09`	3 years	crt.sh
*.mantisadnetwork.com Amazon	`2020-03-23` - `2021-04-23`	a year	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2020-03-30` - `2022-06-25`	2 years	crt.sh
*.sharethrough.com Amazon	`2019-10-07` - `2020-11-07`	a year	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
districtm.io CloudFlare Inc ECC CA-2	`2020-02-25` - `2020-10-09`	7 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2019-10-04` - `2020-10-07`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2020-02-25` - `2021-05-26`	a year	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-06-02` - `2021-06-02`	a year	crt.sh
*.ntv.io DigiCert SHA2 Secure Server CA	`2019-11-18` - `2021-02-16`	a year	crt.sh
*.postrelease.com Amazon	`2020-02-28` - `2021-03-28`	a year	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2019-07-17` - `2020-07-17`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2019-02-01` - `2021-02-04`	2 years	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2020-01-02` - `2021-04-02`	a year	crt.sh
*.3lift.com Amazon	`2019-07-17` - `2020-08-17`	a year	crt.sh

This page contains 33 frames:

Primary Page: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
Frame ID: 6578BB08F04DF0E65AC13743B3943D75
Requests: 149 HTTP requests in this frame

Frame: https://cds.connatix.com/p/25993/connatix.playspace.dc.js
Frame ID: 193A78DA730F16F29EB33FAF75755F4F
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200618/r20190131/zrt_lookup.html
Frame ID: 704686614BF8C345ED85D23D67598054
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 2DA581BB1AC36A60B7CDDB03B02B0C48
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 43CAE0C9961D478B7F7508C67154E65C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1592143642&rafmt=9&psa=0&guci=1.2.0.0.2.2.0.0&us_privacy=1---&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fextortionists-threaten-to-destroy-sites-in-fake-ransom-attacks%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&adsid=NT&dt=1592920634516&bpp=21&bdt=440&idt=366&shv=r20200618&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2298415455374&frm=20&pv=2&ga_vid=724855821.1592920635&ga_sid=1592920635&ga_hid=1936470155&ga_fc=0&iag=0&icsg=10995127296000&dssz=48&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=215&ady=3830&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066348%2C42530494%2C42530496&oid=3&pvsid=770938372145107&pem=101&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=QLV8tGikhd&p=https%3A//www.bleepingcomputer.com&dtd=384
Frame ID: 6CA690D9A8D73D975804B5E250C4A538
Requests: 1 HTTP requests in this frame

Frame: https://admiral.mgr.consensu.org/portal.html
Frame ID: B950961ADE3B377D485D4085AB3664BB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&adk=1812271804&adf=3025194257&lmt=1592143642&plat=1%3A32776%2C2%3A16809992%2C8%3A32768%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&us_privacy=1---&format=0x0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fextortionists-threaten-to-destroy-sites-in-fake-ransom-attacks%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1592920634537&bpp=2&bdt=461&idt=479&shv=r20200618&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=834x500&nras=1&correlator=2298415455374&frm=20&pv=1&ga_vid=724855821.1592920635&ga_sid=1592920635&ga_hid=1936470155&ga_fc=0&iag=0&icsg=10995127296000&dssz=49&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066348%2C42530494%2C42530496&oid=3&pvsid=770938372145107&pem=101&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=1&uci=a!1&fsb=1&dtd=486
Frame ID: 8A7E7285F3D649A6472C90A93A88A03F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html
Frame ID: 9FE1A796E9BE8AFE9B3FC40DE308C4CB
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=r1u_cnv_3lift&dcc=t
Frame ID: 32DE334B10BF3B0AA2AA5C25EB140C04
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_c23da234.js
Frame ID: CEF2AC3E23A1C71C75413EF922E6DD2D
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: A48902157BF15BFC5FD981CF8A170BEA
Requests: 1 HTTP requests in this frame

Frame: https://hbx.media.net/checksync.php?&vsSync=1&cs=1&hb=1&cv=37&ndec=1&cid=8CUFH1GPH&prvid=56%2C70%2C77%2C80%2C82%2C97%2C99%2C109%2C111%2C112%2C113%2C139%2C154%2C157%2C159%2C175%2C178%2C186%2C201%2C226%2C10000&https=1
Frame ID: 8A9A5BC3F342A374FEA6A5A0A3B03D44
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js
Frame ID: A572FBDC45BB5F9BF542B5F3ACD9602B
Requests: 17 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js
Frame ID: 3113973A4C1860576F17D019FF618203
Requests: 16 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js
Frame ID: 9C624CF4FC91789133ABABF567F62E29
Requests: 14 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js
Frame ID: F6087AEA92348EB35081B30CD2A617E4
Requests: 20 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js
Frame ID: 1F36E0630E81C101EA613C2A472A1CA9
Requests: 14 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js
Frame ID: 612F604C0CED0B406ECC4FC9B4776E16
Requests: 16 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_c23da234.js
Frame ID: F79071BED84A40BECA10FABBBE50AC79
Requests: 14 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_c23da234.js
Frame ID: A95DC9D17A2C6909A9AC4C8B04B51C5D
Requests: 10 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0&us_privacy=1---
Frame ID: 380B35789879EBFA4A76814B3FB17660
Requests: 1 HTTP requests in this frame

Frame: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=-120&buster=1592920636247&secure=true&version=9&mobile=false&uuid=cdf1ecdc-b7e9-495f-8d47-efdbabc16501&title=Extortionists%20threaten%20to%20destroy%20sites%20in%20fake%20ransom%20attacks&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fextortionists-threaten-to-destroy-sites-in-fake-ransom-attacks%2F
Frame ID: C5F31CF9DC63C874CBEB7881929313CE
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: A6C5661F6A0610D81E4A5212A5E1B5FE
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Frame ID: 63332C6816CC110A5CDE570AEF35231D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: B16978FAC1A30FB57F51ABE2518B22D1
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Frame ID: F820FD1278E334BC1CB13418E910EE4F
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html?ccpa=1---
Frame ID: 525A1199225EDF33CAD5BF5EE2320201
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: FDAE009DBD454AA049AECB5194164E95
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0&us_privacy=1---
Frame ID: BB4FA4BA44AC845ED0893FEF8FAAEE06
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html?ccpa=1---
Frame ID: 67F7B8ECF108003891731C60CC20800F
Requests: 1 HTTP requests in this frame

Frame: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=-120&buster=1592920636527&secure=true&version=9&mobile=false&uuid=cdf1ecdc-b7e9-495f-8d47-efdbabc16501&title=Extortionists%20threaten%20to%20destroy%20sites%20in%20fake%20ransom%20attacks&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fextortionists-threaten-to-destroy-sites-in-fake-ransom-attacks%2F
Frame ID: 9201FEC7928E021DE05DDB11EDC09B23
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 7AF411D470AF9FC0A94C33F6A7089BD1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

306
Requests

99 %
HTTPS

29 %
IPv6

55
Domains

84
Subdomains

61
IPs

9
Countries

3615 kB
Transfer

10891 kB
Size

0
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/BleepingComputer

Search URL Search Domain Scan URL

URL: https://twitter.com/BleepinComputer

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/BleepingComputer

Search URL Search Domain Scan URL

URL: https://deals.bleepingcomputer.com/
Title: Deals

Search URL Search Domain Scan URL

URL: https://deals.bleepingcomputer.com/deals/elearning?utm_source=bleepingcomputer.com&utm_medium=dd_cat
Title: eLearning

Search URL Search Domain Scan URL

URL: https://deals.bleepingcomputer.com/deals/certifications?utm_source=bleepingcomputer.com&utm_medium=dd_cat
Title: IT Certification Courses

Search URL Search Domain Scan URL

URL: https://deals.bleepingcomputer.com/deals/gear-gadgets?utm_source=bleepingcomputer.com&utm_medium=dd_cat
Title: Gear + Gadgets

Search URL Search Domain Scan URL

URL: https://deals.bleepingcomputer.com/collections/tag-cyber-security?utm_source=bleepingcomputer.com&utm_medium=dd_cat
Title: Security

Search URL Search Domain Scan URL

URL: https://www.webarxsecurity.com/bitcoin-ransom-scam-targeting-website-owners/
Title: reported

Search URL Search Domain Scan URL

URL: https://support.google.com/blogger/thread/39936760?hl=en
Title: Blogger's help site

Search URL Search Domain Scan URL

URL: https://wordpress.org/support/topic/hacked-by-ransomware/
Title: WordPress support forum

Search URL Search Domain Scan URL

URL: https://stackoverflow.com/questions/62240267/i-have-recieved-a-mail-from-my-website-mail-that-my-wordpress-site-was-hacked
Title: StackOverflow

Search URL Search Domain Scan URL

URL: https://www.bitcoinabuse.com/reports/1JToMSCtc4nW3fNDUL4xV9QYqmyKJEYMdj
Title: 1

Search URL Search Domain Scan URL

URL: https://www.bitcoinabuse.com/reports/1DQ2F5YsTGSEgvAeJSgjydb5i4jvPKDBW1
Title: 2

Search URL Search Domain Scan URL

URL: https://www.bitcoinabuse.com/reports/1Bs6CYDuHy1UGLr5ccz2UxRNcPGpeAa7tz
Title: 1

Search URL Search Domain Scan URL

URL: https://www.bitcoinabuse.com/reports/1Q1DF9rJS6fNDSpiV2iEA46BS1mNEaELtC
Title: 2

Search URL Search Domain Scan URL

URL: https://www.bitcoinabuse.com/reports/12KLZzgrNX2DvbWQM7yQ1V9vPwy9JPvUKM
Title: 3

Search URL Search Domain Scan URL

URL: https://www.bitcoinabuse.com/
Title: Bitcoin Abuse Database

Search URL Search Domain Scan URL

URL: https://twitter.com/serghei

Search URL Search Domain Scan URL

URL: https://freestar.io/?utm_medium=stickyFooter

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en HTTP 302
https://cse.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request Chain 20

https://cd.connatix.com/connatix.playspace.js HTTP 302
https://cds.connatix.com/p/25993/connatix.playspace.dc.js

Request Chain 94

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=r1u_cnv_3lift HTTP 302
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=r1u_cnv_3lift&dcc=t

Request Chain 152

https://sb.scorecardresearch.com/b?c1=2&c2=23384447&cs_ucfr=1&ns__t=1592920636485&ns_c=UTF-8&cv=3.5&c8=Extortionists%20threaten%20to%20destroy%20sites%20in%20fake%20ransom%20attacks&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fextortionists-threaten-to-destroy-sites-in-fake-ransom-attacks%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=1&ns__t=1592920636485&ns_c=UTF-8&cv=3.5&c8=Extortionists%20threaten%20to%20destroy%20sites%20in%20fake%20ransom%20attacks&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fextortionists-threaten-to-destroy-sites-in-fake-ransom-attacks%2F&c9=&cs_ak_ss=1

Request Chain 234

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 235

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 236

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 237

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 256

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 266

https://x.bidswitch.net/sync?ssp=sonobi HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=sonobi HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=15a31bbd-0c0f-4b70-ab1f-f4fe839f91c2&google_hm=MTVhMzFiYmQtMGMwZi00YjcwLWFiMWYtZjRmZTgzOWY5MWMy HTTP 302
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEE2_Gwy3VYro6BfAgKI15QY&google_cver=1&ssp=sonobi&bsw_param=15a31bbd-0c0f-4b70-ab1f-f4fe839f91c2 HTTP 302
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=15a31bbd-0c0f-4b70-ab1f-f4fe839f91c2

Request Chain 267

https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=db8d61494a&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=db8d61494a&gdpr=0&gdpr_consent= HTTP 302
https://sync.go.sonobi.com/us.gif?nw=td&nuid=e0b927e3-48bc-4d4e-b2ce-eff3d25b6123&pubid=db8d61494a

Request Chain 268

https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=f41c25fb-8800-4a29-a013-2482b6991358&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=ZEtIVXhDTV9BSGVDcVBrTzNZZlhTQQ&gdpr=&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm=&google_sc=&google_hm=ZEtIVXhDTV9BSGVDcVBrTzNZZlhTQQ&gdpr=&gdpr_consent=&google_tc= HTTP 302
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEKdt--NNeXL_G7RzdlAfjWI&google_cver=1

Request Chain 269

https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID] HTTP 302
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=b9535ef2-0a3d-4a00-8f65-b7a1881c9c62

Request Chain 270

https://sync.1rx.io/usersync2/sonobi&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5939897124 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5939897124 HTTP 302
https://sync.1rx.io/usersync/tradedesk/e0b927e3-48bc-4d4e-b2ce-eff3d25b6123 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-2eb3d09b-841a-4e9a-8d6a-87d916c35678-003?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Drhythmxchange%26nuid%3DRX-2eb3d09b-841a-4e9a-8d6a-87d916c35678-003

Request Chain 271

https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1041527798479577882

Request Chain 272

https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=ZjQxYzI1ZmItODgwMC00YTI5LWEwMTMtMjQ4MmI2OTkxMzU4 HTTP 302
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEMyehBo7CAZUsgx6vv3lCw8&google_cver=1

Request Chain 283

https://x.bidswitch.net/sync?ssp=sonobi HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=sonobi HTTP 302
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=sonobi&bsw_custom_parameter=e875ef92-2129-47e8-bf9b-e521e6741a34 HTTP 302
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=sonobi&bsw_custom_parameter=e875ef92-2129-47e8-bf9b-e521e6741a34 HTTP 302
https://x.bidswitch.net/sync?dsp_id=4&user_id=9e6af0a3-76ba-447b-883e-e283009bfafb&ssp=sonobi&expires=30&user_group=5&bsw_param=e875ef92-2129-47e8-bf9b-e521e6741a34 HTTP 302
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=e875ef92-2129-47e8-bf9b-e521e6741a34

Request Chain 284

https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=db8d61494a&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=db8d61494a&gdpr=0&gdpr_consent= HTTP 302
https://sync.go.sonobi.com/us.gif?nw=td&nuid=05b4e9a6-1931-4111-bf25-e7b15074bef8&pubid=db8d61494a

Request Chain 285

https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID] HTTP 302
https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID]&mm_bnc&mm_bct&UUID=be155ef2-0a3e-4400-a563-8d2a93a353fd HTTP 302
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=be155ef2-0a3e-4400-a563-8d2a93a353fd

Request Chain 286

https://sync.1rx.io/usersync2/sonobi&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4442914089 HTTP 302
https://sync.1rx.io/usersync/tradedesk/05b4e9a6-1931-4111-bf25-e7b15074bef8 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-4567d9b4-88aa-484e-8a02-6e8f39c19cc4-003?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Drhythmxchange%26nuid%3DRX-4567d9b4-88aa-484e-8a02-6e8f39c19cc4-003 HTTP 302
https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-4567d9b4-88aa-484e-8a02-6e8f39c19cc4-003

Request Chain 287

https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1582241218440847997

Request Chain 289

https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=0167fe57-2e6e-4898-a698-a9643e496519&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=fa7jTyLqZION

Request Chain 290

https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=MDE2N2ZlNTctMmU2ZS00ODk4LWE2OTgtYTk2NDNlNDk2NTE5 HTTP 302
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEKqh_3CHNtllr8WqGY-D-SE&google_cver=1

Request Chain 298

https://x.bidswitch.net/sync?ssp=sonobi HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=e875ef92-2129-47e8-bf9b-e521e6741a34&google_hm=ZTg3NWVmOTItMjEyOS00N2U4LWJmOWItZTUyMWU2NzQxYTM0 HTTP 302
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEKfJAfexIc_mRTIMwh-U0Uw&google_cver=1&ssp=sonobi&bsw_param=e875ef92-2129-47e8-bf9b-e521e6741a34 HTTP 302
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=e875ef92-2129-47e8-bf9b-e521e6741a34

Request Chain 299

https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=0167fe57-2e6e-4898-a698-a9643e496519&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=fa7jTyLqZION

Request Chain 300

https://sync.1rx.io/usersync2/sonobi&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?ssp=adconductor&rndcb=7724772278 HTTP 302
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=adconductor HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=adconductor HTTP 302
https://x.bidswitch.net/sync?dsp_id=70&user_id=2302711733231580052&ssp=adconductor HTTP 302
https://sync.1rx.io/usersync/bidswitch/e875ef92-2129-47e8-bf9b-e521e6741a34?gdpr=&gdpr_consent= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-4567d9b4-88aa-484e-8a02-6e8f39c19cc4-003?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Drhythmxchange%26nuid%3DRX-4567d9b4-88aa-484e-8a02-6e8f39c19cc4-003 HTTP 302
https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-4567d9b4-88aa-484e-8a02-6e8f39c19cc4-003

Request Chain 305

https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0&us_privacy=1--- HTTP 302
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0&us_privacy=1---

Request Chain 310

https://eb2.3lift.com/sync?us_privacy=1---& HTTP 302
https://eb2.3lift.com/sync?us_privacy=1---&&ld=1

306 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/ 70 KB
16 KB 1193ms
1152ms Document
text/html 104.20.59.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.59.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2becc925e5d0b5cf843422ae023206fc40ea8651e884962d59f539ec6f00d4c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.bleepingcomputer.com
:scheme: https
:path: /news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 23 Jun 2020 13:57:14 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d3a3c611836eb0168c28fd2e35063749c1592920632; expires=Thu, 23-Jul-20 13:57:12 GMT; path=/; domain=.bleepingcomputer.com; HttpOnly; SameSite=Lax; Secure session_id=3e200ccc83665593e8cbb6524a870fdb; path=/; domain=.bleepingcomputer.com; httponly;Secure lav=8551; expires=Thu, 23-Jul-2020 13:57:13 GMT; Max-Age=2592000; path=/;Secure
content-security-policy: upgrade-insecure-requests;
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
last-modified: Sun, 14 Jun 2020 14:07:22 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: DYNAMIC
cf-request-id: 03831106610000cc52819c0200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5a7eb783cc1fcc52-ZRH
content-encoding: br

GET
H2 200 css
fonts.googleapis.com/ 15 KB
1 KB 17ms
16ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dda7ea92135dcf21660d4d79391d303fc38f6a6524ae74bbe2986f1d2e990d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Jun 2020 13:57:14 GMT
server: ESF
date: Tue, 23 Jun 2020 13:57:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Jun 2020 13:57:14 GMT

GET
H2 200 bootstrap.css
www.bleepstatic.com/css/redesign/ 111 KB
17 KB 131ms
60ms Stylesheet
text/css 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/css/redesign/bootstrap.css
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e7c74d95df84ef3a6be5c4fcde54fae313a04a9bd611059e6a97a23ff09f26f

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:57:14 GMT
content-encoding: br
cf-cache-status: HIT
age: 2458762
cf-polished: origSize=137522
status: 200
cf-request-id: 0383110b320000d91d56075200000001
last-modified: Fri, 23 Sep 2016 14:33:06 GMT
server: cloudflare
etag: W/"2184297232"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
expires: Tue, 30 Jun 2020 02:57:52 GMT
cache-control: max-age=3024000
cf-ray: 5a7eb78b8874d91d-AMS
cf-bgj: minify

GET
H2 200 main.css
www.bleepstatic.com/css/redesign/ 52 KB
10 KB 128ms
58ms Stylesheet
text/css 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/css/redesign/main.css?v=5.19.20.1
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ceba3cc609ad8cc0e38c894672d63a3471cb5bba40bacd1d6e5fd9dbf7f0472

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:57:14 GMT
content-encoding: br
cf-cache-status: HIT
age: 2743830
cf-polished: origSize=62303
status: 200
cf-request-id: 0383110b330000d91d56076200000001
last-modified: Tue, 19 May 2020 21:26:04 GMT
server: cloudflare
etag: W/"2769485951"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
expires: Fri, 26 Jun 2020 19:46:44 GMT
cache-control: max-age=3024000
cf-ray: 5a7eb78b8879d91d-AMS
cf-bgj: minify

GET
H2 200 home.css
www.bleepstatic.com/css/redesign/ 12 KB
3 KB 107ms
36ms Stylesheet
text/css 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/css/redesign/home.css
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3498f138f5418bd58413e79e4c0969e618d6f2fee2d9d98c0f4e70a6cbd04ad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:57:14 GMT
content-encoding: br
cf-cache-status: HIT
age: 1714
cf-polished: origSize=14998
status: 200
cf-request-id: 0383110b330000d91d56077200000001
last-modified: Sat, 24 Mar 2018 16:18:00 GMT
server: cloudflare
etag: W/"2402535603"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
expires: Wed, 27 Mar 2019 21:45:08 GMT
cache-control: max-age=3024000
cf-ray: 5a7eb78b887ad91d-AMS
cf-bgj: minify

GET
H2 200 news.css
www.bleepstatic.com/css/redesign/ 27 KB
5 KB 123ms
52ms Stylesheet
text/css 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/css/redesign/news.css
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d88c6a9ea4370abd8360a86f75308b72819b8e91f78e8d7a1455b3b4a74f8c1

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:57:14 GMT
content-encoding: br
cf-cache-status: HIT
age: 2220305
cf-polished: origSize=32994
status: 200
cf-request-id: 0383110b330000d91d56078200000001
last-modified: Thu, 28 May 2020 21:11:10 GMT
server: cloudflare
etag: W/"3498984215"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
expires: Thu, 02 Jul 2020 21:12:09 GMT
cache-control: max-age=3024000
cf-ray: 5a7eb78b887bd91d-AMS
cf-bgj: minify

GET
H2 200 jquery-1.11.1.min.js Show response
www.bleepstatic.com/js/redesign/ 94 KB
32 KB 110ms
39ms Script
text/javascript 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/redesign/jquery-1.11.1.min.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:57:14 GMT
content-encoding: br
cf-cache-status: HIT
age: 5046
status: 200
cf-request-id: 0383110b330000d91d56079200000001
last-modified: Thu, 23 Apr 2015 12:36:44 GMT
server: cloudflare
etag: W/"3647451394"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 5a7eb78b887cd91d-AMS
expires: Tue, 10 Dec 2019 08:09:38 GMT

GET
H2 200 news.js Show response
www.bleepstatic.com/js/redesign/ 183 B
263 B 49ms
45ms Script
text/javascript 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/redesign/news.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 827252be04765631f8ff21fee8ffe1028e27dfa52f62c08ef3182609a0a0e991

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:57:14 GMT
content-encoding: br
cf-cache-status: HIT
age: 1155
cf-polished: origSize=247
status: 200
cf-request-id: 0383110b930000d91d5608c200000001
last-modified: Wed, 16 Dec 2015 15:41:46 GMT
server: cloudflare
etag: W/"4218930423"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
expires: Thu, 23 Apr 2020 05:25:20 GMT
cache-control: max-age=3024000
cf-ray: 5a7eb78c199dd91d-AMS
cf-bgj: minify

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 83 KB
33 KB 91ms
19ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-91740-1

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f0be3894e2f1a4695c36dc31cef86a244bfad1d0df55b6fb54fb37d2648a4f8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:57:14 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33252
x-xss-protection: 0
last-modified: Tue, 23 Jun 2020 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 23 Jun 2020 13:57:14 GMT

GET
H2 200 logo.png
www.bleepstatic.com/images/site/ 1 KB
2 KB 50ms
46ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/logo.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19db4a2cde712e2ceaac317e732b4ec40b62818a938a8bf8391ad68470845019

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:57:14 GMT
cf-cache-status: HIT
age: 485901
cf-polished: origFmt=png, origSize=1882
status: 200
content-disposition: inline; filename="logo.webp"
content-length: 1152
cf-request-id: 0383110b930000d91d5608d200000001
last-modified: Sat, 04 Mar 2017 04:12:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 17 Jul 2020 22:58:53 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 5a7eb78c199fd91d-AMS
cf-bgj: imgq:85,h2pri

GET
H2

200

brand Show response
cse.google.com/coop/cse/
Redirect Chain

https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en
https://cse.google.com/coop/cse/brand?form=cse-search-box&lang=en

3 KB
2 KB

28ms
6ms

Script
text/javascript

2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/coop/cse/brand?form=cse-search-box&lang=en

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

pfe /

Resource Hash

4eeb4df3522892ea2ec61de6a58e870e8262019f8e3c759c099450cefb589313

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:49:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: pfe
age: 444
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=1800
content-disposition: attachment; filename="f.txt"
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1181
x-xss-protection: 0
expires: Tue, 23 Jun 2020 14:19:50 GMT

Redirect headers

date: Tue, 23 Jun 2020 13:57:14 GMT
x-content-type-options: nosniff
server: sffe
status: 302
content-type: text/html; charset=UTF-8
location: https://cse.google.com/coop/cse/brand?form=cse-search-box&lang=en
cache-control: private
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 266
x-xss-protection: 0

GET
H2 200 Ransom-Scam.jpg
www.bleepstatic.com/content/hl-images/2020/06/12/ 53 KB
53 KB 52ms
48ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/content/hl-images/2020/06/12/Ransom-Scam.jpg
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 321b8305677fbee301d8fdeb8dd5d8e8266790b6a7212de40d998a00e3a5fbf2

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:57:14 GMT
cf-cache-status: HIT
age: 647
cf-polished: qual=85, origFmt=jpeg, origSize=104528
status: 200
content-disposition: inline; filename="Ransom-Scam.webp"
content-length: 53866
cf-request-id: 0383110b930000d91d5608e200000001
last-modified: Fri, 12 Jun 2020 23:30:39 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 23 Jul 2020 13:46:26 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 5a7eb78c19a0d91d-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 110 KB
41 KB 100ms
27ms Script
text/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4de7b847498d7c287a8c05c50b73d3e25af4bba47dc6d8dad08b3bf0b4bb40d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:57:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 40496
x-xss-protection: 0
server: cafe
etag: 8251521606901281732
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 23 Jun 2020 13:57:14 GMT

GET
H2 200 qualys-logo.png
www.bleepstatic.com/images/logos/companies/qualys/ 10 KB
10 KB 50ms
46ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/logos/companies/qualys/qualys-logo.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e9322d90411989f7e09ef5ad4a3465d6cb97c77741d1030b254cd50d7c7ffe5

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:57:14 GMT
cf-cache-status: HIT
age: 382291
cf-polished: origFmt=png, origSize=28795
status: 200
content-disposition: inline; filename="qualys-logo.webp"
content-length: 10050
cf-request-id: 0383110b940000d91d5608f200000001
last-modified: Tue, 19 May 2020 21:36:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sun, 19 Jul 2020 03:45:42 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 5a7eb78c29a1d91d-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 twitter.png
www.bleepstatic.com/images/site/login/ 282 B
514 B 49ms
45ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/login/twitter.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67d86a29de7993fbd23b7dde2c4f26bdc434055c35a4b08c830c0d02fcfa6dd2

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:57:14 GMT
cf-cache-status: HIT
age: 485234
cf-polished: origFmt=png, origSize=475
status: 200
content-disposition: inline; filename="twitter.webp"
content-length: 282
cf-request-id: 0383110b940000d91d56090200000001
last-modified: Sat, 04 Mar 2017 20:46:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 17 Jul 2020 23:10:00 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 5a7eb78c29a2d91d-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 bootstrap.js Show response
www.bleepstatic.com/js/redesign/ 44 KB
10 KB 51ms
47ms Script
text/javascript 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/redesign/bootstrap.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5e0f326458e8b8ed839d42a0cf6892df80bf26d7dc7e4f8276a65c41582ab85

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:57:14 GMT
content-encoding: br
cf-cache-status: HIT
age: 5046
cf-polished: origSize=65813
status: 200
cf-request-id: 0383110b940000d91d56091200000001
last-modified: Thu, 23 Apr 2015 12:36:43 GMT
server: cloudflare
etag: W/"3930092018"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
expires: Tue, 10 Dec 2019 08:11:55 GMT
cache-control: max-age=3024000
cf-ray: 5a7eb78c29a3d91d-AMS
cf-bgj: minify

GET
H2 200 blazy.min.js Show response
www.bleepstatic.com/js/blazy/ 5 KB
2 KB 81ms
80ms Script
text/javascript 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/blazy/blazy.min.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f427d0f88a0698c955ff63bf13af4ca80c9b32f218b5e210847450da901a74f

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:57:14 GMT
content-encoding: br
cf-cache-status: HIT
age: 5046
status: 200
cf-request-id: 0383110b700000d91d56084200000001
last-modified: Thu, 16 Aug 2018 21:06:19 GMT
server: cloudflare
etag: W/"753357888"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 5a7eb78be94fd91d-AMS
expires: Wed, 29 Apr 2020 07:26:28 GMT

GET
H2 200 bleep.js Show response
www.bleepstatic.com/js/redesign/ 3 KB
836 B 49ms
46ms Script
text/javascript 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/redesign/bleep.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22e977346d45bab9f531ce1132d7ecfbe8e46868eaea790a0d4dcd1d0649d74b

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:57:14 GMT
content-encoding: br
cf-cache-status: HIT
age: 5046
cf-polished: origSize=3600
status: 200
cf-request-id: 0383110b940000d91d56092200000001
last-modified: Mon, 01 Oct 2018 12:47:57 GMT
server: cloudflare
etag: W/"2696894447"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
expires: Wed, 22 Apr 2020 23:15:56 GMT
cache-control: max-age=3024000
cf-ray: 5a7eb78c29a4d91d-AMS
cf-bgj: minify

GET
H2 200 jquery.fancybox.js Show response
www.bleepstatic.com/js/redesign/fancybox/ 31 KB
9 KB 50ms
47ms Script
text/javascript 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/redesign/fancybox/jquery.fancybox.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31cd7d9398307ca2e6cfaa111bbe7b69d69cbaaed2ff74034412ebc5008671fd

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:57:14 GMT
content-encoding: br
cf-cache-status: HIT
age: 1155
cf-polished: origSize=48706
status: 200
cf-request-id: 0383110b940000d91d56093200000001
last-modified: Wed, 14 Oct 2015 20:25:51 GMT
server: cloudflare
etag: W/"327140449"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
expires: Wed, 29 Apr 2020 08:11:43 GMT
cache-control: max-age=3024000
cf-ray: 5a7eb78c29a6d91d-AMS
cf-bgj: minify

GET
H2 200 fixto.min.js Show response
www.bleepstatic.com/js/fixto/ 8 KB
3 KB 35ms
35ms Script
text/javascript 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/fixto/fixto.min.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d6d26827b887aa09b2a5eb7c001e35b93773e53c36ddbfc127ad824e0a6ba39

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:57:14 GMT
content-encoding: br
cf-cache-status: HIT
age: 1308
status: 200
cf-request-id: 0383110b750000d91d56085200000001
last-modified: Sat, 13 Jun 2015 21:34:42 GMT
server: cloudflare
etag: W/"1740214911"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 5a7eb78be958d91d-AMS
expires: Wed, 11 Dec 2019 05:46:52 GMT

GET
H2 200 addthis_widget.js Show response
s9.addthis.com/js/300/ 353 KB
114 KB 157ms
61ms Script
application/javascript 2.21.36.164
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://s9.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.36.164 , France, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-21-36-164.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

eb12a261a24e54883613710a4c12f4d9205f634ca1a29d1df07f90105a93e746

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Thu, 04 Jun 2020 15:49:19 GMT
server: nginx/1.15.8
etag: "5ed917ff-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
status: 200
cache-control: public, max-age=600
date: Tue, 23 Jun 2020 13:57:14 GMT
x-host: s9.addthis.com
content-length: 116324

GET
H2

200

connatix.playspace.dc.js Show response
cds.connatix.com/p/25993/ Frame 193A
Redirect Chain

https://cd.connatix.com/connatix.playspace.js
https://cds.connatix.com/p/25993/connatix.playspace.dc.js

981 KB
223 KB

28ms
21ms

Script
application/javascript

151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/25993/connatix.playspace.dc.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c0135f6cfd95036a1a3352e5e592de2e6ce738830a42f2f0ab2bdf5a8c6e9635

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:57:14 GMT
content-encoding: gzip
age: 4954
x-cache: HIT, HIT
status: 200
content-length: 228382
x-served-by: cache-dca17761-DCA, cache-hhn4063-HHN
access-control-allow-origin: *
last-modified: Tue, 23 Jun 2020 12:33:20 GMT
x-timer: S1592920634.456308,VS0,VE0
etag: "7db2e111513bdd8fd7a298ce44054740"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=31557600
accept-ranges: bytes
x-cache-hits: 1, 39

Redirect headers

date: Tue, 23 Jun 2020 13:57:14 GMT
via: 1.1 varnish
server: Varnish
age: 0
x-served-by: cache-hhn4063-HHN
status: 302
x-cache: HIT
location: https://cds.connatix.com/p/25993/connatix.playspace.dc.js
cache-control: no-cache, no-store, must-revalidate, max-age=0
accept-ranges: bytes
x-timer: S1592920634.345617,VS0,VE0
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 pubfig.min.js Show response
a.pub.network/bleepingcomputer-com/ 309 KB
77 KB 116ms
50ms Script
application/javascript 2606:4700:20::681a:18b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:18b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a872aef195648d803861d99b96544d0b7b28c0ffa5a5b8375705fb2554a14fdc

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:57:14 GMT
content-encoding: br
cf-cache-status: HIT
x-guploader-uploadid: AAANsUnuwZun_0Irkdf87T0HIHXhiCjaRh3MKq0mCxCqUmxwGkYWCFWk25cwG1tnSJ6cnylRHh2iki6at7veeXrcSQ
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: application/javascript
cf-request-id: 0383110bc70000c29aa40db200000001
last-modified: Thu, 18 Jun 2020 23:25:41 GMT
server: cloudflare
etag: W/"2d2e7ae5c9efccea7e7ab7fd9949116e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=B9r51A==, md5=LS565cnvzOp+erf9mUkRbg==
x-goog-generation: 1592522741375606
cache-control: public, max-age=1800
x-goog-stored-content-length: 316314
cf-ray: 5a7eb78c7e53c29a-FRA
expires: Thu, 18 Jun 2020 23:30:24 GMT

GET
H/1.1 200
OK fab.js Show response
ecdn.analysis.fi/static/js/ 4 KB
2 KB 195ms
36ms Script
application/javascript 212.71.236.31
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://ecdn.analysis.fi/static/js/fab.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.71.236.31 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-212-71-236-31.london.nodebalancer.linode.com
Software: nginx/1.12.2 /
Resource Hash: affd87461f2babd57a2f7aec75e9193e8e71a377e8249a02c95a5f43326e289e

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Jun 2020 14:08:40 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Jul 2015 00:00:00 GMT
Server: nginx/1.12.2
ETag: "55a5a280-560"
Content-Type: application/javascript
Cache-Control: max-age=3600
Connection: close
Content-Length: 1376
Expires: Tue, 23 Jun 2020 15:08:40 GMT

GET
H/1.1 200
OK fi_client.js Show response
ecdn.firstimpression.io/ 612 KB
183 KB 327ms
40ms Script
text/javascript 185.3.92.12
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL

https://ecdn.firstimpression.io/fi_client.js

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.3.92.12 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

nb-185-3-92-12.london.nodebalancer.linode.com

Software

nginx/1.12.2 / PHP/7.3.11

Resource Hash

de571ac792474f3378578eb5843c33f3bb9fdc6ad72948d563799712bba37505

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Jun 2020 13:56:00 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 01 Jan 2015 00:00:00 GMT
Server: nginx/1.12.2
X-Powered-By: PHP/7.3.11
ETag: f34fda7b9b43674ed89695e0ba28f38a
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: text/javascript;charset=UTF-8
Cache-Control: max-age=3600
Access-Control-Allow-Credentials: true
Connection: close
X-XSS-Protection: 0
Expires: Tue, 23 Jun 2020 14:56:00 GMT

GET
H2 200 v2mojjRqxm0uSiopiD-aABaVl-1eYGn-9jdzP46hyVV260JPOwzzIpayjWhZBI5i- Show response
dapperdiscussion.com/ 217 KB
52 KB 377ms
231ms Script
text/javascript 35.190.64.11
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dapperdiscussion.com/v2mojjRqxm0uSiopiD-aABaVl-1eYGn-9jdzP46hyVV260JPOwzzIpayjWhZBI5i-

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.64.11 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

11.64.190.35.bc.googleusercontent.com

Software

Resource Hash

4d985f98771f21adbc91c33c8caf625c2bc956156761cb7234ea4ea38d63d3f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "29fb0375f08d59f41106e0b43dfc1f507a8f2b223ca94142f872f1ac3aacc29d"
vary: Accept-Encoding, Accept-Language
x-hostname: jane
content-type: text/javascript; charset=utf-8
status: 200
cache-control: private, must-revalidate, max-age=21600
date: Tue, 23 Jun 2020 13:57:14 GMT
timing-allow-origin: *

GET
H2 200 v2vkrpzjNyY_WxSqEzbeRN2M4LHJh_MULKWmhTVq243XzNKhLyQ9cKaL1JJlAW9qKVz_EbheXcUz91lDtbg Show response
dapperdiscussion.com/ 14 KB
6 KB 363ms
217ms Script
text/javascript 35.190.64.11
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dapperdiscussion.com/v2vkrpzjNyY_WxSqEzbeRN2M4LHJh_MULKWmhTVq243XzNKhLyQ9cKaL1JJlAW9qKVz_EbheXcUz91lDtbg

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.64.11 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

11.64.190.35.bc.googleusercontent.com

Software

Resource Hash

b7bcd20a9591f7be4aa4102011d388e2197eac3f10827eebb82562501a78fed9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: gzip
x-datacenter: gce-europe-west1
etag: "d8f42fec8ea34857068ef7a7f2590735ae2306e90cf9774c5fac05d6a2965f65"
vary: Accept-Encoding, Accept-Language
x-hostname: jane
content-type: text/javascript; charset=utf-8
status: 200
cache-control: private, must-revalidate, max-age=21600
date: Tue, 23 Jun 2020 13:57:14 GMT
timing-allow-origin: *

GET
H2 200 login_bg.png
www.bleepstatic.com/images/site/ 126 B
407 B 48ms
46ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/login_bg.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32e73e8e0eec3e6c1345d84e7ef091b90e71fb0045814043b34c914156235eb9

Request headers

Referer: https://www.bleepstatic.com/css/redesign/main.css?v=5.19.20.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:57:14 GMT
cf-cache-status: HIT
age: 343031
cf-polished: origFmt=png, origSize=187
status: 200
content-disposition: inline; filename="login_bg.webp"
content-length: 126
cf-request-id: 0383110b940000d91d56094200000001
last-modified: Sat, 04 Mar 2017 20:46:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sun, 19 Jul 2020 14:40:03 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 5a7eb78c29a8d91d-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 44ms
42ms Font
font/woff2 2a00:1450:4001:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap
Origin: https://www.bleepingcomputer.com

Response headers

date: Fri, 12 Jun 2020 20:41:36 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 926138
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Sat, 12 Jun 2021 20:41:36 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 49ms
49ms Font
font/woff2 2a00:1450:4001:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap
Origin: https://www.bleepingcomputer.com

Response headers

date: Wed, 10 Jun 2020 14:25:07 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 1121527
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Thu, 10 Jun 2021 14:25:07 GMT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 nav_bg.png
www.bleepstatic.com/images/site/ 72 B
302 B 59ms
50ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/nav_bg.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab52a578c101a14bbc790f87f9a7400dda65469f23c6ce85c461e07cdf776460

Request headers

Referer: https://www.bleepstatic.com/css/redesign/main.css?v=5.19.20.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:57:14 GMT
cf-cache-status: HIT
age: 471989
cf-polished: origFmt=png, origSize=83
status: 200
content-disposition: inline; filename="nav_bg.webp"
content-length: 72
cf-request-id: 0383110bc80000d91d5609e200000001
last-modified: Sat, 04 Mar 2017 07:57:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 18 Jul 2020 02:50:44 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 5a7eb78c7a3dd91d-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 20x20-printer.png
www.bleepstatic.com/images/site/ 422 B
735 B 40ms
39ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/20x20-printer.png
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/fixto/fixto.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b34676178982122b66b0a55d3ee411fa343b1d19a6c119c0c9b0ea2c892738a1

Request headers

Referer: https://www.bleepstatic.com/css/redesign/main.css?v=5.19.20.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:57:14 GMT
cf-cache-status: HIT
age: 494703
cf-polished: origFmt=png, origSize=824
status: 200
content-disposition: inline; filename="20x20-printer.webp"
content-length: 422
cf-request-id: 0383110bcf0000d91d560a0200000001
last-modified: Sat, 03 Oct 2015 03:18:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 17 Jul 2020 20:32:11 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 5a7eb78c7a50d91d-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 calendar.png
www.bleepstatic.com/images/site/ 86 B
252 B 56ms
55ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/calendar.png
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/fixto/fixto.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85ae9534729617e69eafa40195c7854697eb3d13b4205f3ee467e07c4af0a24b

Request headers

Referer: https://www.bleepstatic.com/css/redesign/news.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:57:14 GMT
cf-cache-status: HIT
age: 480129
cf-polished: origFmt=png, origSize=129
status: 200
content-disposition: inline; filename="calendar.webp"
content-length: 86
cf-request-id: 0383110bd00000d91d560a1200000001
last-modified: Sat, 04 Mar 2017 20:46:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 18 Jul 2020 00:35:04 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 5a7eb78c8a52d91d-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 clock.png
www.bleepstatic.com/images/site/ 252 B
552 B 61ms
61ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/clock.png
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/fixto/fixto.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82c7fdbc4d001907e1e5d56cd335af3f0d48e0ffa7f0ad2aa3486ebb1123cb21

Request headers

Referer: https://www.bleepstatic.com/css/redesign/news.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:57:14 GMT
cf-cache-status: HIT
age: 270300
cf-polished: origFmt=png, origSize=1316
status: 200
content-disposition: inline; filename="clock.webp"
content-length: 252
cf-request-id: 0383110bd00000d91d560a2200000001
last-modified: Fri, 29 May 2015 07:08:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Mon, 20 Jul 2020 10:52:14 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 5a7eb78c8a55d91d-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 comment-light.png
www.bleepstatic.com/images/site/ 96 B
403 B 41ms
41ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/comment-light.png
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/fixto/fixto.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfc8e65089dc5421d56ecc71a0328eafd4feb2a602503ae5c15bfa3189c02f7e

Request headers

Referer: https://www.bleepstatic.com/css/redesign/news.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:57:14 GMT
cf-cache-status: HIT
age: 682502
cf-polished: origFmt=png, origSize=1034
status: 200
content-disposition: inline; filename="comment-light.webp"
content-length: 96
cf-request-id: 0383110bd10000d91d560a3200000001
last-modified: Fri, 29 May 2015 07:08:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 15 Jul 2020 16:22:12 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 5a7eb78c8a5ad91d-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 32x32-printer.png
www.bleepstatic.com/images/site/ 256 B
450 B 40ms
40ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/32x32-printer.png
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/fixto/fixto.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33eb81af8a0101c1ad2a210f322fb362ce1598e6e37f0a7ecc62d6ff39add590

Request headers

Referer: https://www.bleepstatic.com/css/redesign/main.css?v=5.19.20.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:57:14 GMT
cf-cache-status: HIT
age: 487262
cf-polished: origFmt=png, origSize=618
status: 200
content-disposition: inline; filename="32x32-printer.webp"
content-length: 256
cf-request-id: 0383110bd10000d91d560a4200000001
last-modified: Fri, 02 Oct 2015 21:57:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 17 Jul 2020 22:36:12 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 5a7eb78c8a5cd91d-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 71f54ec34151fbdfe89e478d7b6e5ddf.jpg
www.bleepstatic.com/author/photos/ 5 KB
5 KB 40ms
39ms Image
image/jpeg 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/author/photos/71f54ec34151fbdfe89e478d7b6e5ddf.jpg
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/fixto/fixto.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a6bfabe65ca353e4359be32e10d40b8b514590b536dd93499bc1067e4bf6329

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:57:14 GMT
cf-cache-status: HIT
age: 4819
cf-polished: origSize=6170, status=webp_bigger
status: 200
content-length: 4965
cf-request-id: 0383110bd10000d91d560a5200000001
last-modified: Wed, 02 Jan 2019 02:04:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 18 Apr 2020 08:24:56 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 5a7eb78c8a5ed91d-AMS
cf-bgj: imgq:85

GET
H2 200 h4-bg.png
www.bleepstatic.com/images/site/ 38 B
339 B 40ms
40ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/h4-bg.png
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/fixto/fixto.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 942935ead42820e6c9184f099c77dde34fa4be70d395a17c47b5d7ad07967339

Request headers

Referer: https://www.bleepstatic.com/css/redesign/main.css?v=5.19.20.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:57:14 GMT
cf-cache-status: HIT
age: 494702
cf-polished: origFmt=png, origSize=72
status: 200
content-disposition: inline; filename="h4-bg.webp"
content-length: 38
cf-request-id: 0383110bd20000d91d560a6200000001
last-modified: Sat, 04 Mar 2017 20:46:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 17 Jul 2020 20:32:12 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 5a7eb78c8a5fd91d-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 news_email_icon.png
www.bleepstatic.com/images/site/ 126 B
434 B 42ms
41ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/news_email_icon.png
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/fixto/fixto.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c42933014424dabb2256a0732a9f792559d26ba09a84308c278f52834522f9a

Request headers

Referer: https://www.bleepstatic.com/css/redesign/home.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:57:14 GMT
cf-cache-status: HIT
age: 411432
cf-polished: origFmt=png, origSize=1105
status: 200
content-disposition: inline; filename="news_email_icon.webp"
content-length: 126
cf-request-id: 0383110bd20000d91d560a7200000001
last-modified: Fri, 29 May 2015 07:10:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 18 Jul 2020 19:40:02 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 5a7eb78c8a63d91d-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 news_footer_icon.png
www.bleepstatic.com/images/site/ 110 B
402 B 40ms
40ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/news_footer_icon.png
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/fixto/fixto.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d020fa6036628dd1d6dbf760edc742273359e93119832249bdce332d05d6db4d

Request headers

Referer: https://www.bleepstatic.com/css/redesign/main.css?v=5.19.20.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:57:14 GMT
cf-cache-status: HIT
age: 319291
cf-polished: origFmt=png, origSize=186
status: 200
content-disposition: inline; filename="news_footer_icon.webp"
content-length: 110
cf-request-id: 0383110bd30000d91d560a8200000001
last-modified: Sat, 04 Mar 2017 20:46:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sun, 19 Jul 2020 21:15:42 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 5a7eb78c8a64d91d-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/fixto/fixto.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap
Origin: https://www.bleepingcomputer.com

Response headers

date: Fri, 12 Jun 2020 00:19:42 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 999452
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11180
x-xss-protection: 0
expires: Sat, 12 Jun 2021 00:19:42 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/fixto/fixto.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap
Origin: https://www.bleepingcomputer.com

Response headers

date: Thu, 11 Jun 2020 20:50:20 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 1012014
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Fri, 11 Jun 2021 20:50:20 GMT

GET
H2 200 292x176_Windows_10-Sparkly.png
www.bleepstatic.com/content/hl-images/2019/05/23/thumb/ 56 KB
56 KB 33ms
32ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/content/hl-images/2019/05/23/thumb/292x176_Windows_10-Sparkly.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b735e5df415c4fafb83b42065a8786df54187f241be0c8225ec7ce5067ad0ea

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:57:14 GMT
cf-cache-status: HIT
age: 109335
cf-polished: origFmt=png, origSize=99295
status: 200
content-disposition: inline; filename="292x176_Windows_10-Sparkly.webp"
content-length: 57166
cf-request-id: 0383110c830000d91d560c5200000001
last-modified: Thu, 23 May 2019 08:30:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 22 Jul 2020 07:34:58 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 5a7eb78d9cf7d91d-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 292x176_privacy-eye-2.jpg
www.bleepstatic.com/content/hl-images/2019/10/28/thumb/ 13 KB
14 KB 38ms
38ms Image
image/jpeg 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/content/hl-images/2019/10/28/thumb/292x176_privacy-eye-2.jpg
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67535cf381b2f571935e81fcb79fed2f758b47e956d1feb944369e798bf7be1c

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:57:14 GMT
cf-cache-status: HIT
age: 122200
cf-polished: origSize=14726, status=webp_bigger
status: 200
content-length: 13754
cf-request-id: 0383110c830000d91d560c6200000001
last-modified: Mon, 28 Oct 2019 16:50:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 22 Jul 2020 04:00:34 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 5a7eb78d9cfad91d-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 jquery.fancybox.css
www.bleepstatic.com/js/redesign/fancybox/ 4 KB
1 KB 38ms
37ms Stylesheet
text/css 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/redesign/fancybox/jquery.fancybox.css
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e86593083facba2710a2312f26bd7b436d7ef299f99cbc2ccc1b32693ec3144

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:57:14 GMT
content-encoding: br
cf-cache-status: HIT
age: 2243
cf-polished: origSize=4895
status: 200
cf-request-id: 0383110c850000d91d560c9200000001
last-modified: Wed, 14 Oct 2015 20:25:51 GMT
server: cloudflare
etag: W/"9108074"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
expires: Fri, 01 Nov 2019 06:12:37 GMT
cache-control: max-age=3024000
cf-ray: 5a7eb78dad02d91d-AMS
cf-bgj: minify

GET
H2 200 font-awesome.css
www.bleepstatic.com/css/redesign/ 22 KB
5 KB 39ms
33ms Stylesheet
text/css 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/css/redesign/font-awesome.css
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8733e2183f16906b2fa2e58fdab82cf336f249ab71ac1b184470da2dd3c6e29f

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:57:14 GMT
content-encoding: br
cf-cache-status: HIT
age: 6507
cf-polished: origSize=26776
status: 200
cf-request-id: 0383110c8a0000d91d560cb200000001
last-modified: Tue, 03 May 2016 04:39:29 GMT
server: cloudflare
etag: W/"1700274315"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
expires: Fri, 12 Jun 2020 04:55:42 GMT
cache-control: max-age=3024000
cf-ray: 5a7eb78dad0fd91d-AMS
cf-bgj: minify

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
1009 B 44ms
15ms Script
application/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.bleepingcomputer.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Jun 2020 13:57:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
1009 B 49ms
24ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.bleepingcomputer.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Jun 2020 13:57:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200618/r20190131/ 217 KB
82 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200618/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

34c781e5d927d5fabf19060992bbd8c112f93d06f56fa0ee0c81aaef622aa30f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:57:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 83741
x-xss-protection: 0
server: cafe
etag: 1206115939822849103
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Jun 2020 13:57:14 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200618/r20190131/ Frame 7046 0
0 8ms
5ms Document
text/html 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200618/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200618/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 18 Jun 2020 20:57:59 GMT
expires: Thu, 02 Jul 2020 20:57:59 GMT
content-type: text/html; charset=UTF-8
etag: 14051151748927987307
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4501
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 406755
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK cookie Show response
d.pub.network/ 36 B
472 B 504ms
124ms XHR
text/plain 35.188.71.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.pub.network/cookie
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.188.71.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.71.188.35.bc.googleusercontent.com
Software: /
Resource Hash: 919dd3b441996ed0307b49aa015fd3a645f4426beb4953ffda40df688244916b

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Tue, 23 Jun 2020 13:57:15 GMT
Access-Control-Allow-Credentials: true
Content-Length: 36
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain;charset=utf-8

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 46 KB
16 KB 36ms
14ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

546fa15bf6ac914544a577be9b929d728a11b023edd89bb4d8ffba6bf25533fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:57:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "551 / 593 of 1000 / last-modified: 1592919053"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 15769
x-xss-protection: 0
expires: Tue, 23 Jun 2020 13:57:14 GMT

GET
H2 200 gallery.js Show response
freestar-io.videoplayerhub.com/ 110 KB
26 KB 39ms
17ms Script
application/javascript 2606:4700:20::681a:832
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freestar-io.videoplayerhub.com/gallery.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:832 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4774a2e958e25421167fdf9534a8b518b2beac5aff94942deff7b8da6ce9752

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:57:14 GMT
via: 1.1 6f5ba49c3df973a476d63dbb743d9b23.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 879
x-cache: RefreshHit from cloudfront
status: 200
content-encoding: br
content-type: application/javascript
cf-request-id: 0383110cf00000dfe3439fc200000001
last-modified: Fri, 19 Jun 2020 19:43:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: zNY2FnIygxh0ItF02kQBagFVBv1Np7zu
cache-control: max-age=86400
x-amz-cf-pop: MUC50-C1
cf-ray: 5a7eb78e4d3edfe3-FRA
x-amz-cf-id: MkAi4FVk4OS8hkpSWAT7LrjonZpHI3D5zU7Wv6MwHy4BPEVfM0eZfA==

GET
H2 200 prebid-analytics-3.11.0.js Show response
a.pub.network/core/ 364 KB
110 KB 26ms
25ms Script
text/html 2606:4700:20::681a:18b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:18b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23aca4890fe8b2728dcab78ee9f3b9614cd6cdb0dab2b785d2f8d2d666247cac

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:57:14 GMT
content-encoding: br
cf-cache-status: HIT
x-guploader-uploadid: AAANsUkDwm7seiqvhPYCVJ6u-n3axxolF7qWIvl4JtOIW4ssyGMQnOKjGMtD1RvfAQobX7PCWWbAsWsxAWJRROWTtQ
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
cf-request-id: 0383110d090000c29aa40f2200000001
cf-ray: 5a7eb78e7a93c29a-FRA
last-modified: Thu, 12 Mar 2020 16:03:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=jXxawA==, md5=N4XMnjSG82gI3oX56Od5vA==
content-language: en
x-goog-generation: 1584028993632199
cache-control: private, max-age=86400
x-goog-stored-content-length: 372446
content-type: text/html
expires: Wed, 23 Jun 2021 03:42:16 GMT

GET
H/1.1 200
OK location Show response
d.pub.network/ 49 B
496 B 500ms
123ms XHR
application/json 35.188.71.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.pub.network/location
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.188.71.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.71.188.35.bc.googleusercontent.com
Software: /
Resource Hash: effbe1a4a394c3eefa565d528b56fff738b44ed421e12b914e84ace819669a0b

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Tue, 23 Jun 2020 13:57:15 GMT
Access-Control-Allow-Credentials: true
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding: chunked
Content-Type: application/json

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 2DA5 0
0

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 84ms
28ms Script
application/x-javascript 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:57:14 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: FBAF69B7861DE212
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=18902
accept-ranges: bytes
content-length: 948
x-amz-id-2: mINJDBnKUfP83RzDJ6hQaYSGPvMPOM770jd+gXVSD8LFScfPdVPaVzI4W2IwmrtEKhDna93Nv9A=

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-561517d2c7f964d6/ 2 KB
855 B 226ms
225ms Script
application/javascript 2.21.36.164
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-561517d2c7f964d6/_ate.track.config_resp
Requested by: Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.36.164 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-36-164.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6d23d10111755a12c87198df1c71cce449de31eca9643030c6327a2157f9bd86

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:57:14 GMT
content-encoding: gzip
etag: -1659864586--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
status: 200
cache-control: public, max-age=17, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 678

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 43CA 0
0 24ms
23ms Document
text/html 2.21.36.164
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.36.164 , France, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-21-36-164.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:method: GET
:authority: s7.addthis.com
:scheme: https
:path: /static/sh.f48a1a04fe8dbf021b4cda1d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/

Response headers

status: 200
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 09 Sep 2019 15:34:57 GMT
etag: W/"5d767121-1115f"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 25412
date: Tue, 23 Jun 2020 13:57:14 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
470 B 69ms
20ms Image
image/x-icon 172.217.18.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 04:15:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34885
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 24 Jun 2020 04:15:49 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-91740-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 3655
date: Tue, 23 Jun 2020 12:56:19 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Tue, 23 Jun 2020 14:56:19 GMT

GET
H2 200 fontawesome-webfont.woff
www.bleepstatic.com/fonts/ 64 KB
64 KB 90ms
34ms Font
application/octet-stream 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/fonts/fontawesome-webfont.woff?v=4.2.0
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.bleepstatic.com/css/redesign/font-awesome.css
Origin: https://www.bleepingcomputer.com

Response headers

date: Tue, 23 Jun 2020 13:57:14 GMT
cf-cache-status: HIT
last-modified: Thu, 23 Apr 2015 09:36:00 GMT
server: cloudflare
age: 3914
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
status: 200
accept-ranges: bytes
cf-ray: 5a7eb78fc9ea0bf1-AMS
access-control-allow-origin: *
content-length: 65452
cf-request-id: 0383110dd900000bf16f9f0200000001

POST
H/1.1 200
OK story Show response
capi.connatix.com/core/ Frame 193A 2 KB
2 KB 530ms
145ms XHR
multipart/form-data 3.132.125.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/story
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/25993/connatix.playspace.dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.132.125.47 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-132-125-47.us-east-2.compute.amazonaws.com
Software: openresty/1.15.8.2 /
Resource Hash: 6456a5d69b8520473cde2ac6e246ac9ff72fd1e7f2f7413ee79164cd3ca5998a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Tue, 23 Jun 2020 13:57:15 GMT
Access-Control-Allow-Credentials: true
Server: openresty/1.15.8.2
Connection: keep-alive
transfer-encoding: chunked
Content-Type: multipart/form-data

GET
H2 200 pubads_impl_2020061801.js Show response
securepubads.g.doubleclick.net/gpt/ 249 KB
89 KB 101ms
54ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061801.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

sffe /

Resource Hash

99d1979045ca288b36f4a4fa6db2a8b9cfa55aaed6e8d7e2c2973c1fa19997ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:57:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 18 Jun 2020 13:58:19 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90287
x-xss-protection: 0
expires: Tue, 23 Jun 2020 13:57:14 GMT

GET
H2 200 org Show response
mrb.upapi.net/ 19 KB
9 KB 29ms
14ms Script
application/javascript 2606:4700:20::ac43:464d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mrb.upapi.net/org?o=5714937848528896&upapi=true
Requested by: Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:464d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 444f7a36da2965ec54bdbd35ccec4eab71b7b3e2e27fac09540a15750faecf01

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:57:14 GMT
via: 1.1 google
cf-cache-status: HIT
age: 2193
status: 200
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0383110df8000005b3b63b3200000001
server: cloudflare
etag: W/"369947d9d525f1daef19d419bd1ded2e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800, must-revalidate
cf-ray: 5a7eb78ffafb05b3-FRA

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 6CA6 0
0 612ms
612ms Document
text/html 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1592143642&rafmt=9&psa=0&guci=1.2.0.0.2.2.0.0&us_privacy=1---&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fextortionists-threaten-to-destroy-sites-in-fake-ransom-attacks%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&adsid=NT&dt=1592920634516&bpp=21&bdt=440&idt=366&shv=r20200618&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2298415455374&frm=20&pv=2&ga_vid=724855821.1592920635&ga_sid=1592920635&ga_hid=1936470155&ga_fc=0&iag=0&icsg=10995127296000&dssz=48&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=215&ady=3830&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066348%2C42530494%2C42530496&oid=3&pvsid=770938372145107&pem=101&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=QLV8tGikhd&p=https%3A//www.bleepingcomputer.com&dtd=384

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200618/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1592143642&rafmt=9&psa=0&guci=1.2.0.0.2.2.0.0&us_privacy=1---&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fextortionists-threaten-to-destroy-sites-in-fake-ransom-attacks%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&adsid=NT&dt=1592920634516&bpp=21&bdt=440&idt=366&shv=r20200618&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2298415455374&frm=20&pv=2&ga_vid=724855821.1592920635&ga_sid=1592920635&ga_hid=1936470155&ga_fc=0&iag=0&icsg=10995127296000&dssz=48&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=215&ady=3830&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066348%2C42530494%2C42530496&oid=3&pvsid=770938372145107&pem=101&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=QLV8tGikhd&p=https%3A//www.bleepingcomputer.com&dtd=384
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 23 Jun 2020 13:57:15 GMT
server: cafe
content-length: 28319
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 23-Jun-2020 14:12:14 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Tue, 23 Jun 2020 13:57:15 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200618/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

367f33e9ced368d6a39b863431212bf952a37233ad2558978da44cad20d68012

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:57:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1592825540321031"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27927
x-xss-protection: 0
expires: Tue, 23 Jun 2020 13:57:14 GMT

GET
H2 200 portal.html
admiral.mgr.consensu.org/ Frame B950 0
0 63ms
27ms Document
text/html 35.190.76.239
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://admiral.mgr.consensu.org/portal.html

Requested by

Host: dapperdiscussion.com
URL: https://dapperdiscussion.com/v2mojjRqxm0uSiopiD-aABaVl-1eYGn-9jdzP46hyVV260JPOwzzIpayjWhZBI5i-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.76.239 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

239.76.190.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: admiral.mgr.consensu.org
:scheme: https
:path: /portal.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/

Response headers

status: 200
server: nginx
date: Tue, 23 Jun 2020 13:57:15 GMT
content-type: text/html
last-modified: Thu, 16 Apr 2020 16:37:09 GMT
vary: Accept-Encoding
x-hostname: rino
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 8A7E 0
0 66ms
66ms Document
text/html 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&adk=1812271804&adf=3025194257&lmt=1592143642&plat=1%3A32776%2C2%3A16809992%2C8%3A32768%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&us_privacy=1---&format=0x0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fextortionists-threaten-to-destroy-sites-in-fake-ransom-attacks%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1592920634537&bpp=2&bdt=461&idt=479&shv=r20200618&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=834x500&nras=1&correlator=2298415455374&frm=20&pv=1&ga_vid=724855821.1592920635&ga_sid=1592920635&ga_hid=1936470155&ga_fc=0&iag=0&icsg=10995127296000&dssz=49&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066348%2C42530494%2C42530496&oid=3&pvsid=770938372145107&pem=101&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=1&uci=a!1&fsb=1&dtd=486

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200618/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-0920899300397823&output=html&adk=1812271804&adf=3025194257&lmt=1592143642&plat=1%3A32776%2C2%3A16809992%2C8%3A32768%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&us_privacy=1---&format=0x0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fextortionists-threaten-to-destroy-sites-in-fake-ransom-attacks%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1592920634537&bpp=2&bdt=461&idt=479&shv=r20200618&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=834x500&nras=1&correlator=2298415455374&frm=20&pv=1&ga_vid=724855821.1592920635&ga_sid=1592920635&ga_hid=1936470155&ga_fc=0&iag=0&icsg=10995127296000&dssz=49&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066348%2C42530494%2C42530496&oid=3&pvsid=770938372145107&pem=101&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=1&uci=a!1&fsb=1&dtd=486
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 23 Jun 2020 13:57:15 GMT
server: cafe
content-length: 34
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 23-Jun-2020 14:12:15 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Tue, 23 Jun 2020 13:57:15 GMT
cache-control: private

GET
H2 200 spc_fi.php Show response
cdn.firstimpression.io/delivery/ 29 KB
4 KB 254ms
145ms Script
application/javascript 54.77.255.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.firstimpression.io/delivery/spc_fi.php?id=5971&url=%2Fnews%2Fsecurity%2Fextortionists-threaten-to-destroy-sites-in-fake-ransom-attacks%2F&charset=UTF-8&wrapto=firstSpcFetch&ch=15&ref=www.bleepingcomputer.com&referer=&_firid=60820183&fiodpe=
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.255.184 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-255-184.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 / PHP/7.3.11
Resource Hash: fafac6d297b31774f3b7e688d4ded2d9eb95225bdb22109a6c1ffc5d8f216636

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jun 2020 13:57:15 GMT
content-encoding: gzip
server: nginx/1.16.1
x-powered-by: PHP/7.3.11
status: 200
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-type: application/javascript; charset=UTF-8
expires: 0

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
196 B 14ms
13ms Image
image/gif 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1936470155&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fextortionists-threaten-to-destroy-sites-in-fake-ransom-attacks%2F&ul=en-us&de=UTF-8&dt=Extortionists%20threaten%20to%20destroy%20sites%20in%20fake%20ransom%20attacks&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAUAB~&jid=1101004609&gjid=1057677476&cid=724855821.1592920635&tid=UA-91740-1&_gid=740150603.1592920635&_r=1&gtm=2ou6a0&z=1756388621

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jun 2020 13:57:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Bhftu Show response
ad.doubleclick.net/ddm/adj/Bprp/ 11 B
432 B 29ms
28ms Script
text/javascript 172.217.18.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/Bprp/Bhftu

Requested by

Host: dapperdiscussion.com
URL: https://dapperdiscussion.com/v2mojjRqxm0uSiopiD-aABaVl-1eYGn-9jdzP46hyVV260JPOwzzIpayjWhZBI5i-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f6.1e100.net

Software

cafe /

Resource Hash

f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jun 2020 13:57:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 code Show response
mrb.upapi.net/ 694 KB
221 KB 15ms
15ms Script
application/javascript 2606:4700:20::ac43:464d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mrb.upapi.net/code?w=5733492711227392&upapi=true
Requested by: Host: mrb.upapi.net
URL: https://mrb.upapi.net/org?o=5714937848528896&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:464d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87d0ffd2d65e940b1dc02cd1d2a7c8c3624ee6aae5949a29d6d272bb80594743

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:57:15 GMT
via: 1.1 google
cf-cache-status: HIT
age: 2181
status: 200
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0383110eb7000005b3b63bf200000001
server: cloudflare
etag: W/"4cdfab695ae39f89b6eac8325a6b7bc6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800, must-revalidate
cf-ray: 5a7eb7912e2505b3-FRA

GET
H2 200 layers.33f5b85045a5f2308467.js Show response
s7.addthis.com/static/ 263 KB
76 KB 64ms
63ms Script
application/javascript 2.21.36.164
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.33f5b85045a5f2308467.js

Requested by

Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.36.164 , France, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-21-36-164.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

137e41c449677deb7c8da3afde63fc781b095bb028f78b789be44192e8e3f4be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Thu, 04 Jun 2020 15:49:19 GMT
server: nginx/1.15.8
etag: W/"5ed917ff-41b9f"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86313600
date: Tue, 23 Jun 2020 13:57:15 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77540

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 102 KB
26 KB 101ms
42ms Script
application/javascript 13.226.146.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.146.86 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-146-86.dus51.r.cloudfront.net
Software: Server /
Resource Hash: 7301462cb27dcb0cf467822211f6cdd478be091ed9d776b29f426ce78c4a414f

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:46:51 GMT
content-encoding: gzip
server: Server
age: 625
etag: b586b236f6b3db3c4ca9410451195336
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=900
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: YmFjxJLM5vECUPz6Xh9RMW_z49O_nzx8N51i8o30xNTEUHeLQXCDFw==
via: 1.1 e8640ab30463560abfb6a2665bafb393.cloudfront.net (CloudFront)

GET
H/1.1 200
OK v2 Show response
d.pub.network/floors/ 1 KB
2 KB 125ms
125ms XHR
application/json 35.188.71.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.pub.network/floors/v2?key=535desktop
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.188.71.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.71.188.35.bc.googleusercontent.com
Software: /
Resource Hash: 15169e49855625ddd428c9b56f6762cc89529e1b024e64d7c263feba6a991bc2

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Tue, 23 Jun 2020 13:57:15 GMT
Access-Control-Allow-Credentials: true
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding: chunked
Content-Type: application/json

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-23/html/ Frame 9FE1 0
0 26ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html

Requested by

Host: dapperdiscussion.com
URL: https://dapperdiscussion.com/v2mojjRqxm0uSiopiD-aABaVl-1eYGn-9jdzP46hyVV260JPOwzzIpayjWhZBI5i-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-23/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 1479
date: Fri, 12 Jun 2020 13:10:56 GMT
expires: Sat, 12 Jun 2021 13:10:56 GMT
last-modified: Tue, 10 Apr 2018 14:51:09 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 953179
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pubvendors.json Show response
www.bleepingcomputer.com/.well-known/ 0
151 B 398ms
398ms Fetch
application/json 104.20.59.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bleepingcomputer.com/.well-known/pubvendors.json

Requested by

Host: dapperdiscussion.com
URL: https://dapperdiscussion.com/v2mojjRqxm0uSiopiD-aABaVl-1eYGn-9jdzP46hyVV260JPOwzzIpayjWhZBI5i-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.59.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:57:15 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 15 May 2020 16:27:29 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "0-5a5b24a1cd4b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent
content-type: application/json
status: 200
content-security-policy: upgrade-insecure-requests;
accept-ranges: none
cf-ray: 5a7eb791dda9cc52-ZRH
content-length: 0
cf-request-id: 0383110f2b0000cc5281a3e200000001

GET
H2 200 vendorlist.json Show response
vendorlist.consensu.org/ 98 KB
18 KB 41ms
13ms Fetch
application/json 2600:9000:2182:a200:1:af78:4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vendorlist.consensu.org/vendorlist.json
Requested by: Host: dapperdiscussion.com
URL: https://dapperdiscussion.com/v2mojjRqxm0uSiopiD-aABaVl-1eYGn-9jdzP46hyVV260JPOwzzIpayjWhZBI5i-
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:a200:1:af78:4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a4e4a93e4a9fb48a74c82bcafe12ba946e478ac750ca0219b13f3a0f66fa2035

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 16:12:07 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 423908
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Thu, 18 Jun 2020 16:00:56 GMT
server: AmazonS3
access-control-max-age: 604800
access-control-allow-methods: GET
x-amz-version-id: WYeWORlayIJY8L9g1qQOV59LfXCJ9avc
via: 1.1 92eff4f17f8a434975f912a39f575296.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: DUS51-C1
content-type: application/json; charset=utf-8
x-amz-cf-id: A6H17vHgq5tLs-wAqF0D9LrTcbQw--2UVJgu7qv3WWtqf1a7TxC8HQ==

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
167 B 21ms
20ms Image
image/x-icon 172.217.18.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 04:15:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34886
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 24 Jun 2020 04:15:49 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
631 B 33ms
11ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.29258757421234605
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:57:15 GMT
via: 1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 885
x-cache: Hit from cloudfront
status: 200
content-type: image/gif
content-length: 43
cf-request-id: 0383110f4b0000062978276200000001
last-modified: Thu, 27 Jul 2017 18:59:05 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=86400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
cf-ray: 5a7eb792189b0629-FRA
x-amz-cf-id: 83F5Uk2xfpYVdOHlTnZZL8Zam4oKODXSWmECvIjJHlsxNSnAteHcTg==

GET
H2 200 48.008759e9efe1c1b693dd.js Show response
s7.addthis.com/static/ 281 B
486 B 27ms
26ms Script
application/javascript 2.21.36.164
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/48.008759e9efe1c1b693dd.js

Requested by

Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.36.164 , France, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-21-36-164.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

f8a52990bbe6892abb730d241570fbfbd2ff2fc707fdd3004c7dba6e843bbae3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Wed, 18 Sep 2019 14:16:17 GMT
server: nginx/1.15.8
etag: W/"5d823c31-119"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86313600
date: Tue, 23 Jun 2020 13:57:15 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 246

GET
H2 200 / Show response
graph.facebook.com/ 312 B
417 B 65ms
50ms Script
text/javascript 2a03:2880:f01c:800e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?id=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fextortionists-threaten-to-destroy-sites-in-fake-ransom-attacks%2F&fields=og_object%7Bengagement%7D&callback=_ate.cbs.rcb_18vi0

Requested by

Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:800e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8491d89ba3e218f935be65d6b3f2cedb89a92e10829a21ba5e19646fe3267d29

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
etag: "6a6b75c00e75e4ae52274eeeff988c2bfaaacef2"
status: 200
x-fb-rev: 1002281488
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 215
pragma: no-cache
x-fb-debug: pIOOx9mj5b74/iRtkBys+p+Amqz1ZvV4APLw/gi8l9kdylOzw2VuH1Wp+PzbkToJyYDFh699BbmuRgGCcwutuw==
x-fb-trace-id: ARzYCA+LDtg
date: Tue, 23 Jun 2020 13:57:15 GMT, Tue, 23 Jun 2020 13:57:15 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: AexttTXi2rqGw0knZCGV2yg
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v3.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 info.json Show response
www.reddit.com/api/ 126 B
667 B 356ms
272ms Script
application/javascript 199.232.53.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reddit.com/api/info.json?url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fextortionists-threaten-to-destroy-sites-in-fake-ransom-attacks%2F&jsonp=_ate.cbs.rcb_2gaz0

Requested by

Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.53.140 Manchester, United Kingdom, ASN54113 (FASTLY, US),

Reverse DNS

Software

snooserv /

Resource Hash

3c0aaf1ce898063554617c6bb067d408aab0ecc7b34bce29f82fd8c14bc75e3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:57:15 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
status: 200
content-length: 126
x-xss-protection: 1; mode=block
x-served-by: cache-man4122-MAN
x-moose: majestic
expires: -1
server: snooserv
x-timer: S1592920635.329063,VS0,VE231
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: X-Moose
cache-control: private, s-maxage=0, max-age=0, must-revalidate, no-store, max-age=0, must-revalidate
x-ua-compatible: IE=edge
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 / Show response
graph.facebook.com/ 150 B
571 B 56ms
42ms Script
text/javascript 2a03:2880:f01c:800e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?id=http%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fextortionists-threaten-to-destroy-sites-in-fake-ransom-attacks%2F&fields=og_object%7Bengagement%7D&callback=_ate.cbs.rcb_blir0

Requested by

Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:800e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2ea801daae81cc1c23f014e594c5693a17d0a4fe444f4b51a3da9a004ddb001b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
etag: "33e6fc6b0012a9b0c69846fd87cfa39592235b23"
status: 200
x-fb-rev: 1002281488
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 150
pragma: no-cache
x-fb-debug: Hq7+Nojrq/O4RzoCO80UQLd+S4zvnZdPvjDJkDeA4mMX0Y/qHrpPeRMkPaOmsn9sk1kdo9eKOcx6sWlUtW5Mfw==
x-fb-trace-id: EefJSbf1cBv
date: Tue, 23 Jun 2020 13:57:15 GMT, Tue, 23 Jun 2020 13:57:15 GMT
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: AOqiA4NwDiRE_6v5cm1QK8h
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v3.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 info.json Show response
www.reddit.com/api/ 126 B
259 B 362ms
279ms Script
application/javascript 199.232.53.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reddit.com/api/info.json?url=http%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fextortionists-threaten-to-destroy-sites-in-fake-ransom-attacks%2F&jsonp=_ate.cbs.rcb_abq80

Requested by

Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.53.140 Manchester, United Kingdom, ASN54113 (FASTLY, US),

Reverse DNS

Software

snooserv /

Resource Hash

9542d2b619287550fa7b710e753041143fe5c0fffe1411171e91de6db40e0f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:57:15 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
status: 200
content-length: 126
x-xss-protection: 1; mode=block
x-served-by: cache-man4122-MAN
x-moose: majestic
expires: -1
server: snooserv
x-timer: S1592920635.329071,VS0,VE239
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: X-Moose
cache-control: private, s-maxage=0, max-age=0, must-revalidate, no-store, max-age=0, must-revalidate
x-ua-compatible: IE=edge
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 pv Show response
backend.upapi.net/ 0
114 B 214ms
183ms XHR
text/plain 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://backend.upapi.net/pv?pid=kY7Muo8f1O&br=chrome&sid=CSjE6lybS&w=5733492711227392&cv=e31b9235-v2&r=false&upapi=true
Requested by: Host: mrb.upapi.net
URL: https://mrb.upapi.net/code?w=5733492711227392&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 23 Jun 2020 13:57:15 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: https://www.bleepingcomputer.com
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 82ms
27ms XHR
application/javascript 13.226.146.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.146.86 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-146-86.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 10:13:05 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 13451
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Tue, 23 Jun 2020 10:10:39 GMT
server: AmazonS3
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 a67be963c7536322e9a591e428e62d28.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: zcrpOQACPRxesOmaN5xReozt8ke7CEaIIjt-qWr40m1H5D5e1R_7fw==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 115 B
509 B 155ms
154ms XHR
text/javascript 13.226.146.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fextortionists-threaten-to-destroy-sites-in-fake-ransom-attacks%2F&pid=It38wgYgndp66&cb=0&ws=1600x1200&v=7.52.00&t=1000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_728x90_970x90_970x250_320x50_ATF%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_2%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_728x90_320x50_InContent_1%22%7D%2C%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_3%22%7D%5D&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdprl=%7B%22status%22%3A%22cmp-timeout%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.146.86 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-146-86.dus51.r.cloudfront.net
Software: Server /
Resource Hash: 80c776971a06ee00b4a5d8dec4538712721a8593f5591f625b8316fc521a7500

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:57:15 GMT
content-encoding: gzip
server: Server
x-amz-cf-pop: DUS51-C1
status: 200
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 126
via: 1.1 e8640ab30463560abfb6a2665bafb393.cloudfront.net (CloudFront)
x-amz-cf-id: TxqunOcLEyxy0li8dLwqwa02BPBohGyAUsbXRNsBTeqA2QE56BwatQ==

POST
H/1.1 200
OK sr Show response
capi.connatix.com/tr/ Frame 193A 0
265 B 540ms
134ms XHR
multipart/form-data 3.132.125.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/sr
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/25993/connatix.playspace.dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.132.125.47 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-132-125-47.us-east-2.compute.amazonaws.com
Software: openresty/1.15.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Tue, 23 Jun 2020 13:57:15 GMT
Access-Control-Allow-Credentials: true
Server: openresty/1.15.8.2
Connection: keep-alive
Content-Length: 0
Content-Type: multipart/form-data

GET
H2 200 6eebd04e-7da9-413c-9d14-877f4bbc6246.bin Show response
vid.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/ Frame 193A 2 KB
1 KB 78ms
19ms XHR
application/octet-stream 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/6eebd04e-7da9-413c-9d14-877f4bbc6246.bin
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/25993/connatix.playspace.dc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 848e6d819c590da4737acecc0199ef01e2ffe0c58d841c16a7542fbaa934666d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:57:15 GMT
content-encoding: gzip
age: 9359
x-cache: HIT, HIT
status: 200
content-length: 769
x-served-by: cache-bwi5131-BWI, cache-hhn4048-HHN
last-modified: Tue, 23 Jun 2020 11:19:49 GMT
x-timer: S1592920636.508726,VS0,VE0
etag: "ecf2a52993144aaada55bebd87484153"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31557600
accept-ranges: bytes
x-cache-hits: 1, 2

GET
H2 200 1.png
img.connatix.com/067e5169-ece3-4ce8-87ad-c7961b8bb396/ 7 KB
7 KB 43ms
19ms Image
image/webp 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/067e5169-ece3-4ce8-87ad-c7961b8bb396/1.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 489caa649bc6af24b5de49c2db88c9ec21f992310412f0bdb136c2a9df3c6a87

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:57:15 GMT
via: 1.1 varnish, 1.1 varnish
age: 845152
x-cache: HIT, HIT
fastly-io-info: ifsz=11996 idim=794x206 ifmt=png ofsz=6988 odim=794x206 ofmt=webp
status: 200
fastly-stats: io=1
content-length: 6988
x-served-by: cache-dca17768-DCA, cache-hhn4063-HHN
x-timer: S1592920635.488294,VS0,VE0
etag: "ZtgrrdcQwjijqgVjQ/zsHTfkgcr8y8OnGx9yjy8Yz/Q"
vary: Accept
x-amz-request-id: C0D2E8725F7C4E7F
access-control-allow-origin: *
cache-control: max-age=31557600
accept-ranges: bytes
content-type: image/webp
x-cache-hits: 1, 3

GET
H/1.1

200
OK

Cookie set iu3
aax-eu.amazon-adsystem.com/s/ Frame 32DE
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=r1u_cnv_3lift
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=r1u_cnv_3lift&dcc=t

0
0

216ms
216ms

Document
text/html

52.95.118.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=r1u_cnv_3lift&dcc=t
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.118.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash

Request headers

Host: aax-eu.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ad-id=A7mp-Y6w5UJxueVIRD4UlU0|t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/

Response headers

Server: Server
Date: Tue, 23 Jun 2020 13:57:15 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 190
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Set-Cookie: ad-id=A7mp-Y6w5UJxueVIRD4UlU0; Domain=.amazon-adsystem.com; Expires=Fri, 01-Jan-2021 13:57:15 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Tue, 01-Jul-2025 13:57:15 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip

Redirect headers

Server: Server
Date: Tue, 23 Jun 2020 13:57:15 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=r1u_cnv_3lift&dcc=t
Set-Cookie: ad-id=A7mp-Y6w5UJxueVIRD4UlU0|t; Domain=.amazon-adsystem.com; Expires=Fri, 01-Jan-2021 13:57:15 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary: User-Agent

POST
H/1.1 200
OK ps Show response
capi.connatix.com/tr/ Frame 193A 0
265 B 478ms
134ms XHR
multipart/form-data 3.132.125.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/ps
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/25993/connatix.playspace.dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.132.125.47 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-132-125-47.us-east-2.compute.amazonaws.com
Software: openresty/1.15.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Tue, 23 Jun 2020 13:57:16 GMT
Access-Control-Allow-Credentials: true
Server: openresty/1.15.8.2
Connection: keep-alive
Content-Length: 0
Content-Type: multipart/form-data

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 193A 2 KB
1 KB 173ms
44ms XHR
application/xml 52.50.72.216
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/25993/connatix.playspace.dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.72.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-72-216.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 52da5dad0aa4f2c20e70f81f4c743bd49779462c3b892614103acc33f28bb740

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Jun 2020 13:57:15 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 861

POST
H/1.1 200
OK ao Show response
capi.connatix.com/tr/ Frame 193A 0
265 B 517ms
130ms XHR
multipart/form-data 3.132.125.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/ao
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/25993/connatix.playspace.dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.132.125.47 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-132-125-47.us-east-2.compute.amazonaws.com
Software: openresty/1.15.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Tue, 23 Jun 2020 13:57:16 GMT
Access-Control-Allow-Credentials: true
Server: openresty/1.15.8.2
Connection: keep-alive
Content-Length: 0
Content-Type: multipart/form-data

GET
H2 200 59add888-7564-4eae-a1c7-40193a84a6ff.jpg
img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/ 40 KB
40 KB 21ms
21ms Image
image/webp 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/59add888-7564-4eae-a1c7-40193a84a6ff.jpg?crop=834:541,smart&width=834&height=541&fit=crop
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b78bac35da050605e5e4544ba1e6642915ba0a5b05afcf9b70ac22e1e0d060a4

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:57:15 GMT
via: 1.1 varnish, 1.1 varnish
age: 9446
x-cache: HIT, HIT
fastly-io-info: ifsz=78083 idim=1250x455 ifmt=png ofsz=40906 odim=701x455 ofmt=webp
status: 200
fastly-stats: io=1
content-length: 40906
x-served-by: cache-dca17737-DCA, cache-hhn4063-HHN
x-timer: S1592920636.605399,VS0,VE0
etag: "KXTtnHUyrUKk/a1J3/oIcbBNZVjTTrVXhJYh5c66LtM"
vary: Accept
x-amz-request-id: 804FD5F0EF4F7F08
access-control-allow-origin: *
cache-control: max-age=31557600
accept-ranges: bytes
content-type: image/webp
x-cache-hits: 2, 3

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 89 B
249 B 197ms
195ms Script
application/javascript 2.21.36.164
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=5ef20a3a937d919a&bkl=0&bl=1&pdt=1282&sid=5ef20a3a937d919a&pub=ra-561517d2c7f964d6&rev=v8.28.7-wp&ln=en&pc=men&cb=0&ab=-&dp=www.bleepingcomputer.com&fp=news%2Fsecurity%2Fextortionists-threaten-to-destroy-sites-in-fake-ransom-attacks%2F&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=computers%2Cwindows%2Clinux%2Cmac%2Csupport%2Ctech%20support%2Cspyware%2Cmalware%2Cvirus%2Csecurity%2CBlackmail%2CExtortion%2CRansom%2CScam%2Cvirus%20removal%2Cmalware%20removal%2Ccomputer%20help%2Ctechnical%20support&colc=1592920634695&jsl=1&uvs=5ef20a3a1e69c50f000&gdpr=0&skipb=1&callback=addthis.cbs.jsonp__99469172663580170
Requested by: Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.36.164 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-36-164.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d834b89dac9f5a8f73dc34ead37d64bf2fc0ba88373057a070a584621d53ca23

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Tue, 23 Jun 2020 13:57:15 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 89
content-type: application/javascript;charset=utf-8

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 263 B
2 KB 350ms
272ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=2&alt_size_ids=55%2C57&gdpr=0&us_privacy=1---&rp_schain=1.0,1!freestar.io,535,1,,,&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fextortionists-threaten-to-destroy-sites-in-fake-ransom-attacks%2F&tk_flint=pbjs_lite_v3.11.0&x_source.tid=81186cb3-647b-4ab1-84e5-70dda95c253e&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.3887367186419761
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: e2c29a44024947c29e9765b77ad783ae88f5c8f89a99359b599dbbd2da90133c

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 23 Jun 2020 13:57:15 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 263
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 263 B
2 KB 247ms
165ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=2&alt_size_ids=55%2C57&gdpr=0&us_privacy=1---&rp_schain=1.0,1!freestar.io,535,1,,,&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fextortionists-threaten-to-destroy-sites-in-fake-ransom-attacks%2F&tk_flint=pbjs_lite_v3.11.0&x_source.tid=6ab9fdf7-9ad1-4b93-b058-21bbf4977810&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.5629881178790193
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 49e01c7a11f0777ab698753c67088cf66859973c8108fcd01b34e937f202b9a1

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 23 Jun 2020 13:57:15 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 263
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
2 KB 338ms
252ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=15&alt_size_ids=10&gdpr=0&us_privacy=1---&rp_schain=1.0,1!freestar.io,535,1,,,&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fextortionists-threaten-to-destroy-sites-in-fake-ransom-attacks%2F&tk_flint=pbjs_lite_v3.11.0&x_source.tid=a2b7c952-926d-4a3b-bcb6-e79719b7735e&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.8650878886362325
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 740b9349515e8654f3f585a90c07bea80b01b6882d548cf23e259277313a94c1

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 23 Jun 2020 13:57:15 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 261
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
2 KB 296ms
210ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=2&gdpr=0&us_privacy=1---&rp_schain=1.0,1!freestar.io,535,1,,,&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fextortionists-threaten-to-destroy-sites-in-fake-ransom-attacks%2F&tk_flint=pbjs_lite_v3.11.0&x_source.tid=92781894-0aef-4d5c-9978-fe725fda0839&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.6782008264984565
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 9f63b491b5321bceca8c83581735228bb5002d3fe688a2c0fbc73a5dd9b535fc

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 23 Jun 2020 13:57:15 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
2 KB 437ms
350ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=15&alt_size_ids=10&gdpr=0&us_privacy=1---&rp_schain=1.0,1!freestar.io,535,1,,,&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fextortionists-threaten-to-destroy-sites-in-fake-ransom-attacks%2F&tk_flint=pbjs_lite_v3.11.0&x_source.tid=2f6e5c37-4909-4fc9-89b7-d88cedae64ac&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.29947832052553536
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: f0c989d73b411b2433c5d04aba8b0d8dc186ac741606cbf03e6f6b24c61dfcbe

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 23 Jun 2020 13:57:16 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 261
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 610 B
1 KB 154ms
100ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

2f1ac0a35a3442b524f8f9f96d7886d14a1e6d6e7ec30bcc7c6b1571cb069207

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 23 Jun 2020 13:57:17 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.236.201.148; 185.236.201.148; 692.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.117:80
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 3f8dca06-6441-481c-8b0d-c2c9d419337d
Server: nginx/1.13.4
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 arj Show response
freestar-d.openx.net/w/1.0/ 189 B
577 B 84ms
38ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://freestar-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fextortionists-threaten-to-destroy-sites-in-fake-ransom-attacks%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.1&dddid=81186cb3-647b-4ab1-84e5-70dda95c253e%2C6ab9fdf7-9ad1-4b93-b058-21bbf4977810%2Ca2b7c952-926d-4a3b-bcb6-e79719b7735e%2C92781894-0aef-4d5c-9978-fe725fda0839%2C2f6e5c37-4909-4fc9-89b7-d88cedae64ac&nocache=1592920635626&gdpr=0&us_privacy=1---&pubcid=5f861c0c-ea4a-47ae-a506-8b2d145d9cff&schain=1.0%2C1!freestar.io%2C535%2C1%2C%2C%2C&aus=728x90%2C970x90%2C970x250%7C728x90%2C970x90%2C970x250%7C300x250%2C300x600%7C728x90%7C300x250%2C300x600&divIds=bleepingcomputer_728x90_970x90_970x250_320x50_ATF%2Cbleepingcomputer_728x90_970x90_970x250_320x50_BTF%2Cbleepingcomputer_300x250_300x600_160x600_Right_2%2Cbleepingcomputer_728x90_320x50_InContent_1%2Cbleepingcomputer_300x250_300x600_160x600_Right_3&auid=540959250%2C540959250%2C540959250%2C540959250%2C540959250&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.188.0 /
Resource Hash: e78afb71e0b170c9c19e66ff7c7ffc752a2d3e8f3171c36085ff962015d841f1

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Jun 2020 13:57:15 GMT
content-encoding: gzip
server: OXGW/16.188.0
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 175
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 display Show response
mantodea.mantisadnetwork.com/prebid/ 56 B
346 B 617ms
141ms XHR
application/javascript 52.20.31.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mantodea.mantisadnetwork.com/prebid/display?tz=-120&buster=1592920635627&secure=true&version=9&mobile=false&title=Extortionists%20threaten%20to%20destroy%20sites%20in%20fake%20ransom%20attacks&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fextortionists-threaten-to-destroy-sites-in-fake-ransom-attacks%2F&measurable=true&bids[0][bidId]=24a1959ae8dd3b3&bids[0][config][property]=5c3404d83e048a00261ad27f&bids[0][config][zone]=bleepingcomputer_728x90_970x90_970x250_320x50_ATF&bids[0][sizes][0][width]=728&bids[0][sizes][0][height]=90&bids[0][sizes][1][width]=970&bids[0][sizes][1][height]=90&bids[0][sizes][2][width]=970&bids[0][sizes][2][height]=250&bids[1][bidId]=25c8b25f62e5d48&bids[1][config][property]=5c3404d83e048a00261ad27f&bids[1][config][zone]=bleepingcomputer_728x90_970x90_970x250_320x50_BTF&bids[1][sizes][0][width]=728&bids[1][sizes][0][height]=90&bids[1][sizes][1][width]=970&bids[1][sizes][1][height]=90&bids[1][sizes][2][width]=970&bids[1][sizes][2][height]=250&bids[2][bidId]=2699cb07e1d9ed9&bids[2][config][property]=5c3404d83e048a00261ad27f&bids[2][config][zone]=bleepingcomputer_300x250_300x600_160x600_Right_2&bids[2][sizes][0][width]=300&bids[2][sizes][0][height]=250&bids[2][sizes][1][width]=300&bids[2][sizes][1][height]=600&bids[3][bidId]=275aae4a17ae741&bids[3][config][property]=5c3404d83e048a00261ad27f&bids[3][config][zone]=bleepingcomputer_728x90_320x50_InContent_1&bids[3][sizes][0][width]=728&bids[3][sizes][0][height]=90&bids[4][bidId]=2860487d465aa22&bids[4][config][property]=5c3404d83e048a00261ad27f&bids[4][config][zone]=bleepingcomputer_300x250_300x600_160x600_Right_3&bids[4][sizes][0][width]=300&bids[4][sizes][0][height]=250&bids[4][sizes][1][width]=300&bids[4][sizes][1][height]=600&property=5c3404d83e048a00261ad27f&foo
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.20.31.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-20-31-155.compute-1.amazonaws.com
Software: / Express
Resource Hash: 1b046225f4059631f870494a82262e305233c975a7ea4e218d04d22b39ef887f

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Jun 2020 13:57:16 GMT
status: 200
x-powered-by: Express
etag: W/"38-LcnfvZKpC5vaBu+kY7n48sKIeqk"
vary: Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 56
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 608 B
1 KB 99ms
48ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

1dcf7182e1b8c45dae01056bec964bbd48992a1dcaec0fae9319a3fd08368833

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 23 Jun 2020 13:57:17 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.236.201.148; 185.236.201.148; 692.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.8:80
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 81f28ad3-2e17-442d-a94f-b120cf60a647
Server: nginx/1.13.4
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ 456 B
647 B 55ms
12ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 4d082065c49e67c7e6201995c2f778ddbe5f96b25f1ce2e2d6a5b255672680dd

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Jun 2020 13:57:15 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 456
expires: 0

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 76ms
19ms XHR
text/plain 35.158.189.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=WLM6GiL3zdSZQxjuNieepuQJ&bidId=42ee727bc5c66b4&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.11.0&strVersion=3.2.1&secure=true&us_privacy=1---&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.189.107 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-189-107.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Tue, 23 Jun 2020 13:57:15 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 76ms
20ms XHR
text/plain 35.158.189.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=bDraMWgeoLM4KHJBzFQ8heMv&bidId=4377808fb765c86&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.11.0&strVersion=3.2.1&secure=true&us_privacy=1---&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.189.107 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-189-107.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Tue, 23 Jun 2020 13:57:15 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 78ms
23ms XHR
text/plain 35.158.189.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=WLM6GiL3zdSZQxjuNieepuQJ&bidId=4422359d778e4bc&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.11.0&strVersion=3.2.1&secure=true&us_privacy=1---&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.189.107 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-189-107.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Tue, 23 Jun 2020 13:57:15 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 76ms
20ms XHR
text/plain 35.158.189.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=bDraMWgeoLM4KHJBzFQ8heMv&bidId=453fb90ed4186d8&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.11.0&strVersion=3.2.1&secure=true&us_privacy=1---&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.189.107 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-189-107.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Tue, 23 Jun 2020 13:57:15 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 74ms
19ms XHR
text/plain 35.158.189.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=uo4nuhxJikFrr3o47oeeZPL5&bidId=46d576d41c65b6e&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.11.0&strVersion=3.2.1&secure=true&us_privacy=1---&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.189.107 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-189-107.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Tue, 23 Jun 2020 13:57:15 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 74ms
19ms XHR
text/plain 35.158.189.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=6f2XVeWT9HhHNo9TDFzKK7JK&bidId=4760d76bf1246cc&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.11.0&strVersion=3.2.1&secure=true&us_privacy=1---&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.189.107 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-189-107.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Tue, 23 Jun 2020 13:57:15 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 75ms
20ms XHR
text/plain 35.158.189.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=WLM6GiL3zdSZQxjuNieepuQJ&bidId=48a11f2c297d921&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.11.0&strVersion=3.2.1&secure=true&us_privacy=1---&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.189.107 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-189-107.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Tue, 23 Jun 2020 13:57:15 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 75ms
21ms XHR
text/plain 35.158.189.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=uo4nuhxJikFrr3o47oeeZPL5&bidId=49bfbdb8fceb3fd&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.11.0&strVersion=3.2.1&secure=true&us_privacy=1---&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.189.107 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-189-107.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Tue, 23 Jun 2020 13:57:15 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 82ms
28ms XHR
text/plain 35.158.189.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=6f2XVeWT9HhHNo9TDFzKK7JK&bidId=50507a109db1166&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.11.0&strVersion=3.2.1&secure=true&us_privacy=1---&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.189.107 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-189-107.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Tue, 23 Jun 2020 13:57:15 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
122 B 164ms
106ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Tue, 23 Jun 2020 13:57:15 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 25 B
998 B 498ms
194ms XHR
application/json 23.210.249.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=393562&v=7.2&r=%7B%22id%22%3A%226371556413f7b5f%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22640426775ef91bf%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2265cab9cd7f95c91%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22668bdb9a8a888fa%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22672ef1fedf27137%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22687be535bd9e06e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22695471f002ca23e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22705ab3e6ea4e691%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2271f4b3aff4e37cd%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22724182a9df056ff%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2273d7ec28c5bae8c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2274df194a92ef011%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fextortionists-threaten-to-destroy-sites-in-fake-ransom-attacks%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%2C%22us_privacy%22%3A%221---%22%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 127a50257b5711515827190b313b8b559cd873a605b003c03dd97713c10085b1

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 23 Jun 2020 13:57:16 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 45
Expires: Tue, 23 Jun 2020 13:57:16 GMT

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
432 B 310ms
28ms XHR
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Jun 2020 13:57:15 GMT
server: cloudflare
status: 204
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-allow-credentials: true
cf-ray: 5a7eb7969be1cc4e-ZRH
access-control-allow-headers: Content-Type, Origin
cf-request-id: 038311121a0000cc4e5888f200000001

POST auction
tlx.3lift.com/header/ 0
0

GET
H2 200 59add888-7564-4eae-a1c7-40193a84a6ff.jpg
img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/ 46 KB
47 KB 26ms
20ms Image
image/webp 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/59add888-7564-4eae-a1c7-40193a84a6ff.jpg?crop=834:469,smart&width=834&height=469&fit=crop
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6aff88f7a0a5ca7b55e77e549988c0b67946262005b7defcbcb19613cbc41845

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:57:15 GMT
via: 1.1 varnish, 1.1 varnish
age: 9447
x-cache: HIT, HIT
fastly-io-info: ifsz=78083 idim=1250x455 ifmt=png ofsz=47412 odim=809x455 ofmt=webp
status: 200
fastly-stats: io=1
content-length: 47412
x-served-by: cache-dca17762-DCA, cache-hhn4063-HHN
x-timer: S1592920636.682098,VS0,VE0
etag: "ny7riYY8ZEM5bQQlrflWc40+eQXJFcw+BcI1NjMeZrk"
vary: Accept
x-amz-request-id: 804FD5F0EF4F7F08
access-control-allow-origin: *
cache-control: max-age=31557600
accept-ranges: bytes
content-type: image/webp
x-cache-hits: 1, 3

GET
H2 200 3893b37e-c6ab-4150-8bad-7c6f1a62bd97.jpg
img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/ 20 KB
20 KB 29ms
23ms Image
image/webp 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/3893b37e-c6ab-4150-8bad-7c6f1a62bd97.jpg?crop=834:469,smart&width=834&height=469&fit=crop
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6656b1a9e80abf769b5dc7dea7f8eb9d30c78f26e4555834d494b444c9b0f9d3

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:57:15 GMT
via: 1.1 varnish, 1.1 varnish
age: 9446
x-cache: HIT, HIT
fastly-io-info: ifsz=28022 idim=1280x450 ifmt=jpeg ofsz=20114 odim=800x450 ofmt=webp
status: 200
fastly-stats: io=1
content-length: 20114
x-served-by: cache-dca17781-DCA, cache-hhn4063-HHN
x-timer: S1592920636.682401,VS0,VE0
etag: "qQdJKf5P0M6iU4oeVBB0FkAAK3i4vm9b+prEiLlGc1Y"
vary: Accept
x-amz-request-id: 40399560884846FE
access-control-allow-origin: *
cache-control: max-age=31557600
accept-ranges: bytes
content-type: image/webp
x-cache-hits: 1, 3

GET
H2 200 7141bbba-78c4-4610-b9d1-deb789dafc13.jpg
img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/ 20 KB
20 KB 28ms
23ms Image
image/webp 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/7141bbba-78c4-4610-b9d1-deb789dafc13.jpg?crop=834:469,smart&width=834&height=469&fit=crop
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a1c97714c72fd99a733682ab5f360af9e20d5cf51e2936c1a227f25e89c5d54f

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:57:15 GMT
via: 1.1 varnish, 1.1 varnish
age: 9448
x-cache: HIT, HIT
fastly-io-info: ifsz=53294 idim=1280x450 ifmt=jpeg ofsz=20314 odim=800x450 ofmt=webp
status: 200
fastly-stats: io=1
content-length: 20314
x-served-by: cache-dca17779-DCA, cache-hhn4063-HHN
x-timer: S1592920636.682408,VS0,VE0
etag: "87h/tZJuuP6VAf0olU8VlmSpv+kpUlr5Th1xZolJXgc"
vary: Accept
x-amz-request-id: 6BF06CF0B7A09567
access-control-allow-origin: *
cache-control: max-age=31557600
accept-ranges: bytes
content-type: image/webp
x-cache-hits: 1, 2

GET
H2 200 3f21a25c-eacc-426e-8702-9035df481a33.jpg
img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/ 4 KB
4 KB 26ms
22ms Image
image/webp 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/3f21a25c-eacc-426e-8702-9035df481a33.jpg?crop=834:469,smart&width=834&height=469&fit=crop
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 812db7098ab07e4c8a7eafc8b2a55690f1150df98192690709d59eff6a8f973e

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:57:15 GMT
via: 1.1 varnish, 1.1 varnish
age: 9447
x-cache: HIT, HIT
fastly-io-info: ifsz=6464 idim=1250x455 ifmt=png ofsz=4078 odim=809x455 ofmt=webp
status: 200
fastly-stats: io=1
content-length: 4078
x-served-by: cache-dca17745-DCA, cache-hhn4063-HHN
x-timer: S1592920636.682391,VS0,VE0
etag: "x7LK8oWQIWeynnecMw7FRezdNo7MrIJgeZu5gtUkrhs"
vary: Accept
x-amz-request-id: 3F510E176812B450
access-control-allow-origin: *
cache-control: max-age=31557600
accept-ranges: bytes
content-type: image/webp
x-cache-hits: 1, 3

GET
H2 200 af69b249-6b95-4975-b0fd-8a239d4db96f.jpg
img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/ 11 KB
12 KB 27ms
23ms Image
image/webp 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/af69b249-6b95-4975-b0fd-8a239d4db96f.jpg?crop=834:469,smart&width=834&height=469&fit=crop
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 319d3877902c8eed09d48b4e37e53804c8326db2da868010be800e900936d707

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:57:15 GMT
via: 1.1 varnish, 1.1 varnish
age: 9447
x-cache: HIT, HIT
fastly-io-info: ifsz=29030 idim=1280x450 ifmt=jpeg ofsz=11636 odim=800x450 ofmt=webp
status: 200
fastly-stats: io=1
content-length: 11636
x-served-by: cache-dca17770-DCA, cache-hhn4063-HHN
x-timer: S1592920636.682362,VS0,VE0
etag: "UhBqLCeAeOqILjsJr25USdxgkXxtjw11JLpO8FvlYB4"
vary: Accept
x-amz-request-id: 0215BA670C1DA08B
access-control-allow-origin: *
cache-control: max-age=31557600
accept-ranges: bytes
content-type: image/webp
x-cache-hits: 1, 3

POST
H/1.1 200
OK g Show response
capi.connatix.com/rtb/ Frame 193A 306 B
592 B 817ms
501ms XHR
multipart/form-data 3.132.125.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/rtb/g
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/25993/connatix.playspace.dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.132.125.47 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-132-125-47.us-east-2.compute.amazonaws.com
Software: openresty/1.15.8.2 /
Resource Hash: 323c863a0e85f938df3549f53983dd34f36ea020b99eb1a6a5b945d5e3903a84

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Tue, 23 Jun 2020 13:57:16 GMT
Access-Control-Allow-Credentials: true
Server: openresty/1.15.8.2
Connection: keep-alive
transfer-encoding: chunked
Content-Type: multipart/form-data

GET
H2 200 vpaid_c23da234.js Show response
vpaid.springserve.com/production/ Frame CEF2 494 KB
113 KB 1777ms
1156ms Script
application/javascript 2001:4de0:ac18::1:a:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_c23da234.js
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/25993/connatix.playspace.dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 117739f2fc09e108216046527c52e7d473e75265ee7db8af52f42908bf20fcec

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:57:16 GMT
content-encoding: gzip
last-modified: Mon, 22 Jun 2020 13:33:42 GMT
server: AmazonS3
x-amz-request-id: 039BCE32F31EBA35
etag: "e93bc836bba2a072a5f050b8863b8319"
x-hw: 1592920636.dop161.fr8.t,1592920636.cds108.fr8.hn,1592920636.cds073.fr8.c
content-type: application/javascript
status: 200
cache-control: max-age=2543700
accept-ranges: bytes
access-control-allow-origin: *
content-length: 115255
x-amz-id-2: wWsIeAoXb/7bRAOOevxzOWQco3SLVPV181WbYYisAfj/O/0coOCHGX/UW+vP9uiXfDGz/FKpHLk=

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
6 KB 36ms
17ms XHR
application/json 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200618&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200618/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53f32a3f9ed33b84735045901bb258ebef3ce520a249eb8f3642055f1fb9fd52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Jun 2020 13:57:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5615
x-xss-protection: 0

POST
H2 200 v2qqqKIyznZj7x1Jt4Gm8FpJBtzVJQP_WiyNSWUDeNa68NnlJmmSTqMIaEH6I1mmBECzY-bPuPw9Zp_zY Show response
dapperdiscussion.com/ 215 B
615 B 90ms
32ms Fetch
application/json 35.190.64.11
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dapperdiscussion.com/v2qqqKIyznZj7x1Jt4Gm8FpJBtzVJQP_WiyNSWUDeNa68NnlJmmSTqMIaEH6I1mmBECzY-bPuPw9Zp_zY

Requested by

Host: dapperdiscussion.com
URL: https://dapperdiscussion.com/v2mojjRqxm0uSiopiD-aABaVl-1eYGn-9jdzP46hyVV260JPOwzzIpayjWhZBI5i-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.64.11 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

11.64.190.35.bc.googleusercontent.com

Software

Resource Hash

4cebc8a84fdd0c120a78ed97d69053358ebf3ce3d31df0706d9bf7d02b65a8c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
status: 200
date: Tue, 23 Jun 2020 13:57:16 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: jane
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 215
expires: Tue, 23 Jun 2020 13:57:15 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200618/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:57:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Tue, 23 Jun 2020 13:57:16 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame A489 0
0 6ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Tue, 23 Jun 2020 13:33:59 GMT
expires: Wed, 23 Jun 2021 13:33:59 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1397
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 239 KB
25 KB 507ms
507ms XHR
text/plain 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=770938372145107&correlator=3064416014393997&output=ldjh&impl=fifs&adsid=NT&eid=21066394%2C21066348&vrg=2020061801&us_privacy=1---&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200623&iu_parts=15184186%2Cbleepingcomputer_728x90_970x90_970x250_320x50_ATF%2Cbleepingcomputer_728x90_970x90_970x250_320x50_BTF%2Cbleepingcomputer_300x250_300x600_160x600_Right_2%2Cbleepingcomputer_728x90_320x50_InContent_1%2Cbleepingcomputer_1x1%2Cbleepingcomputer_300x250_300x600_160x600_Right_3&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6&prev_iu_szs=728x90%7C970x90%7C970x250%2C728x90%7C970x90%7C970x250%2C300x250%7C300x600%2C728x90%2C1x1%2C300x250%7C300x600&ists=2&prev_scp=amznbid%3D2%26amznp%3D2%26fsbid%3Dtimeout%7Camznbid%3D2%26amznp%3D2%26fsbid%3Dtimeout%7Camznbid%3D2%26amznp%3D2%26fsbid%3Dtimeout%7Camznbid%3D2%26amznp%3D2%26fsbid%3Dtimeout%7Cfsbid%3Dtimeout%7Camznbid%3D2%26amznp%3D2%26fsbid%3Dtimeout&eri=1&cust_params=user-agent%3DChrome&cookie_enabled=1&bc=31&abxe=1&lmt=1592143642&dt=1592920636361&dlt=1592920634076&idt=1049&frm=20&biw=1600&bih=1200&oid=3&adxs=436%2C436%2C1082%2C268%2C800%2C1082&adys=146%2C5169%2C1208%2C3738%2C5675%2C1733&adks=960084856%2C976516616%2C2389526111%2C4047242158%2C2635258439%2C523518761&ucis=1%7C2%7C3%7C4%7C5%7C6&ifi=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fextortionists-threaten-to-destroy-sites-in-fake-ransom-attacks%2F&dssz=60&icsg=2814752585711616&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1170x120%7C1200x90%7C306x250%7C834x90%7C1600x5676%7C306x250&msz=1170x90%7C1170x90%7C306x250%7C834x90%7C1600x1%7C306x250&ga_vid=724855821.1592920635&ga_sid=1592920635&ga_hid=1936470155&fws=0%2C0%2C0%2C0%2C0%2C512&ohw=0%2C0%2C0%2C0%2C0%2C0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

3696fd70881127647cc155920bd934a5985868fcf627b2ffc3d3c14ef74e87f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:57:16 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25114
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,-2,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,-1,-2,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
ef4053e46eb26f687944052b89a35efa.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 48ms
14ms Other
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ef4053e46eb26f687944052b89a35efa.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 6ms
6ms Other
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 122 B
512 B 108ms
107ms XHR
text/javascript 13.226.146.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fextortionists-threaten-to-destroy-sites-in-fake-ransom-attacks%2F&pid=It38wgYgndp66&cb=1&ws=1600x1200&v=7.52.00&t=1000&slots=%5B%7B%22sd%22%3A%225%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_970x90_728x90_320x50_sticky%22%7D%5D&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdpre=0&gdprl=%7B%22status%22%3A%22cmp-success%22%2C%22rtimes%22%3A%5B373%5D%2C%22cc%22%3A%222%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.146.86 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-146-86.dus51.r.cloudfront.net
Software: Server /
Resource Hash: ea82d11a7712dc319ba1e968ed436d52b4c75a1945365a8c3465d3353d614c40

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:57:16 GMT
content-encoding: gzip
server: Server
x-amz-cf-pop: DUS51-C1
status: 200
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 130
via: 1.1 e8640ab30463560abfb6a2665bafb393.cloudfront.net (CloudFront)
x-amz-cf-id: CWeXdxOe469AtAAGPIteV6V7l8GdW5hZM663jtcEj7QFbnKIi3v0Pg==

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
66 B 84ms
84ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Tue, 23 Jun 2020 13:57:16 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 260 B
2 KB 193ms
193ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=2&alt_size_ids=55&gdpr=0&us_privacy=1---&rp_schain=1.0,1!freestar.io,535,1,,,&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fextortionists-threaten-to-destroy-sites-in-fake-ransom-attacks%2F&tk_flint=pbjs_lite_v3.11.0&x_source.tid=d8226200-ec1a-4616-91d1-f943fd135654&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.470875665573838
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 2ed3b50047822a7f2393f8cea0fb241e17a74ab9bc8ad9a2346a344ae58a207a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 23 Jun 2020 13:57:16 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 260
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 display Show response
mantodea.mantisadnetwork.com/prebid/ 56 B
346 B 128ms
127ms XHR
application/javascript 52.20.31.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mantodea.mantisadnetwork.com/prebid/display?tz=-120&buster=1592920636397&secure=true&version=9&mobile=false&uuid=cdf1ecdc-b7e9-495f-8d47-efdbabc16501&title=Extortionists%20threaten%20to%20destroy%20sites%20in%20fake%20ransom%20attacks&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fextortionists-threaten-to-destroy-sites-in-fake-ransom-attacks%2F&measurable=true&bids[0][bidId]=109a55b88c49cc68&bids[0][config][property]=5c3404d83e048a00261ad27f&bids[0][config][zone]=bleepingcomputer_970x90_728x90_320x50_sticky&bids[0][sizes][0][width]=728&bids[0][sizes][0][height]=90&bids[0][sizes][1][width]=970&bids[0][sizes][1][height]=90&property=5c3404d83e048a00261ad27f&foo
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.20.31.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-20-31-155.compute-1.amazonaws.com
Software: / Express
Resource Hash: 1b046225f4059631f870494a82262e305233c975a7ea4e218d04d22b39ef887f

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Jun 2020 13:57:16 GMT
status: 200
x-powered-by: Express
etag: W/"38-LcnfvZKpC5vaBu+kY7n48sKIeqk"
vary: Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 56
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 146 B
1 KB 93ms
93ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

bdf16308c9560c6bd794d345f82cf7df2ab1b7ddeec75d3bdd37ef169db81ece

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 23 Jun 2020 13:57:18 GMT
X-Proxy-Origin: 185.236.201.148; 185.236.201.148; 692.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.178:80
AN-X-Request-Uuid: d1a404e8-136d-4200-a242-7cb752567b3a
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 146
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 arj Show response
freestar-d.openx.net/w/1.0/ 189 B
367 B 35ms
35ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://freestar-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fextortionists-threaten-to-destroy-sites-in-fake-ransom-attacks%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.1&dddid=d8226200-ec1a-4616-91d1-f943fd135654&nocache=1592920636398&gdpr=0&us_privacy=1---&pubcid=5f861c0c-ea4a-47ae-a506-8b2d145d9cff&schain=1.0%2C1!freestar.io%2C535%2C1%2C%2C%2C&aus=728x90%2C970x90&divIds=bleepingcomputer_970x90_728x90_320x50_sticky&auid=540959250&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.188.0 /
Resource Hash: 423c05652d1edc528c6d81f141132a47de25be942448d437b93bc8c7f2f1148f

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Jun 2020 13:57:16 GMT
content-encoding: gzip
server: OXGW/16.188.0
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 175
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ 194 B
384 B 12ms
12ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: befee3f1747c13b9f237cc37db0fc31232e15d30133e1b93b2e05ea84e09e3d2

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Jun 2020 13:57:16 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 194
expires: 0

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
191 B 26ms
26ms XHR
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Jun 2020 13:57:16 GMT
server: cloudflare
status: 204
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-allow-credentials: true
cf-ray: 5a7eb7998bcfcc4e-ZRH
access-control-allow-headers: Content-Type, Origin
cf-request-id: 03831113f90000cc4e588a0200000001

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 51ms
51ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

630b0770781da86c09577621a39b452a07795a802264375def95d647bd078830

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 23 Jun 2020 13:57:18 GMT
X-Proxy-Origin: 185.236.201.148; 185.236.201.148; 692.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.50:80
AN-X-Request-Uuid: f8baf8ea-89e4-462b-b159-0dcb6023ad4b
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 25 B
998 B 174ms
174ms XHR
application/json 23.210.249.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=393562&v=7.2&r=%7B%22id%22%3A%221209ab52d65060f%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22121e2d270e334c0b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22122fa56ab0463951%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fextortionists-threaten-to-destroy-sites-in-fake-ransom-attacks%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%2C%22us_privacy%22%3A%221---%22%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ecbafd9b31431c61b62f37bda43bdb7f03eb59f2881779748b1850acc13780fb

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 23 Jun 2020 13:57:16 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 45
Expires: Tue, 23 Jun 2020 13:57:16 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
8 KB 90ms
31ms Script
application/x-javascript 91.228.74.134
QUANTCAST

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.quantserve.com/quant.js

Requested by

Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.134 , United Kingdom, ASN27281 (QUANTCAST, US),

Reverse DNS

Software

Resource Hash

e6e50fd1047f835e02b1b4140c8a63062dff27f25906501694c4829624150955

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:57:16 GMT
content-encoding: gzip
last-modified: Tue, 23-Jun-2020 13:57:16 GMT
etag: M0-4cca824e
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: private, no-transform, max-age=604800
strict-transport-security: max-age=86400
content-length: 8082
expires: Tue, 30 Jun 2020 13:57:16 GMT

GET
H2 200 bxl.js Show response
hbx.media.net/ 16 KB
7 KB 377ms
50ms Script
text/javascript 72.247.224.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hbx.media.net/bxl.js?cid=8CUFH1GPH&dn=www.bleepingcomputer.com&version=&https=1

Requested by

Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.247.224.27 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a72-247-224-27.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ab71b632d62458a0ba73b63656f90be6eccdd1c569f9c0bec49518117e99efbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
date: Tue, 23 Jun 2020 13:57:16 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
status: 200
cache-control: max-age=86400
content-length: 6660
x-mnet-hl2: E
expires: Wed, 24 Jun 2020 13:57:16 GMT

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 79ms
26ms Script
application/x-javascript 23.42.18.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.42.18.223 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-42-18-223.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Jun 2020 13:57:16 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Wed, 24 Jun 2020 13:57:16 GMT

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 321 KB
94 KB 123ms
47ms Script
application/x-javascript 23.210.250.13
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.250.13 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-13.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 62b0c20e7f2a4bc1d5e021c345adc7d88f48c331e0296116fa3c3764aa9eaa2d

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Jun 2020 13:57:16 GMT
Content-Encoding: gzip
x-amz-request-id: 5AC9A211EF1D9194
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: 565Eh86HQ4vF8PqDQGORrfsmeQXxyq+bW4OVg6VKS2bg1psJSDUfOs58QHXnj20f5F0dTgc6htY=
Last-Modified: Fri, 19 Jun 2020 22:53:01 GMT
Server: AmazonS3
ETag: "6aa317088d689c935d4098cc4498b768"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

POST
H2 200 v2lxfGMmzC_fr0nLwOmFIMrH35AfWI1woAjLYvnaHmwJd_fzNAwxv0nhriXUMLMvX0U_n_UMY_KmWwc7r Show response
dapperdiscussion.com/ 3 B
36 B 55ms
53ms Fetch
application/json 35.190.64.11
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dapperdiscussion.com/v2lxfGMmzC_fr0nLwOmFIMrH35AfWI1woAjLYvnaHmwJd_fzNAwxv0nhriXUMLMvX0U_n_UMY_KmWwc7r

Requested by

Host: dapperdiscussion.com
URL: https://dapperdiscussion.com/v2mojjRqxm0uSiopiD-aABaVl-1eYGn-9jdzP46hyVV260JPOwzzIpayjWhZBI5i-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.64.11 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

11.64.190.35.bc.googleusercontent.com

Software

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
status: 200
date: Tue, 23 Jun 2020 13:57:16 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-allow-credentials: true
x-hostname: jane
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 3

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=23384447&cs_ucfr=1&ns__t=1592920636485&ns_c=UTF-8&cv=3.5&c8=Extortionists%20threaten%20to%20destroy%20sites%20in%20fake%20ransom%20attacks&c7=https%3A%2F%...
https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=1&ns__t=1592920636485&ns_c=UTF-8&cv=3.5&c8=Extortionists%20threaten%20to%20destroy%20sites%20in%20fake%20ransom%20attacks&c7=https%3A%2F...

0
528 B

25ms
25ms

Image
text/plain

23.42.18.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=1&ns__t=1592920636485&ns_c=UTF-8&cv=3.5&c8=Extortionists%20threaten%20to%20destroy%20sites%20in%20fake%20ransom%20attacks&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fextortionists-threaten-to-destroy-sites-in-fake-ransom-attacks%2F&c9=&cs_ak_ss=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.42.18.223 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-42-18-223.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Jun 2020 13:57:16 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=1&ns__t=1592920636485&ns_c=UTF-8&cv=3.5&c8=Extortionists%20threaten%20to%20destroy%20sites%20in%20fake%20ransom%20attacks&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fextortionists-threaten-to-destroy-sites-in-fake-ransom-attacks%2F&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Tue, 23 Jun 2020 13:57:16 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rules-p-UeXruRVtZz7w6.js Show response
rules.quantcount.com/ 2 KB
1 KB 94ms
30ms Script
application/x-javascript 2600:9000:215d:c000:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:215d:c000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:15:49 GMT
content-encoding: gzip
last-modified: Thu, 07 Dec 2017 17:06:25 GMT
server: AmazonS3
age: 2503
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: FKoeMqAwkuDe2F31J-IqfL1q2E8XXb2IRgPDLM6PxDkg7rvjAcGrsw==
via: 1.1 cfd12cc4ec21f43f7afaabc9c7275134.cloudfront.net (CloudFront)

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
109 B 15ms
15ms Image
image/gif 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gda_r20200618&jk=770938372145107&bg=!ICOlIztY1C91axGBAWUCAAAAR1IAAAANmQGJ7b742-6ECHBJ15KpoyOXYr_CS76y78hOL7f8U7SXxoLlq02cengNxnOlb8UUorwLwO0fHCcDkf47_bM5DsepgV_Bi7scaJ3ZIW9NbfXfzDLP_-oAMJHuPPcPEy8F6P5hdYrYMi4buS31OFX2nfN-bjSI1msHvMiPWP37IOjswqOheePcdkqgA86CqAUwjxFmHcCy7hcTqQ30lPGNC9OYsSLKTuT3WQCNbrolP8i-bEjr2glTJpj4VqYLxTUWu-0s83ryIYWyR8B85DLtTT66ZpK_3bpYc6D5XxGgV3v1RGZ1AtLkZlYunRPrH2W8-qjxY1BUfuk8BPqcXSJs8VomFO-IfW1LqtOK7VN2jVhYo2ONaWCcFC1l2CWbmx7_elMOCUktp2mATjg6YVc-hINcHTt3tjF6CkG9FMZgI8J48sIdAf6mv-G1wcgRFvq78H-WshMF8w-RpNgqstahiPG9J5egteOZaMvspfeu2VYCqPKNlpMPkHbGFgfVNPHQys_e_8ZsJN_T8SYK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jun 2020 13:57:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 t Show response
jadserve.postrelease.com/ 270 B
747 B 348ms
120ms Script
text/javascript 34.234.137.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fextortionists-threaten-to-destroy-sites-in-fake-ransom-attacks%2F&ntv_mvi&us_privacy=1---
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.234.137.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-137-236.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: eea4366b5efe8c105639c72c6e3989b928aef241653b2a9e8d4bdfe4a0c25520

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jun 2020 13:57:16 GMT
content-encoding: gzip
server: nginx/1.12.1
status: 200
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/javascript;charset=UTF-8
content-length: 220
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 57 KB
12 KB 572ms
572ms XHR
text/plain 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

fdd803105d28099a8def23fb31da1e36c0ece01f807c4a95464f3f9a9e6e9183

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:57:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12031
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel;r=572011598;labels=keywords.Blackmail%2Ckeywords.Extortion%2Ckeywords.Ransom%2Ckeywords.Scam%2Ckeywords.Security%2Ckeywords.InfoSec%2Ckeywords.Computer%20Security%2Ctitle.Extortionists%20thre...
pixel.quantserve.com/ 35 B
371 B 33ms
29ms Image
image/gif 91.228.74.134
QUANTCAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=572011598;labels=keywords.Blackmail%2Ckeywords.Extortion%2Ckeywords.Ransom%2Ckeywords.Scam%2Ckeywords.Security%2Ckeywords.InfoSec%2Ckeywords.Computer%20Security%2Ctitle.Extortionists%20threaten%20to%20destroy%20sites%20in%20fake%20ransom%20attacks%2Ctitle.Extortionists%20threaten%20to%20destroy%20sites%20in%20fake%20ransom%20attacks;rf=0;a=p-UeXruRVtZz7w6;url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fextortionists-threaten-to-destroy-sites-in-fake-ransom-attacks%2F;fpan=1;fpa=P0-646895558-1592920636610;ns=0;ce=1;qjs=1;qv=3d595974-20200604132620;cm=;gdpr=0;ref=;d=bleepingcomputer.com;je=0;sr=1600x1200x24;enc=n;dst=1;et=1592920636609;tzo=-120;ogl=site_name.BleepingComputer%2Clocale.en_us%2Curl.https%3A%2F%2Fwww%252Ebleepingcomputer%252Ecom%2Fnews%2Fsecurity%2Fextortionists-threaten-to-destroy%2Ctype.article%2Ctitle.Extortionists%20threaten%20to%20destroy%20sites%20in%20fake%20ransom%20attacks%2Cdescription.Scammers%20are%20targeting%20website%20owners%20with%20blackmail%20messages%20asking%20them%20to%20pay%2Cimage.https%3A%2F%2Fwww%252Ebleepstatic%252Ecom%2Fcontent%2Fhl-images%2F2020%2F06%2F12%2FRansom-Scam%252Ejpg%2Cimage%3Asecure_url.https%3A%2F%2Fwww%252Ebleepstatic%252Ecom%2Fcontent%2Fhl-images%2F2020%2F06%2F12%2FRansom-Scam%252Ejpg%2Cimage%3Awidth.1280%2Cimage%3Aheight.450

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.134 , United Kingdom, ASN27281 (QUANTCAST, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jun 2020 13:57:16 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
status: 200
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 pubfig.messaging.2.1.2.js Show response
a.pub.network/core/ 196 KB
54 KB 43ms
42ms Script
text/html 2606:4700:20::681a:18b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.pub.network/core/pubfig.messaging.2.1.2.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:18b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6883ce59605b04b6c6782ba17cb02dae671c9228e429ced6c1ab1171a38e12a1

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:57:16 GMT
content-encoding: br
cf-cache-status: HIT
x-guploader-uploadid: AAANsUlBJZd_IIznDV1-7TMgon0R8pA--c0aCiRz82Es6qqb7KlRUAiDpgmKoreqROctRh5-jPj9LltSstX-we7KFw
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
content-type: text/html
cf-request-id: 03831115630000c29aa4184200000001
last-modified: Thu, 21 May 2020 18:48:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=ZRmSfw==, md5=oZGx7bOBDSxrvXO/7RRFZw==
x-goog-generation: 1590086920350282
cache-control: private, max-age=1800
x-goog-stored-content-length: 200438
cf-ray: 5a7eb79bdaf2c29a-FRA
expires: Fri, 18 Jun 2021 23:28:57 GMT

GET
H2 200 checksync.php
hbx.media.net/ Frame 8A9A 0
0 55ms
54ms Document
text/html 72.247.224.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hbx.media.net/checksync.php?&vsSync=1&cs=1&hb=1&cv=37&ndec=1&cid=8CUFH1GPH&prvid=56%2C70%2C77%2C80%2C82%2C97%2C99%2C109%2C111%2C112%2C113%2C139%2C154%2C157%2C159%2C175%2C178%2C186%2C201%2C226%2C10000&https=1

Requested by

Host: hbx.media.net
URL: https://hbx.media.net/bxl.js?cid=8CUFH1GPH&dn=www.bleepingcomputer.com&version=&https=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.247.224.27 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a72-247-224-27.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

:method: GET
:authority: hbx.media.net
:scheme: https
:path: /checksync.php?&vsSync=1&cs=1&hb=1&cv=37&ndec=1&cid=8CUFH1GPH&prvid=56%2C70%2C77%2C80%2C82%2C97%2C99%2C109%2C111%2C112%2C113%2C139%2C154%2C157%2C159%2C175%2C178%2C186%2C201%2C226%2C10000&https=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/

Response headers

status: 200
server: Apache
content-type: text/html; charset=UTF-8
set-cookie: visitor-id=2359222360306028000V10; Expires=Wed, 23 Jun 2021 13:57:16 GMT; domain=.media.net; Path=/; sameSite=none; secure=true
x-mnet-hl2: E
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security: max-age=604800
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=28268
expires: Tue, 23 Jun 2020 21:48:24 GMT
date: Tue, 23 Jun 2020 13:57:16 GMT
content-length: 7173

POST
H/1.1 200
OK c Show response
c.pub.network/ 36 B
472 B 535ms
143ms XHR
text/plain 35.226.36.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/c
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/pubfig.messaging.2.1.2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.226.36.58 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.36.226.35.bc.googleusercontent.com
Software: /
Resource Hash: 8892ef2a828d567110621e27d5edb6117640cc698f92387baabf8b98a27dc52b

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Tue, 23 Jun 2020 13:57:17 GMT
Access-Control-Allow-Credentials: true
Content-Length: 36
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain;charset=utf-8

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012005272217000/ Frame A572 202 KB
55 KB 50ms
13ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5233691dffa51e70ae8b66c53b31324e7dfb405de2b01b0bebb41ed2fd52f58a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 10490
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56211
x-xss-protection: 0
server: sffe
date: Tue, 23 Jun 2020 11:02:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9687f63ba3c32530"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Jun 2021 11:02:26 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame A572 16 KB
6 KB 49ms
12ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85d3035a8f8ddfdf1e05876bc9339258e279930aeef58b157ee825406a9c9c0c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 26384
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5894
x-xss-protection: 0
server: sffe
date: Tue, 23 Jun 2020 06:37:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "983c44847f51ce73"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Jun 2021 06:37:32 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame A572 97 KB
30 KB 43ms
6ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97361dda3d036caf25e270fe716db15f530cfa40f3c6a165d1a6e76a4ac17183

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 10166
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29912
x-xss-protection: 0
server: sffe
date: Tue, 23 Jun 2020 11:07:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8ebd5537ed53cc8f"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Jun 2021 11:07:50 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame A572 4 KB
2 KB 55ms
18ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e477ee9acf4d98f1e077d54ed6383388e46b0041762e30de32238cf6aef83df

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 26399
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1720
x-xss-protection: 0
server: sffe
date: Tue, 23 Jun 2020 06:37:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "eedff0e973ca46aa"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Jun 2021 06:37:17 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame A572 48 KB
15 KB 54ms
17ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e087f7a19b3c163ff3202a9eee68e1fbc405a902f196b1df49912aec0f2d598

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 26384
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14995
x-xss-protection: 0
server: sffe
date: Tue, 23 Jun 2020 06:37:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "aab4b6f9640d8580"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Jun 2021 06:37:32 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame A572 4 KB
721 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

02fec5849f8ab7bceb4450d167f382e9079bd3a5d0f33a00942869641811ab3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Jun 2020 12:33:40 GMT
server: ESF
date: Tue, 23 Jun 2020 13:57:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Jun 2020 13:57:16 GMT

GET
DATA 200
OK truncated
/ Frame A572 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc5e2f7a3f4a5598cdb4d16dd342dbcda53bfd8db1696b2ccf1da6243f228165

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 en_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A572 2 KB
3 KB 7ms
5ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en_bl.png

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Jun 2020 15:26:38 GMT
x-content-type-options: nosniff
server: cafe
age: 81038
etag: 11660698925711390587
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2471
x-xss-protection: 0
expires: Tue, 23 Jun 2020 15:26:38 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A572 295 B
404 B 7ms
6ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Jun 2020 21:53:20 GMT
x-content-type-options: nosniff
server: cafe
age: 57836
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 23 Jun 2020 21:53:20 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A572 0
0 30ms
29ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C2YosPAryXoWfG96W3gPp_LTYCf26ie5diurssIEL3oq5wI0OEAEgx4P8AWD1lc6B4ASgAeT4i-MDyAEB4AIAqAMByAMKqgTBAk_Q4kFK4ooYJnHuLLNhjo7p5Z-jOOZ2KMLht-13do26Nw8RYR_py-rn4Idb6xC_CbYtjb_lCSN6sPRiqY20ig_ISm-oOEBcNVKr0H__2xKAG4r0kgGkuU7pgYogiI-S_opPy3pLbvQpRkzBlQ_GjdJQxDSMtwKUM4d7JuvlutGB8LDi5QnYDSuVXtj2CJLLbrD16SLceWdyEIU4Mj27q1v4rKXZQjc5sSaufuE9R_0qrxmAtc8ypkc-hpsubG_xMNHMrQTr_wJrXXyGKr_9n9PC2Q8Zbv92awuADvopsJfSNAL4xwVNrx7bzgHSH3brXC-KLK95j6tPbOrZGb7KXI65zD9HOUViu0z06ZkZ6K6XEqx5K4VIvFvJJjdgNAxrZyHCO5saq1fdxW7FIhYsJgy-G_9uFjHVJrWlq7gcI7SOlMAEkJfOk5QD4AQBgAeWgeUBqAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcB8gcEEOfQB9IIBwiAYRABGB2ACgHICwHYEwOIFAI&sigh=QSrJpiHpnrc&tpd=AGWhJmvQz9iSWL1q61LucjolmzWbcfH8Z8XRlfWnv2UfwBrVAw
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s28-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012005272217000/ Frame 3113 202 KB
55 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5233691dffa51e70ae8b66c53b31324e7dfb405de2b01b0bebb41ed2fd52f58a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 10490
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56211
x-xss-protection: 0
server: sffe
date: Tue, 23 Jun 2020 11:02:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9687f63ba3c32530"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Jun 2021 11:02:26 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame 3113 16 KB
6 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85d3035a8f8ddfdf1e05876bc9339258e279930aeef58b157ee825406a9c9c0c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 26384
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5894
x-xss-protection: 0
server: sffe
date: Tue, 23 Jun 2020 06:37:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "983c44847f51ce73"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Jun 2021 06:37:32 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame 3113 97 KB
29 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97361dda3d036caf25e270fe716db15f530cfa40f3c6a165d1a6e76a4ac17183

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 10166
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29912
x-xss-protection: 0
server: sffe
date: Tue, 23 Jun 2020 11:07:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8ebd5537ed53cc8f"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Jun 2021 11:07:50 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame 3113 4 KB
2 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e477ee9acf4d98f1e077d54ed6383388e46b0041762e30de32238cf6aef83df

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 26399
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1720
x-xss-protection: 0
server: sffe
date: Tue, 23 Jun 2020 06:37:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "eedff0e973ca46aa"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Jun 2021 06:37:17 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame 3113 48 KB
15 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e087f7a19b3c163ff3202a9eee68e1fbc405a902f196b1df49912aec0f2d598

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 26384
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14995
x-xss-protection: 0
server: sffe
date: Tue, 23 Jun 2020 06:37:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "aab4b6f9640d8580"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Jun 2021 06:37:32 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 3113 7 KB
798 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d0cbfb1ab0f94123834567e32df7ec74a1c210793f797368d41a4b4c2732d4a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Jun 2020 12:57:44 GMT
server: ESF
date: Tue, 23 Jun 2020 13:57:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Jun 2020 13:57:16 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3113 295 B
359 B 11ms
10ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Jun 2020 21:53:20 GMT
x-content-type-options: nosniff
server: cafe
age: 57836
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 23 Jun 2020 21:53:20 GMT

GET
H2 200 6592766407814317453
tpc.googlesyndication.com/simgad/8576312518692240145/ Frame 3113 40 KB
40 KB 10ms
10ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8576312518692240145/6592766407814317453

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00dca6bc8c7b24b1cbc3d590cc4cf5a41cd3ce378165f3eef1257987c486b8f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Jun 2020 00:43:15 GMT
x-content-type-options: nosniff
age: 1257241
x-dns-prefetch-control: off
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40482
x-xss-protection: 0
last-modified: Fri, 17 May 2019 00:59:10 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Jun 2021 00:43:15 GMT

GET
DATA 200
OK truncated
/ Frame 3113 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 3113 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d6fe90201b6bec01211a67dd63611aeff450b2c7b4a9e21298993d126424e5bd

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012005272217000/ Frame 9C62 202 KB
55 KB 17ms
7ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5233691dffa51e70ae8b66c53b31324e7dfb405de2b01b0bebb41ed2fd52f58a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 10491
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56211
x-xss-protection: 0
server: sffe
date: Tue, 23 Jun 2020 11:02:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9687f63ba3c32530"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Jun 2021 11:02:26 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame 9C62 16 KB
6 KB 16ms
6ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85d3035a8f8ddfdf1e05876bc9339258e279930aeef58b157ee825406a9c9c0c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 26385
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5894
x-xss-protection: 0
server: sffe
date: Tue, 23 Jun 2020 06:37:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "983c44847f51ce73"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Jun 2021 06:37:32 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame 9C62 97 KB
29 KB 32ms
23ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97361dda3d036caf25e270fe716db15f530cfa40f3c6a165d1a6e76a4ac17183

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 10167
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29912
x-xss-protection: 0
server: sffe
date: Tue, 23 Jun 2020 11:07:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8ebd5537ed53cc8f"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Jun 2021 11:07:50 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame 9C62 4 KB
2 KB 31ms
22ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e477ee9acf4d98f1e077d54ed6383388e46b0041762e30de32238cf6aef83df

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 26400
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1720
x-xss-protection: 0
server: sffe
date: Tue, 23 Jun 2020 06:37:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "eedff0e973ca46aa"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Jun 2021 06:37:17 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame 9C62 48 KB
15 KB 30ms
21ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e087f7a19b3c163ff3202a9eee68e1fbc405a902f196b1df49912aec0f2d598

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 26385
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14995
x-xss-protection: 0
server: sffe
date: Tue, 23 Jun 2020 06:37:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "aab4b6f9640d8580"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Jun 2021 06:37:32 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9C62 295 B
364 B 14ms
5ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Jun 2020 21:53:20 GMT
x-content-type-options: nosniff
server: cafe
age: 57837
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 23 Jun 2020 21:53:20 GMT

GET
DATA 200
OK truncated
/ Frame 9C62 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d074bf70f383a1a6be5ebafede91a7c18e27df97408a0e9c7065a82450bf452

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012005272217000/ Frame F608 202 KB
55 KB 17ms
10ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5233691dffa51e70ae8b66c53b31324e7dfb405de2b01b0bebb41ed2fd52f58a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 10491
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56211
x-xss-protection: 0
server: sffe
date: Tue, 23 Jun 2020 11:02:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9687f63ba3c32530"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Jun 2021 11:02:26 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame F608 16 KB
6 KB 22ms
15ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85d3035a8f8ddfdf1e05876bc9339258e279930aeef58b157ee825406a9c9c0c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 26385
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5894
x-xss-protection: 0
server: sffe
date: Tue, 23 Jun 2020 06:37:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "983c44847f51ce73"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Jun 2021 06:37:32 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame F608 97 KB
29 KB 14ms
7ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97361dda3d036caf25e270fe716db15f530cfa40f3c6a165d1a6e76a4ac17183

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 10167
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29912
x-xss-protection: 0
server: sffe
date: Tue, 23 Jun 2020 11:07:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8ebd5537ed53cc8f"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Jun 2021 11:07:50 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame F608 4 KB
2 KB 18ms
12ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e477ee9acf4d98f1e077d54ed6383388e46b0041762e30de32238cf6aef83df

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 26400
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1720
x-xss-protection: 0
server: sffe
date: Tue, 23 Jun 2020 06:37:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "eedff0e973ca46aa"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Jun 2021 06:37:17 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame F608 48 KB
15 KB 17ms
11ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e087f7a19b3c163ff3202a9eee68e1fbc405a902f196b1df49912aec0f2d598

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 26385
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14995
x-xss-protection: 0
server: sffe
date: Tue, 23 Jun 2020 06:37:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "aab4b6f9640d8580"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Jun 2021 06:37:32 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F608 5 KB
761 B 23ms
16ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4a7b4babd8d76af2ddc0840bda733cd5a0b409895bb74d5302ff1155c9b32bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Jun 2020 13:08:12 GMT
server: ESF
date: Tue, 23 Jun 2020 13:57:17 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Jun 2020 13:57:17 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F608 5 KB
738 B 29ms
23ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&text=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4a7b4babd8d76af2ddc0840bda733cd5a0b409895bb74d5302ff1155c9b32bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Jun 2020 12:39:16 GMT
server: ESF
date: Tue, 23 Jun 2020 13:57:17 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Jun 2020 13:57:17 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F608 295 B
359 B 30ms
25ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Jun 2020 21:53:20 GMT
x-content-type-options: nosniff
server: cafe
age: 57837
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 23 Jun 2020 21:53:20 GMT

GET
DATA 200
OK truncated
/ Frame F608 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc911888903c69dd030449bbc5508b58c8414eb48fe71655450d70c64cead65d

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012005272217000/ Frame 1F36 202 KB
55 KB 21ms
3ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5233691dffa51e70ae8b66c53b31324e7dfb405de2b01b0bebb41ed2fd52f58a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 10491
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56211
x-xss-protection: 0
server: sffe
date: Tue, 23 Jun 2020 11:02:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9687f63ba3c32530"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Jun 2021 11:02:26 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame 1F36 16 KB
6 KB 20ms
2ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85d3035a8f8ddfdf1e05876bc9339258e279930aeef58b157ee825406a9c9c0c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 26385
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5894
x-xss-protection: 0
server: sffe
date: Tue, 23 Jun 2020 06:37:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "983c44847f51ce73"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Jun 2021 06:37:32 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame 1F36 97 KB
29 KB 25ms
8ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97361dda3d036caf25e270fe716db15f530cfa40f3c6a165d1a6e76a4ac17183

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 10167
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29912
x-xss-protection: 0
server: sffe
date: Tue, 23 Jun 2020 11:07:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8ebd5537ed53cc8f"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Jun 2021 11:07:50 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame 1F36 4 KB
2 KB 24ms
7ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e477ee9acf4d98f1e077d54ed6383388e46b0041762e30de32238cf6aef83df

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 26400
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1720
x-xss-protection: 0
server: sffe
date: Tue, 23 Jun 2020 06:37:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "eedff0e973ca46aa"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Jun 2021 06:37:17 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame 1F36 48 KB
15 KB 23ms
6ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e087f7a19b3c163ff3202a9eee68e1fbc405a902f196b1df49912aec0f2d598

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 26385
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14995
x-xss-protection: 0
server: sffe
date: Tue, 23 Jun 2020 06:37:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "aab4b6f9640d8580"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Jun 2021 06:37:32 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1F36 295 B
359 B 20ms
3ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Jun 2020 21:53:20 GMT
x-content-type-options: nosniff
server: cafe
age: 57837
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 23 Jun 2020 21:53:20 GMT

GET
DATA 200
OK truncated
/ Frame 1F36 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc779acb5da26130dfd21920646b66cf481c2f9fa9475d9c46b0f0cb633e5d12

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3113 2 KB
3 KB 30ms
4ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Jun 2020 23:33:57 GMT
x-content-type-options: nosniff
server: cafe
age: 51800
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 23 Jun 2020 23:33:57 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3113 0
0 56ms
31ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CmS6ePAryXpGgG96W3gPp_LTYCZewuO9diPb3zPMIloLNhYgWEAEgx4P8AWD1lc6B4ASgAZ_1i4wDyAEJ4AIAqAMByAMKqgTDAk_QM4v2S1K1vRkmXD4HVZkZPP79kW0Qe7ob7u03nX-D7E_KOyx7g9hKHEYvWpMmSPQZZYT6M08Ze_UiX4JIYj5iI1d3GU8HjtW3YVD3nar84jAK7VZwXmmLg5ZO3F_rjrRJgIDSKa2X90uz55pvmwyeDL1WadynEaGDkSoffsY6iuKiVhcscPFlrfsx5tHGnZrXU547a1X8WkCSmqObPCw1On53h51GJAB2-o0s1l7UAIFMLTb8AkhVHie5KwjBaB0MFhpmwelmpTZjzs_bbMj9luWirdQQExLpRYn9-csamV8W8jTSReQFZZMsRQ5kBIpZxzBJSq86qzNBXMO4iOn1o4TgGDh-790bhiV33yzf3y4LIa5T3hDkCRbVwbvx1e9YZ_NYbZDQFWJX8fy5Gh09GLgxs19BC7cp_RzF2QZwdNT1wATuuffvgwLgBAGSBQQIBBgBkgUECAUYBKAGLoAHyYr0c6gHjs4bqAfVyRuoB5PYG6gHugaoB_DZG6gH8tkbqAemvhuoB-zVG9gHAPIHBBD05gHSCAcIgGEQARgdgAoByAsB2BMMiBQB&sigh=r-94wlEOYBU&template_id=484&tpd=AGWhJmt4z2Ff82KqmrTpSb20OIYntDqZg_DseFOa6HKCFibb5Q
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s28-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 5439139057868061742
tpc.googlesyndication.com/simgad/ Frame 9C62 39 KB
40 KB 32ms
7ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5439139057868061742?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qm1Wt68mgLAPQdiIzzhY-27Qj4kWg

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ef6b8dd7895bdad76326e7aef51b0ebbfaf5daff8891cad7d4130d6c0beb3b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:11:41 GMT
x-content-type-options: nosniff
last-modified: Sat, 28 Sep 2019 18:15:42 GMT
server: sffe
age: 1169136
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40355
x-xss-protection: 0
expires: Thu, 10 Jun 2021 01:11:41 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9C62 2 KB
3 KB 29ms
5ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Jun 2020 23:33:57 GMT
x-content-type-options: nosniff
server: cafe
age: 51800
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 23 Jun 2020 23:33:57 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 9C62 0
0 57ms
32ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cr42APAryXpOhG96W3gPp_LTYCYmezu5dzbPx4JcLiZfiksgVEAEgx4P8AWD1lc6B4ASgAe-yluICyAECqQLKATOh5PWyPuACAKgDAcgDCKoEwgJP0HJe5yvramVANZYOecfcFV9Wp6EimmoYywomPzV8-ao_uPcKHcYSPWqjGeQTP-1meF052zLL8rVOgCID8-HDurbMrRFkOMpPeyZJIgBXKAN8wSCG1aeJzTEB8HEUcrD4SN9fa5xoPuKX_kEhZXSZUjDSOUugGsUsQbsgvau-YNbFVawCIXButyI2_eOXrZOIomgscuJyoP8d-it4pmAMqqLabj0pBemP4Xf19i7Ks8RPdBb9fkebZRC_yHVTLKEu3-z3Dgjjataknwiv4YwW4crvVl33i8xdHVlKwgWfYkeXyQQe5stzj3sV6inyrNSP2HTY2mgoL16zx0k9rwwlkMXF-BJsd0slYrsJrTo-OBR00StugNUGzet3ND00rHaWBg4GgtYsQh2REPrcZyrTbj7g4Du0Gz6XTm1aqmPqY35GwASEuoSHpwLgBAGSBQQIBBgBkgUECAUYBKAGAoAH-czpnQGoB47OG6gH1ckbqAeT2BuoB7oGqAfw2RuoB_LZG6gHpr4bqAfs1RvYBwHyBwQQqfMH0ggHCIBhEAEYHYAKAcgLAdgTDQ&sigh=otZ5QzhfqS4&tpd=AGWhJmuzDCiH2vVERt4ZbBk8nND5QKAt2bl7nSQet00aEG7mSA
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s28-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/7004055140829198519/ Frame F608 9 KB
9 KB 31ms
6ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7004055140829198519/downsize_200k_v1?sqp=4sqPyQSUAUKRAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhgIrAEQWhgBIAEtAAAAPzCsAThaRQAAgD8&rs=AOga4ql2kvrf5b55pjnbluEozQRlmPapjw

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b6f4a4d1548cffd1f829bf890b046a80108688114b6adf787415ac34849d4fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 08:30:38 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 Jun 2020 03:03:22 GMT
server: sffe
age: 19599
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9287
x-xss-protection: 0
expires: Wed, 23 Jun 2021 08:30:38 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/6252502203365937885/ Frame F608 6 KB
6 KB 16ms
7ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6252502203365937885/downsize_200k_v1?sqp=4sqPyQSLAUKIAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-Mg8I2AQQ2AQYASABLQAAAD8&rs=AOga4qlNEEvey1IK6JFeEWLiddNpgU11qg

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf67b75cbbe817e0ef212d43a869f55003cc3a0b423d8c2536165d17c90b58ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 01:32:47 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 Jun 2020 03:03:22 GMT
server: sffe
age: 44670
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5840
x-xss-protection: 0
expires: Wed, 23 Jun 2021 01:32:47 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F608 0
0 56ms
31ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CHYi3PAryXqSiG96W3gPp_LTYCfbm-OZdqqC2woEMrsPp3Y4OEAEg2tfFOWD1lc6B4ASgAZiJqvsDyAEG4AIAqAMByAMKqgTGAk_QffAjo6IDepM4unfnAu54zcnGqgWvBQzGr_YEs8TMp4uIBS_KtC8fLZbN36ObDJMWR8kR9F1u96j3oSgVhubEFQG7O0V47GJ9HWIKsbri8mPRIV5q5iCx2MSJKVogd2QPZZUzohqIOp86KFR32vvc3J_g-MoR0QIol_QRTneNf4V2r89SwucKEG7oV6AZaNqjMG5b4YA6cKfdbkxlVEKsQ0uj2WgpHBeKQdjrE1-n5zFXJv7Vkn4NxmqJMhfbJ4WxqsIxmroRRnYKcoEqhcbq2T--m87t_J2idsPRIvta3GVV9_i4Zx7bMytkQBoINPIqlDRj9LW1kp3PXPO13jC84Cvh1XKbsgOXw4gGglMss5C9_BDPEezJkcLuLPTlYEu-aS7rb22-W82aNT3WTeyBJKevtnbS4HvCj__eHAmdhfIdB0WqwASIy8q2gAPgBAGSBQQIBBgBkgUECAUYBKAGN4AHuoTOZagHjs4bqAfVyRuoB5PYG6gHugaoB_DZG6gH8tkbqAemvhuoB-zVG9gHAfIHBBC12wXSCAcIgGEQARgd8ggbYWR4LXN1YnN5bi0xNzQyMjQ5NjAzMjg5MDgzgAoDyAsB2BMN&sigh=a7mzkQKsSRE&template_id=492&tpd=AGWhJmtgCdG5Lj9puZh4BN-_bIftMyQdBTCXfmyRhSBOl5mxsA
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s28-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F608 2 KB
3 KB 10ms
5ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Jun 2020 23:33:57 GMT
x-content-type-options: nosniff
server: cafe
age: 51800
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 23 Jun 2020 23:33:57 GMT

GET
H2 200 5439139057868061742
tpc.googlesyndication.com/simgad/ Frame 1F36 39 KB
39 KB 8ms
7ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5439139057868061742?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qm1Wt68mgLAPQdiIzzhY-27Qj4kWg

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ef6b8dd7895bdad76326e7aef51b0ebbfaf5daff8891cad7d4130d6c0beb3b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:11:41 GMT
x-content-type-options: nosniff
last-modified: Sat, 28 Sep 2019 18:15:42 GMT
server: sffe
age: 1169136
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40355
x-xss-protection: 0
expires: Thu, 10 Jun 2021 01:11:41 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1F36 2 KB
3 KB 9ms
8ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Jun 2020 23:33:57 GMT
x-content-type-options: nosniff
server: cafe
age: 51800
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 23 Jun 2020 23:33:57 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 1F36 0
0 56ms
32ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CitU8PAryXsSkG96W3gPp_LTYCYmezu5dzbPx4JcLiZfiksgVEAEgx4P8AWD1lc6B4ASgAe-yluICyAECqQLKATOh5PWyPuACAKgDAcgDCKoEwgJP0F_UKxpl8BFFB-V0Ez1dzT-6GgE_onBPp6ZzqrYLuBhj-ZMTrvdiMlWtA6dz1m7laWdXQRHPrx5UGc5-lh30dru18zA3s_eK8oATSP7w935bfZBcdVy0iMxRXm12V-dgpEdq6ukRG1CKKJ6du9f2DzAyZy1mINdC9uUKZXHJH06YFjaS0UWmvo5LNT2WsqDZDFqMnfyT5tagjhIMyV-AMhUTyjATvRhGhVKjMnGobpfXeMfanbbvKenUjhEbSv-m8ZIknQlQbt7JUF9AJte-kx3N6zxM1c1fGoRtyqfg9hBmVRtVE_wPg7_HECYCwSoqFZTGpZYR65HjVPepGhKqqGsMJXXrPs0k6Oxu2wFUGzpM0EsOAgWY2denFusfJdDa1CnwO6INWk5j68tYoqjC5rUu1KCaby_j2lXxInuMJOumwASEuoSHpwLgBAGSBQQIBBgBkgUECAUYBKAGAoAH-czpnQGoB47OG6gH1ckbqAeT2BuoB7oGqAfw2RuoB_LZG6gHpr4bqAfs1RvYBwHyBwQQkqcQ0ggHCIBhEAEYHYAKAcgLAdgTDQ&sigh=eQj3OAwz_Zk&tpd=AGWhJmve7Kgy9fyv2-1dIzbCejZ6CPpT_MWeeA11DcbZkKImeA
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s28-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2
fonts.gstatic.com/s/googlesans/v16/ Frame A572 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v16/4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f199a20f1fee7dec152b3591272f9715b536ed88b4c36194488fd5a734caf707

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Origin: https://www.bleepingcomputer.com

Response headers

date: Mon, 08 Jun 2020 21:34:18 GMT
x-content-type-options: nosniff
last-modified: Wed, 04 Dec 2019 18:44:26 GMT
server: sffe
age: 1268579
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14608
x-xss-protection: 0
expires: Tue, 08 Jun 2021 21:34:18 GMT

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwZsPF4o.woff2
fonts.gstatic.com/s/googlesans/v16/ Frame A572 14 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v16/4UabrENHsxJlGDuGo1OIlLU94YtzCwZsPF4o.woff2

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1daab0f66666bc3a1d05d70de979a80680d985cc924e233fab61eef2d03bafe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Origin: https://www.bleepingcomputer.com

Response headers

date: Fri, 12 Jun 2020 00:08:18 GMT
x-content-type-options: nosniff
last-modified: Wed, 04 Dec 2019 18:44:18 GMT
server: sffe
age: 1000139
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14816
x-xss-protection: 0
expires: Sat, 12 Jun 2021 00:08:18 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 3113 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Origin: https://www.bleepingcomputer.com

Response headers

date: Wed, 10 Jun 2020 14:25:07 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 1121530
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Thu, 10 Jun 2021 14:25:07 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 3113 11 KB
11 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Origin: https://www.bleepingcomputer.com

Response headers

date: Fri, 12 Jun 2020 00:19:42 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 999455
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11180
x-xss-protection: 0
expires: Sat, 12 Jun 2021 00:19:42 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame F608 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en
Origin: https://www.bleepingcomputer.com

Response headers

date: Fri, 12 Jun 2020 20:41:36 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 926141
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Sat, 12 Jun 2021 20:41:36 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame F608 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en
Origin: https://www.bleepingcomputer.com

Response headers

date: Thu, 11 Jun 2020 20:50:20 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 1012017
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Fri, 11 Jun 2021 20:50:20 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012005272217000/ Frame 612F 202 KB
55 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5233691dffa51e70ae8b66c53b31324e7dfb405de2b01b0bebb41ed2fd52f58a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 10491
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56211
x-xss-protection: 0
server: sffe
date: Tue, 23 Jun 2020 11:02:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9687f63ba3c32530"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Jun 2021 11:02:26 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame 612F 16 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85d3035a8f8ddfdf1e05876bc9339258e279930aeef58b157ee825406a9c9c0c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 26385
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5894
x-xss-protection: 0
server: sffe
date: Tue, 23 Jun 2020 06:37:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "983c44847f51ce73"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Jun 2021 06:37:32 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame 612F 97 KB
29 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97361dda3d036caf25e270fe716db15f530cfa40f3c6a165d1a6e76a4ac17183

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 10167
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29912
x-xss-protection: 0
server: sffe
date: Tue, 23 Jun 2020 11:07:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8ebd5537ed53cc8f"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Jun 2021 11:07:50 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame 612F 4 KB
2 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e477ee9acf4d98f1e077d54ed6383388e46b0041762e30de32238cf6aef83df

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 26400
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1720
x-xss-protection: 0
server: sffe
date: Tue, 23 Jun 2020 06:37:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "eedff0e973ca46aa"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Jun 2021 06:37:17 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame 612F 48 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e087f7a19b3c163ff3202a9eee68e1fbc405a902f196b1df49912aec0f2d598

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 26385
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14995
x-xss-protection: 0
server: sffe
date: Tue, 23 Jun 2020 06:37:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "aab4b6f9640d8580"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Jun 2021 06:37:32 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 612F 4 KB
698 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

02fec5849f8ab7bceb4450d167f382e9079bd3a5d0f33a00942869641811ab3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Jun 2020 12:55:00 GMT
server: ESF
date: Tue, 23 Jun 2020 13:57:17 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Jun 2020 13:57:17 GMT

GET
H2 200 en_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 612F 2 KB
2 KB 8ms
6ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en_bl.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Jun 2020 15:26:38 GMT
x-content-type-options: nosniff
server: cafe
age: 81039
etag: 11660698925711390587
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2471
x-xss-protection: 0
expires: Tue, 23 Jun 2020 15:26:38 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 612F 295 B
359 B 8ms
6ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Jun 2020 21:53:20 GMT
x-content-type-options: nosniff
server: cafe
age: 57837
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 23 Jun 2020 21:53:20 GMT

GET
DATA 200
OK truncated
/ Frame 612F 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 569135d55841395b02a19dd2b8640469ed6af54cec8f9f4df1509f87c6959e3f

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 612F 0
0 46ms
37ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CKisFPAryXoHTM6aH3gPV5I_4B6rqxNNUvIC85rUKwI23ARABINrXxTlg9ZXOgeAEoAHas-HwAsgBAakCZTIp75XDsT7gAgCoAwHIAwqqBMECT9DC93MkLD2AmyhaUOQIBOoWqoPLxhtjFLFEnqR_qV38WFnVOB0yEP9UACpqxX_3MOg8hWMdwhyM3FFWjgwTQOeJEj7mICEyolLMeWrdxWs1_iHv_EPRn0cwdun0raw-BDFTGYUGjbBGBwRteq2xPBPOYbz8gD22PN7GLNbKbDXrwOmVaHpXCciVVWBXLFIiOniNGfU89xnHomPxXs3ZWgnl3sRbsRMi-_XPmoFP1jgguRIhkHD-A6LJxnS4KiHblmLNQGUR4Y2dfPqeD0_2Wykgau0ZJTLuothP7O5H1U_ngbKKUsSOze52RoFCWnFuqpaWWchc7y6sajV-HG0H0sSfAGQBaYRqpQwu7s0Shz15oln_Jtu2FW8F7qykrCsY6O5R8B19kqluVUxbvVKwTyWMiHev8hIsQ25wFqlVver9wAS30f3k-AHgBAGSBQQIBBgBkgUECAUYBKAGUYAHjsyejwGoB47OG6gH1ckbqAeT2BuoB7oGqAfw2RuoB_LZG6gHpr4bqAfs1RvYBwHyBwQQ_sEM0ggHCIBhEAEYHfIIG2FkeC1zdWJzeW4tMTc0MjI0OTYwMzI4OTA4M4AKA8gLAdgTCg&sigh=Mdz_NhV_X8E&tpd=AGWhJmvAZOvUCK8MocVxHd9ZrYuHkm0EA8SDLFTEUGftUS5gnQ
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s28-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 720 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 187f239be41d541c6f3d1281845ea641c9a813b679aeb9853da05870c2c8730d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame A572
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

41ms
41ms

Image
text/html

2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Tue, 23 Jun 2020 13:57:17 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 9C62
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

39ms
39ms

Image
text/html

2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Tue, 23 Jun 2020 13:57:17 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame F608
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

41ms
39ms

Image
text/html

2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Tue, 23 Jun 2020 13:57:17 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 1F36
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

39ms
39ms

Image
text/html

2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Tue, 23 Jun 2020 13:57:17 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

POST
H/1.1 200
OK c Show response
c.pub.network/ 36 B
344 B 124ms
124ms XHR
text/plain 35.226.36.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/c
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/pubfig.messaging.2.1.2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.226.36.58 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.36.226.35.bc.googleusercontent.com
Software: /
Resource Hash: 8892ef2a828d567110621e27d5edb6117640cc698f92387baabf8b98a27dc52b

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Tue, 23 Jun 2020 13:57:17 GMT
Access-Control-Allow-Credentials: true
Content-Length: 36
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain;charset=utf-8

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2
fonts.gstatic.com/s/googlesans/v16/ Frame 612F 14 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v16/4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2

Requested by

Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f199a20f1fee7dec152b3591272f9715b536ed88b4c36194488fd5a734caf707

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Origin: https://www.bleepingcomputer.com

Response headers

date: Mon, 08 Jun 2020 21:34:18 GMT
x-content-type-options: nosniff
last-modified: Wed, 04 Dec 2019 18:44:26 GMT
server: sffe
age: 1268579
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14608
x-xss-protection: 0
expires: Tue, 08 Jun 2021 21:34:18 GMT

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwZsPF4o.woff2
fonts.gstatic.com/s/googlesans/v16/ Frame 612F 14 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v16/4UabrENHsxJlGDuGo1OIlLU94YtzCwZsPF4o.woff2

Requested by

Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1daab0f66666bc3a1d05d70de979a80680d985cc924e233fab61eef2d03bafe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Origin: https://www.bleepingcomputer.com

Response headers

date: Fri, 12 Jun 2020 00:08:18 GMT
x-content-type-options: nosniff
last-modified: Wed, 04 Dec 2019 18:44:18 GMT
server: sffe
age: 1000139
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14816
x-xss-protection: 0
expires: Sat, 12 Jun 2021 00:08:18 GMT

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/ 20 KB
7 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/amp4ads-host-v0.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200618/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7591393ec621a60edd177905f4d609a62ddbfc892c3ecb884f83b9e310459fa

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7224
x-xss-protection: 0
server: sffe
date: Tue, 23 Jun 2020 13:57:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=3000, stale-while-revalidate=1206600
etag: "d1aa8d192e7a5e2d"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Jun 2020 13:57:17 GMT

GET
H2 200 en_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A572 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en_bl.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Jun 2020 15:26:38 GMT
x-content-type-options: nosniff
server: cafe
age: 81039
etag: 11660698925711390587
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2471
x-xss-protection: 0
expires: Tue, 23 Jun 2020 15:26:38 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A572 295 B
359 B 6ms
6ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Jun 2020 21:53:20 GMT
x-content-type-options: nosniff
server: cafe
age: 57837
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 23 Jun 2020 21:53:20 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3113 2 KB
3 KB 6ms
4ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Jun 2020 23:33:57 GMT
x-content-type-options: nosniff
server: cafe
age: 51800
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 23 Jun 2020 23:33:57 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3113 295 B
359 B 8ms
6ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Jun 2020 21:53:20 GMT
x-content-type-options: nosniff
server: cafe
age: 57837
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 23 Jun 2020 21:53:20 GMT

GET
H2 200 5439139057868061742
tpc.googlesyndication.com/simgad/ Frame 9C62 39 KB
39 KB 11ms
10ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5439139057868061742?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qm1Wt68mgLAPQdiIzzhY-27Qj4kWg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ef6b8dd7895bdad76326e7aef51b0ebbfaf5daff8891cad7d4130d6c0beb3b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:11:41 GMT
x-content-type-options: nosniff
last-modified: Sat, 28 Sep 2019 18:15:42 GMT
server: sffe
age: 1169136
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40355
x-xss-protection: 0
expires: Thu, 10 Jun 2021 01:11:41 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9C62 2 KB
3 KB 9ms
8ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Jun 2020 23:33:57 GMT
x-content-type-options: nosniff
server: cafe
age: 51800
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 23 Jun 2020 23:33:57 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9C62 295 B
359 B 7ms
3ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Jun 2020 21:53:20 GMT
x-content-type-options: nosniff
server: cafe
age: 57837
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 23 Jun 2020 21:53:20 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/7004055140829198519/ Frame F608 9 KB
9 KB 11ms
6ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b6f4a4d1548cffd1f829bf890b046a80108688114b6adf787415ac34849d4fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 08:30:38 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 Jun 2020 03:03:22 GMT
server: sffe
age: 19599
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9287
x-xss-protection: 0
expires: Wed, 23 Jun 2021 08:30:38 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/6252502203365937885/ Frame F608 6 KB
6 KB 10ms
6ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf67b75cbbe817e0ef212d43a869f55003cc3a0b423d8c2536165d17c90b58ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 01:32:47 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 Jun 2020 03:03:22 GMT
server: sffe
age: 44670
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5840
x-xss-protection: 0
expires: Wed, 23 Jun 2021 01:32:47 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F608 2 KB
3 KB 11ms
7ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Jun 2020 23:33:57 GMT
x-content-type-options: nosniff
server: cafe
age: 51800
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 23 Jun 2020 23:33:57 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F608 295 B
359 B 11ms
7ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Jun 2020 21:53:20 GMT
x-content-type-options: nosniff
server: cafe
age: 57837
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 23 Jun 2020 21:53:20 GMT

GET
H2 200 5439139057868061742
tpc.googlesyndication.com/simgad/ Frame 1F36 39 KB
39 KB 8ms
4ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5439139057868061742?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qm1Wt68mgLAPQdiIzzhY-27Qj4kWg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ef6b8dd7895bdad76326e7aef51b0ebbfaf5daff8891cad7d4130d6c0beb3b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:11:41 GMT
x-content-type-options: nosniff
last-modified: Sat, 28 Sep 2019 18:15:42 GMT
server: sffe
age: 1169136
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40355
x-xss-protection: 0
expires: Thu, 10 Jun 2021 01:11:41 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1F36 2 KB
3 KB 12ms
7ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Jun 2020 23:33:57 GMT
x-content-type-options: nosniff
server: cafe
age: 51800
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 23 Jun 2020 23:33:57 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1F36 295 B
359 B 12ms
7ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Jun 2020 21:53:20 GMT
x-content-type-options: nosniff
server: cafe
age: 57837
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 23 Jun 2020 21:53:20 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 612F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

39ms
38ms

Image
text/html

2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Tue, 23 Jun 2020 13:57:17 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame CEF2 160 B
1020 B 21ms
21ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_c23da234.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

0c74906851e51d6bf5d282545c33cb2ace5d2a5e91dda9ed9eacc045ef5f091a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 23 Jun 2020 13:57:19 GMT
X-Proxy-Origin: 185.236.201.148; 185.236.201.148; 692.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.49:80
AN-X-Request-Uuid: ff7e2ab4-74f6-461f-bd51-f1a885f12554
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame CEF2 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_c23da234.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: d69eb0c4b5d9482e6bab4d38289dc6c11a55fe378927d689d962d83821eca47f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Jun 2020 13:57:17 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

POST
H/1.1 204
No Content / Show response
hb.emxdgt.com/ Frame CEF2 0
316 B 120ms
33ms XHR
text/html 18.196.104.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=&ts=1592920637734&src=pbjs
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_c23da234.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.104.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-104-43.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 23 Jun 2020 13:57:17 GMT
Content-Type: text/html
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Access-Control-Allow-Headers: security, Content-Type
Content-Length: 0

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame CEF2 1 KB
2 KB 150ms
77ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%229d1f746a%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=9d1f746a-a154-4ba9-9d0f-8282226f7776&pv=9d1f746a-a154-4ba9-9d0f-8282226f7776&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_c23da234.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

953b489bdcb537d93995a4c2ae001f0c3c89cccd50591690c05a40faf815ad96

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 23 Jun 2020 13:57:17 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 584
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame CEF2 166 B
1 KB 106ms
105ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_c23da234.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

04752f6faab353d1207c2b6d5565220b9589b4c0d0cef4fee09d142ab60df42c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 23 Jun 2020 13:57:19 GMT
X-Proxy-Origin: 185.236.201.148; 185.236.201.148; 692.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.253:80
AN-X-Request-Uuid: b0a6e55a-0c75-48d0-966b-870a51478cad
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 166
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 en_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 612F 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en_bl.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Jun 2020 15:26:38 GMT
x-content-type-options: nosniff
server: cafe
age: 81039
etag: 11660698925711390587
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2471
x-xss-protection: 0
expires: Tue, 23 Jun 2020 15:26:38 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 612F 295 B
359 B 6ms
6ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Jun 2020 21:53:20 GMT
x-content-type-options: nosniff
server: cafe
age: 57837
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 23 Jun 2020 21:53:20 GMT

POST
H/1.1 200
OK c Show response
c.pub.network/ 36 B
344 B 124ms
124ms XHR
text/plain 35.226.36.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/c
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/pubfig.messaging.2.1.2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.226.36.58 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.36.226.35.bc.googleusercontent.com
Software: /
Resource Hash: 8892ef2a828d567110621e27d5edb6117640cc698f92387baabf8b98a27dc52b

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Tue, 23 Jun 2020 13:57:17 GMT
Access-Control-Allow-Credentials: true
Content-Length: 36
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain;charset=utf-8

POST
H/1.1 200
OK i Show response
vid-io-dub.springserve.com/vd/ Frame CEF2 0
217 B 1222ms
44ms XHR
text/plain 54.246.177.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io-dub.springserve.com/vd/i?suuid=9d1f746a&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_c23da234.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.177.21 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-177-21.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Tue, 23 Jun 2020 13:57:19 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/ Frame CEF2
Redirect Chain

https://x.bidswitch.net/sync?ssp=sonobi
https://x.bidswitch.net/ul_cb/sync?ssp=sonobi
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=15a31bbd-0c0f-4b70-ab1f-f4fe839f91c2&google_hm=MTVhMzFiYmQtMGMwZi00YjcwLWFiMWYtZjRmZTgzOWY5MWMy
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEE2_Gwy3VYro6BfAgKI15QY&google_cver=1&ssp=sonobi&bsw_param=15a31bbd-0c0f-4b70-ab1f-f4fe839f91c2
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=15a31bbd-0c0f-4b70-ab1f-f4fe839f91c2

49 B
903 B

172ms
24ms

Image
image/gif

178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=15a31bbd-0c0f-4b70-ab1f-f4fe839f91c2

Requested by

Host: blank
URL: about:blank

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Jun 2020 13:57:18 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

status: 302
date: Tue, 23 Jun 2020 13:57:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: //sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=15a31bbd-0c0f-4b70-ab1f-f4fe839f91c2
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/ Frame CEF2
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=db8d61494a&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=db8d61494a&gdpr=0&gdpr_consent=
https://sync.go.sonobi.com/us.gif?nw=td&nuid=e0b927e3-48bc-4d4e-b2ce-eff3d25b6123&pubid=db8d61494a

49 B
840 B

25ms
25ms

Image
image/gif

178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=td&nuid=e0b927e3-48bc-4d4e-b2ce-eff3d25b6123&pubid=db8d61494a

Requested by

Host: blank
URL: about:blank

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Jun 2020 13:57:19 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 Jun 2020 13:57:19 GMT
x-aspnet-version: 4.0.30319
status: 302
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://sync.go.sonobi.com/us.gif?nw=td&nuid=e0b927e3-48bc-4d4e-b2ce-eff3d25b6123&pubid=db8d61494a
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 227

GET

rtset
bh.contextweb.com/bh/ Frame CEF2
Redirect Chain

https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=f41c25fb-8800-4a29-a013-2482b6991358&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=ZEtIVXhDTV9BSGVDcVBrTzNZZlhTQQ&gdpr=&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm=&google_sc=&google_hm=ZEtIVXhDTV9BSGVDcVBrTzNZZlhTQQ&gdpr=&gdpr_consent=&google_tc=
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEKdt--NNeXL_G7RzdlAfjWI&google_cver=1

0
0

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/ Frame CEF2
Redirect Chain

https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID]
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=b9535ef2-0a3d-4a00-8f65-b7a1881c9c62

49 B
903 B

228ms
24ms

Image
image/gif

178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=b9535ef2-0a3d-4a00-8f65-b7a1881c9c62

Requested by

Host: blank
URL: about:blank

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Jun 2020 13:57:18 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Tue, 23 Jun 2020 13:57:17 GMT
Server: MT3 2567 b8d0938 master zrh-pixel-x22
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=b9535ef2-0a3d-4a00-8f65-b7a1881c9c62
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 23 Jun 2020 13:57:16 GMT

GET

RX-2eb3d09b-841a-4e9a-8d6a-87d916c35678-003
sync.targeting.unrulymedia.com/csync/ Frame CEF2
Redirect Chain

https://sync.1rx.io/usersync2/sonobi&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5939897124
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5939897124
https://sync.1rx.io/usersync/tradedesk/e0b927e3-48bc-4d4e-b2ce-eff3d25b6123
https://sync.targeting.unrulymedia.com/csync/RX-2eb3d09b-841a-4e9a-8d6a-87d916c35678-003?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Drhythmxchange%26nuid%3DRX-2eb3d09b-841a-4e9a-8d6a-87d...

0
0

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/ Frame CEF2
Redirect Chain

https://p.rfihub.com/cm?pub=35683&in=1
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1041527798479577882

49 B
781 B

184ms
25ms

Image
image/gif

178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1041527798479577882

Requested by

Host: blank
URL: about:blank

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Jun 2020 13:57:18 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location: https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1041527798479577882
Server: Jetty(9.0.6.v20130930)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

usg.gif
sync.go.sonobi.com/ Frame CEF2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=ZjQxYzI1ZmItODgwMC00YTI5LWEwMTMtMjQ4MmI2OTkxMzU4
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEMyehBo7CAZUsgx6vv3lCw8&google_cver=1

49 B
792 B

205ms
24ms

Image
image/gif

178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usg.gif?google_gid=CAESEMyehBo7CAZUsgx6vv3lCw8&google_cver=1

Requested by

Host: blank
URL: about:blank

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Jun 2020 13:57:18 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 Jun 2020 13:57:17 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.go.sonobi.com/usg.gif?google_gid=CAESEMyehBo7CAZUsgx6vv3lCw8&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 288
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A572 0
0 30ms
30ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C0gZQPAryXoWfG96W3gPp_LTYCf26ie5diurssIEL3oq5wI0OEAEgx4P8AWD1lc6B4ASgAeT4i-MDyAEB4AIAqAMBqgTBAk_Q4kFK4ooYJnHuLLNhjo7p5Z-jOOZ2KMLht-13do26Nw8RYR_py-rn4Idb6xC_CbYtjb_lCSN6sPRiqY20ig_ISm-oOEBcNVKr0H__2xKAG4r0kgGkuU7pgYogiI-S_opPy3pLbvQpRkzBlQ_GjdJQxDSMtwKUM4d7JuvlutGB8LDi5QnYDSuVXtj2CJLLbrD16SLceWdyEIU4Mj27q1v4rKXZQjc5sSaufuE9R_0qrxmAtc8ypkc-hpsubG_xMNHMrQTr_wJrXXyGKr_9n9PC2Q8Zbv92awuADvopsJfSNAL4xwVNrx7bzgHSH3brXC-KLK95j6tPbOrZGb7KXI65zD9HOUViu0z06ZkZ6K6XEqx5K4VIvFvJJjdgNAxrZyHCO5saq1fdxW7FIhYsJgy-G_9uFjHVJrWlq7gcI7SOlMAEkJfOk5QD4AQBgAeWgeUBqAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcB8gcEEOfQB9IIBwiAYRABGB2ACgHICwHYEwOIFAI&sigh=aOfQp81x5EM&vt=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s28-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame A572 42 B
112 B 16ms
15ms Image
image/gif 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsugc9UwKKa4ynO9I7vqwnPqxwFIh2lmPjiJ_mh1TKel0I3qO9PZ2_9dqdgyFXR3fyqvFKtI4YKrcBZhwzI1WtKD5somX5VyZgY-nO_FgmuTb2vhyaEJ301P4hQ&sai=AMfl-YQH2nAx8P2R58aHOGdg4H_jc15-h7nOHoJweMf4_PkSMIXBkP-VtN87U9PLcpthAxJOy2ftGLR_S2jhDz6QmvmVfMtAlVt3UiFqVNZ5&sig=Cg0ArKJSzN8SCQmWA4snEAE&id=ampim&o=436,146&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=437&tls=1437&g=100&h=100&tt=1437&r=v&avms=ampa&adk=960084856

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jun 2020 13:57:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 612F 42 B
107 B 15ms
15ms Image
image/gif 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssN29ZZQ06aiYEF1v9YRGMw8L6q6-sybbuONPtXUoKMCX0PmNzMmuZ6sJNMjHGIgX8M2CW0Crdl9auSB_q1Ff7NqRUQNSBp9CahZlkx-92yh98oIx4wnVKfG_0&sai=AMfl-YSDFhVkUcESPNA0dnrXbZf6laUzJreKWBuho-odPBwp5e6rwX1mzDx5HeqPGp_YKzX7Zk2Qq-Cg00Es6frw0z8NJ8g-Elr8YEiMXDl9FA&sig=Cg0ArKJSzM-otmLPS5TnEAE&id=ampim&o=436,1110&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=151&tls=1151&g=100&h=100&tt=1151&r=v&avms=ampa&adk=3056404191

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jun 2020 13:57:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 193A 2 KB
1 KB 43ms
43ms XHR
application/xml 52.50.72.216
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/25993/connatix.playspace.dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.72.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-72-216.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1b370f8d3f7387b086d15fc9214622db1b35da4658fd702e4b96898fc7ab0d77

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Jun 2020 13:57:18 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 861

GET
H2 200 vpaid_c23da234.js Show response
vpaid.springserve.com/production/ Frame F790 494 KB
113 KB 252ms
252ms Script
application/javascript 2001:4de0:ac18::1:a:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_c23da234.js
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/25993/connatix.playspace.dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 117739f2fc09e108216046527c52e7d473e75265ee7db8af52f42908bf20fcec

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:57:19 GMT
content-encoding: gzip
last-modified: Mon, 22 Jun 2020 13:33:42 GMT
server: AmazonS3
x-amz-request-id: 039BCE32F31EBA35
etag: "e93bc836bba2a072a5f050b8863b8319"
x-hw: 1592920638.dop161.fr8.t,1592920638.cds108.fr8.hn,1592920639.cds073.fr8.c
content-type: application/javascript
status: 200
cache-control: max-age=2543697
accept-ranges: bytes
access-control-allow-origin: *
content-length: 115255
x-amz-id-2: wWsIeAoXb/7bRAOOevxzOWQco3SLVPV181WbYYisAfj/O/0coOCHGX/UW+vP9uiXfDGz/FKpHLk=

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame F790 160 B
866 B 21ms
21ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_c23da234.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

66032fa7a59a95e29fe4126ee8fb861cf1ae70a2a286764bb6155fed259be6a6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 23 Jun 2020 13:57:21 GMT
X-Proxy-Origin: 185.236.201.148; 185.236.201.148; 692.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.230:80
AN-X-Request-Uuid: 9083f1bc-59a0-457c-ae19-5183ab7a5104
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame F790 150 B
340 B 12ms
12ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_c23da234.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 44ea18dee59aadb697f0dd2a2919b33321429a24dd65f7720db44c9cf2c681b5

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Jun 2020 13:57:19 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

POST
H/1.1 204
No Content / Show response
hb.emxdgt.com/ Frame F790 0
316 B 52ms
51ms XHR
text/html 18.196.104.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=&ts=1592920639230&src=pbjs
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_c23da234.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.104.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-104-43.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 23 Jun 2020 13:57:18 GMT
Content-Type: text/html
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Access-Control-Allow-Headers: security, Content-Type
Content-Length: 0

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame F790 1 KB
2 KB 87ms
87ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%223dd4be23%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=3dd4be23-9d53-4d35-aa92-08584981e4d3&pv=3dd4be23-9d53-4d35-aa92-08584981e4d3&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_c23da234.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

e68b8aa98b8226bc9c0006ea5642ecf65bec07fa8e4269a85939919458049504

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 23 Jun 2020 13:57:19 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-128
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 582
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame F790 160 B
866 B 26ms
26ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_c23da234.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

69c9b95ffc068723a3093b065a59bac94373eb0a504b2de208fd47abee537f90

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 23 Jun 2020 13:57:21 GMT
X-Proxy-Origin: 185.236.201.148; 185.236.201.148; 692.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.178:80
AN-X-Request-Uuid: 7b8be52f-7808-4495-88be-dc1caeeda6d6
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/ Frame F790
Redirect Chain

https://x.bidswitch.net/sync?ssp=sonobi
https://x.bidswitch.net/ul_cb/sync?ssp=sonobi
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=sonobi&bsw_custom_parameter=e875ef92-2129-47e8-bf9b-e521e6741a34
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=sonobi&bsw_custom_parameter=e875ef92-2129-47e8-bf9b-e521e6741a34
https://x.bidswitch.net/sync?dsp_id=4&user_id=9e6af0a3-76ba-447b-883e-e283009bfafb&ssp=sonobi&expires=30&user_group=5&bsw_param=e875ef92-2129-47e8-bf9b-e521e6741a34
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=e875ef92-2129-47e8-bf9b-e521e6741a34

49 B
840 B

25ms
25ms

Image
image/gif

178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=e875ef92-2129-47e8-bf9b-e521e6741a34

Requested by

Host: blank
URL: about:blank

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Jun 2020 13:57:19 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

status: 302
date: Tue, 23 Jun 2020 13:57:19 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: //sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=e875ef92-2129-47e8-bf9b-e521e6741a34
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/ Frame F790
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=db8d61494a&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=db8d61494a&gdpr=0&gdpr_consent=
https://sync.go.sonobi.com/us.gif?nw=td&nuid=05b4e9a6-1931-4111-bf25-e7b15074bef8&pubid=db8d61494a

49 B
840 B

24ms
24ms

Image
image/gif

178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=td&nuid=05b4e9a6-1931-4111-bf25-e7b15074bef8&pubid=db8d61494a

Requested by

Host: blank
URL: about:blank

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Jun 2020 13:57:19 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 Jun 2020 13:57:19 GMT
x-aspnet-version: 4.0.30319
status: 302
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://sync.go.sonobi.com/us.gif?nw=td&nuid=05b4e9a6-1931-4111-bf25-e7b15074bef8&pubid=db8d61494a
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 227

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/ Frame F790
Redirect Chain

https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID]
https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID]&mm_bnc&mm_bct&UUID=be155ef2-0a3e-4400-a563-8d2a93a353fd
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=be155ef2-0a3e-4400-a563-8d2a93a353fd

49 B
840 B

27ms
26ms

Image
image/gif

178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=be155ef2-0a3e-4400-a563-8d2a93a353fd

Requested by

Host: blank
URL: about:blank

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Jun 2020 13:57:19 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Tue, 23 Jun 2020 13:57:19 GMT
Server: MT3 2567 b8d0938 master zrh-pixel-x14
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=be155ef2-0a3e-4400-a563-8d2a93a353fd
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 23 Jun 2020 13:57:18 GMT

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/ Frame F790
Redirect Chain

https://sync.1rx.io/usersync2/sonobi&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4442914089
https://sync.1rx.io/usersync/tradedesk/05b4e9a6-1931-4111-bf25-e7b15074bef8
https://sync.targeting.unrulymedia.com/csync/RX-4567d9b4-88aa-484e-8a02-6e8f39c19cc4-003?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Drhythmxchange%26nuid%3DRX-4567d9b4-88aa-484e-8a02-6e8...
https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-4567d9b4-88aa-484e-8a02-6e8f39c19cc4-003

49 B
847 B

24ms
24ms

Image
image/gif

178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-4567d9b4-88aa-484e-8a02-6e8f39c19cc4-003

Requested by

Host: blank
URL: about:blank

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Jun 2020 13:57:19 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Tue, 23 Jun 2020 13:57:20 GMT
Server: nginx
ETag: RX4567d9b488aa484e8a026e8f39c19cc4003
Transfer-Encoding: chunked
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location: https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-4567d9b4-88aa-484e-8a02-6e8f39c19cc4-003
Connection: keep-alive
Content-Type: text/html

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/ Frame F790
Redirect Chain

https://p.rfihub.com/cm?pub=35683&in=1
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1582241218440847997

49 B
777 B

24ms
24ms

Image
image/gif

178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1582241218440847997

Requested by

Host: blank
URL: about:blank

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Jun 2020 13:57:19 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location: https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1582241218440847997
Server: Jetty(9.0.6.v20130930)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

POST
H/1.1 200
OK i Show response
vid-io-dub.springserve.com/vd/ Frame F790 0
217 B 44ms
44ms XHR
text/plain 54.246.177.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io-dub.springserve.com/vd/i?suuid=3dd4be23&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_c23da234.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.177.21 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-177-21.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Tue, 23 Jun 2020 13:57:19 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/ Frame F790
Redirect Chain

https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=0167fe57-2e6e-4898-a698-a9643e496519&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=fa7jTyLqZION

49 B
707 B

24ms
24ms

Image
image/gif

178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=pp&nuid=fa7jTyLqZION

Requested by

Host: blank
URL: about:blank

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Jun 2020 13:57:19 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
status: 302
content-language: en-US
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location: https://sync.go.sonobi.com/us.gif?nw=pp&nuid=fa7jTyLqZION
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-6b7d6786d5-p678s
expires: -1

GET
H/1.1

200
OK

usg.gif
sync.go.sonobi.com/ Frame F790
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=MDE2N2ZlNTctMmU2ZS00ODk4LWE2OTgtYTk2NDNlNDk2NTE5
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEKqh_3CHNtllr8WqGY-D-SE&google_cver=1

49 B
788 B

25ms
24ms

Image
image/gif

178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usg.gif?google_gid=CAESEKqh_3CHNtllr8WqGY-D-SE&google_cver=1

Requested by

Host: blank
URL: about:blank

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Jun 2020 13:57:19 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 Jun 2020 13:57:19 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.go.sonobi.com/usg.gif?google_gid=CAESEKqh_3CHNtllr8WqGY-D-SE&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 288
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 193A 2 KB
1 KB 43ms
43ms XHR
application/xml 52.50.72.216
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/25993/connatix.playspace.dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.72.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-72-216.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8fa31c510effa7473eb3a0828e56803c1baccc72ec5541bd66eb7e245d369e00

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Jun 2020 13:57:19 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 859

GET
H2 200 vpaid_c23da234.js Show response
vpaid.springserve.com/production/ Frame A95D 494 KB
113 KB 8ms
8ms Script
application/javascript 2001:4de0:ac18::1:a:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_c23da234.js
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/25993/connatix.playspace.dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 117739f2fc09e108216046527c52e7d473e75265ee7db8af52f42908bf20fcec

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 13:57:19 GMT
content-encoding: gzip
last-modified: Mon, 22 Jun 2020 13:33:42 GMT
server: AmazonS3
x-amz-request-id: 039BCE32F31EBA35
etag: "e93bc836bba2a072a5f050b8863b8319"
x-hw: 1592920639.dop161.fr8.t,1592920639.cds108.fr8.hn,1592920639.cds073.fr8.c
content-type: application/javascript
status: 200
cache-control: max-age=2543697
accept-ranges: bytes
access-control-allow-origin: *
content-length: 115255
x-amz-id-2: wWsIeAoXb/7bRAOOevxzOWQco3SLVPV181WbYYisAfj/O/0coOCHGX/UW+vP9uiXfDGz/FKpHLk=

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame A95D 160 B
865 B 21ms
21ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_c23da234.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

8c6a3015fbfd2cb6c00d22fb2ce9d197d4034727a76d94501eb0540cee8ad003

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 23 Jun 2020 13:57:21 GMT
X-Proxy-Origin: 185.236.201.148; 185.236.201.148; 692.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.12:80
AN-X-Request-Uuid: a0ac1641-aae5-498b-a191-bffe9c7d225e
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame A95D 150 B
340 B 12ms
12ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_c23da234.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: eeba52faae8a2c59e8ab19d238cb68f48246d19d6ce678515e31cd464b8a58b3

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Jun 2020 13:57:19 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

POST
H/1.1 204
No Content / Show response
hb.emxdgt.com/ Frame A95D 0
316 B 42ms
42ms XHR
text/html 18.196.104.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=&ts=1592920639456&src=pbjs
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_c23da234.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.104.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-104-43.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 23 Jun 2020 13:57:18 GMT
Content-Type: text/html
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Access-Control-Allow-Headers: security, Content-Type
Content-Length: 0

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame A95D 493 B
1 KB 99ms
98ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%22c1f8b8e0%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=c1f8b8e0-7fdb-47fc-9dee-8ba00f47fb46&pv=c1f8b8e0-7fdb-47fc-9dee-8ba00f47fb46&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_c23da234.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

d41de9899e332ab82a5baeea6b46edc20b2e863e01cce36421e9ec94ffd4988a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 23 Jun 2020 13:57:19 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-128
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 348
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame A95D 160 B
866 B 23ms
23ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_c23da234.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

3100d1ba41f7b830697f3bb2efe2e8cfa0299ab13f2aabeb0b23f29a49153c95

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 23 Jun 2020 13:57:21 GMT
X-Proxy-Origin: 185.236.201.148; 185.236.201.148; 692.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.238:80
AN-X-Request-Uuid: 0edc6054-4499-484f-8a3c-a65d02c7c35b
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/ Frame A95D
Redirect Chain

https://x.bidswitch.net/sync?ssp=sonobi
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=e875ef92-2129-47e8-bf9b-e521e6741a34&google_hm=ZTg3NWVmOTItMjEyOS00N2U4LWJmOWItZTUyMWU2NzQxYTM0
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEKfJAfexIc_mRTIMwh-U0Uw&google_cver=1&ssp=sonobi&bsw_param=e875ef92-2129-47e8-bf9b-e521e6741a34
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=e875ef92-2129-47e8-bf9b-e521e6741a34

49 B
731 B

25ms
24ms

Image
image/gif

178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=e875ef92-2129-47e8-bf9b-e521e6741a34

Requested by

Host: blank
URL: about:blank

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Jun 2020 13:57:19 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

status: 302
date: Tue, 23 Jun 2020 13:57:19 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: //sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=e875ef92-2129-47e8-bf9b-e521e6741a34
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/ Frame A95D
Redirect Chain

https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=0167fe57-2e6e-4898-a698-a9643e496519&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=fa7jTyLqZION

49 B
707 B

25ms
24ms

Image
image/gif

178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=pp&nuid=fa7jTyLqZION

Requested by

Host: blank
URL: about:blank

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Jun 2020 13:57:19 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
status: 302
content-language: en-US
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location: https://sync.go.sonobi.com/us.gif?nw=pp&nuid=fa7jTyLqZION
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-6b7d6786d5-p678s
expires: -1

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/ Frame A95D
Redirect Chain

https://sync.1rx.io/usersync2/sonobi&gdpr=0&gdpr_consent=
https://x.bidswitch.net/sync?ssp=adconductor&rndcb=7724772278
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=adconductor
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=adconductor
https://x.bidswitch.net/sync?dsp_id=70&user_id=2302711733231580052&ssp=adconductor
https://sync.1rx.io/usersync/bidswitch/e875ef92-2129-47e8-bf9b-e521e6741a34?gdpr=&gdpr_consent=
https://sync.targeting.unrulymedia.com/csync/RX-4567d9b4-88aa-484e-8a02-6e8f39c19cc4-003?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Drhythmxchange%26nuid%3DRX-4567d9b4-88aa-484e-8a02-6e8...
https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-4567d9b4-88aa-484e-8a02-6e8f39c19cc4-003

49 B
738 B

27ms
26ms

Image
image/gif

178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-4567d9b4-88aa-484e-8a02-6e8f39c19cc4-003

Requested by

Host: blank
URL: about:blank

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Jun 2020 13:57:19 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Tue, 23 Jun 2020 13:57:20 GMT
Server: nginx
ETag: RX4567d9b488aa484e8a026e8f39c19cc4003
Transfer-Encoding: chunked
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location: https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-4567d9b4-88aa-484e-8a02-6e8f39c19cc4-003
Connection: keep-alive
Content-Type: text/html

POST
H/1.1 200
OK i Show response
vid-io-dub.springserve.com/vd/ Frame A95D 0
217 B 45ms
45ms XHR
text/plain 54.246.177.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io-dub.springserve.com/vd/i?suuid=c1f8b8e0&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_c23da234.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.177.21 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-177-21.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Tue, 23 Jun 2020 13:57:19 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200
OK abt Show response
capi.connatix.com/tr/ Frame 193A 0
265 B 133ms
132ms XHR
multipart/form-data 3.132.125.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/abt
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/25993/connatix.playspace.dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.132.125.47 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-132-125-47.us-east-2.compute.amazonaws.com
Software: openresty/1.15.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Tue, 23 Jun 2020 13:57:20 GMT
Access-Control-Allow-Credentials: true
Server: openresty/1.15.8.2
Connection: keep-alive
Content-Length: 0
Content-Type: multipart/form-data

POST
H2 200 v2qqqKIyznZj7x1Jt4Gm8FpJBtzVJQP_WiyNSWUDeNa68NnlJmmSTqMIaEH6I1mmBECzY-bPuPw9Zp_zY Show response
dapperdiscussion.com/ 194 B
277 B 43ms
43ms Fetch
application/json 35.190.64.11
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dapperdiscussion.com/v2qqqKIyznZj7x1Jt4Gm8FpJBtzVJQP_WiyNSWUDeNa68NnlJmmSTqMIaEH6I1mmBECzY-bPuPw9Zp_zY

Requested by

Host: dapperdiscussion.com
URL: https://dapperdiscussion.com/v2mojjRqxm0uSiopiD-aABaVl-1eYGn-9jdzP46hyVV260JPOwzzIpayjWhZBI5i-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.64.11 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

11.64.190.35.bc.googleusercontent.com

Software

Resource Hash

9965f795fc289880266b446905901a92fa25c228d458172e2ca029b842ae2091

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
status: 200
date: Tue, 23 Jun 2020 13:57:21 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: jane
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 194
expires: Tue, 23 Jun 2020 13:57:20 GMT

POST
H/1.1 200
OK st Show response
capi.connatix.com/tr/ Frame 193A 0
279 B 132ms
132ms XHR
multipart/form-data 3.132.125.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/st
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/25993/connatix.playspace.dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.132.125.47 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-132-125-47.us-east-2.compute.amazonaws.com
Software: openresty/1.15.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Tue, 23 Jun 2020 13:57:22 GMT
Access-Control-Allow-Credentials: true
Server: openresty/1.15.8.2
Connection: keep-alive
transfer-encoding: chunked
Content-Type: multipart/form-data

GET
H2

200

pd
eu-u.openx.net/w/1.0/ Frame 380B
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0&us_privacy=1---
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0&us_privacy=1---

0
0

31ms
31ms

Document
text/html

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0&us_privacy=1---
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.188.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0&us_privacy=1---
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=b816b88b-9c2d-0c7e-2d88-67be050312cc|1592920642
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=b816b88b-9c2d-0c7e-2d88-67be050312cc|1592920642; Version=1; Expires=Wed, 23-Jun-2021 13:57:22 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1592920642|mOgqgikin0fcvNmWiygu; Version=1; Expires=Wed, 08-Jul-2020 13:57:22 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.188.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Tue, 23 Jun 2020 13:57:22 GMT
content-type: text/html
content-length: 532
content-encoding: gzip
via: 1.1 google
alt-svc: clear

Redirect headers

status: 302
set-cookie: i=b816b88b-9c2d-0c7e-2d88-67be050312cc|1592920642; Version=1; Expires=Wed, 23-Jun-2021 13:57:22 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.188.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0&us_privacy=1---
date: Tue, 23 Jun 2020 13:57:22 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H2 200 iframe
mantodea.mantisadnetwork.com/prebid/ Frame C5F3 0
0 153ms
152ms Document
text/html 52.20.31.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=-120&buster=1592920636247&secure=true&version=9&mobile=false&uuid=cdf1ecdc-b7e9-495f-8d47-efdbabc16501&title=Extortionists%20threaten%20to%20destroy%20sites%20in%20fake%20ransom%20attacks&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fextortionists-threaten-to-destroy-sites-in-fake-ransom-attacks%2F
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.20.31.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-20-31-155.compute-1.amazonaws.com
Software: / Express
Resource Hash

Request headers

:method: GET
:authority: mantodea.mantisadnetwork.com
:scheme: https
:path: /prebid/iframe?tz=-120&buster=1592920636247&secure=true&version=9&mobile=false&uuid=cdf1ecdc-b7e9-495f-8d47-efdbabc16501&title=Extortionists%20threaten%20to%20destroy%20sites%20in%20fake%20ransom%20attacks&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fextortionists-threaten-to-destroy-sites-in-fake-ransom-attacks%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/

Response headers

status: 200
date: Tue, 23 Jun 2020 13:57:22 GMT
content-type: text/html; charset=utf-8
content-length: 332
x-powered-by: Express
vary: Origin
access-control-allow-credentials: true
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
expires: -1
etag: W/"14c-9r5Bjy6XDsnlA90RhdhNIIvVOvI"

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame A6C5 0
0 84ms
26ms Document
text/html 23.210.249.83
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.83 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-83.deploy.static.akamaitechnologies.com
Software: nginx/1.9.13 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/

Response headers

Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Server: nginx/1.9.13
Content-Type: text/html
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Wed, 23 Jun 2021 13:57:22 GMT
Date: Tue, 23 Jun 2020 13:57:22 GMT
Connection: keep-alive

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame 6333 0
0 92ms
30ms Document
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Fri, 29 May 2020 23:03:21 GMT
Content-Encoding: gzip
Content-Length: 9233
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=77439
Expires: Wed, 24 Jun 2020 11:28:01 GMT
Date: Tue, 23 Jun 2020 13:57:22 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame B169 0
0 141ms
82ms Document
text/html 23.210.249.92
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.92 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-92.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/

Response headers

Last-Modified: Tue, 14 Apr 2020 10:27:52 GMT
ETag: "13006b6-a4bb-5a33da6f1a023"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 15243
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=34897
Expires: Tue, 23 Jun 2020 23:38:59 GMT
Date: Tue, 23 Jun 2020 13:57:22 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2

200

sync
eb2.3lift.com/ Frame F820
Redirect Chain

https://eb2.3lift.com/sync?us_privacy=1---&
https://eb2.3lift.com/sync?us_privacy=1---&&ld=1

0
0

19ms
18ms

Document
text/html

35.157.99.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.99.11 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-99-11.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: eb2.3lift.com
:scheme: https
:path: /sync?us_privacy=1---&&ld=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: tluid=17001917279495842622
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/

Response headers

status: 200
date: Tue, 23 Jun 2020 13:57:22 GMT
content-type: text/html; charset=utf-8
content-length: 457
set-cookie: sync=CgoIgQIQ-6jgi64uCgoIoQEQ-6jgi64uCgoI4gEQ-6jgi64uCgoI5gEQ-6jgi64uCgoI1gEQ-6jgi64uCgoIhwIQ-6jgi64uCgkIOhD7qOCLri4KCQgLEPuo4IuuLgoJCF8Q-6jgi64uCgkIHxD7qOCLri4=; Max-Age=7776000; Expires=Mon, 21 Sep 2020 13:57:22 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=17001917279495842622; Max-Age=7776000; Expires=Mon, 21 Sep 2020 13:57:22 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

Redirect headers

status: 302
date: Tue, 23 Jun 2020 13:57:22 GMT
content-length: 0
set-cookie: tluid=17001917279495842622; Max-Age=7776000; Expires=Mon, 21 Sep 2020 13:57:22 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
location: /sync?us_privacy=1---&&ld=1
cache-control: no-cache, no-store, must-revalidate
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 204 index.html
cdn.districtm.io/ids/ Frame 525A 0
0 35ms
33ms Document
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html?ccpa=1---
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: cdn.districtm.io
:scheme: https
:path: /ids/index.html?ccpa=1---
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/

Response headers

status: 204
date: Tue, 23 Jun 2020 13:57:22 GMT
set-cookie: __cfduid=d0d0644b4af4caaa3272b5e4327fb37c31592920642; expires=Thu, 23-Jul-20 13:57:22 GMT; path=/; domain=.districtm.io; HttpOnly; SameSite=Lax
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: GET, HEAD, POST, OPTIONS
cf-request-id: 0383112c490000cc4e58aac200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 5a7eb7c079eacc4e-ZRH

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame FDAE 0
0 100ms
64ms Document
text/html 23.210.249.83
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.83 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-83.deploy.static.akamaitechnologies.com
Software: nginx/1.9.13 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/

Response headers

Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Server: nginx/1.9.13
Content-Type: text/html
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Wed, 23 Jun 2021 13:57:22 GMT
Date: Tue, 23 Jun 2020 13:57:22 GMT
Connection: keep-alive

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame BB4F 0
0 30ms
30ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0&us_privacy=1---
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.188.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0&us_privacy=1---
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=b816b88b-9c2d-0c7e-2d88-67be050312cc|1592920642
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=b816b88b-9c2d-0c7e-2d88-67be050312cc|1592920642; Version=1; Expires=Wed, 23-Jun-2021 13:57:22 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1592920642|mOgqgikin0fcvNmWiygu; Version=1; Expires=Wed, 08-Jul-2020 13:57:22 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.188.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Tue, 23 Jun 2020 13:57:22 GMT
content-type: text/html
content-length: 532
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 204 index.html
cdn.districtm.io/ids/ Frame 67F7 0
0 23ms
22ms Document
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html?ccpa=1---
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: cdn.districtm.io
:scheme: https
:path: /ids/index.html?ccpa=1---
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/

Response headers

status: 204
date: Tue, 23 Jun 2020 13:57:22 GMT
set-cookie: __cfduid=d0d0644b4af4caaa3272b5e4327fb37c31592920642; expires=Thu, 23-Jul-20 13:57:22 GMT; path=/; domain=.districtm.io; HttpOnly; SameSite=Lax
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: GET, HEAD, POST, OPTIONS
cf-request-id: 0383112c6f0000cc4e58ab1200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 5a7eb7c0bab5cc4e-ZRH

GET
H2 200 iframe
mantodea.mantisadnetwork.com/prebid/ Frame 9201 0
0 116ms
115ms Document
text/html 52.20.31.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=-120&buster=1592920636527&secure=true&version=9&mobile=false&uuid=cdf1ecdc-b7e9-495f-8d47-efdbabc16501&title=Extortionists%20threaten%20to%20destroy%20sites%20in%20fake%20ransom%20attacks&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fextortionists-threaten-to-destroy-sites-in-fake-ransom-attacks%2F
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.20.31.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-20-31-155.compute-1.amazonaws.com
Software: / Express
Resource Hash

Request headers

:method: GET
:authority: mantodea.mantisadnetwork.com
:scheme: https
:path: /prebid/iframe?tz=-120&buster=1592920636527&secure=true&version=9&mobile=false&uuid=cdf1ecdc-b7e9-495f-8d47-efdbabc16501&title=Extortionists%20threaten%20to%20destroy%20sites%20in%20fake%20ransom%20attacks&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fextortionists-threaten-to-destroy-sites-in-fake-ransom-attacks%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/

Response headers

status: 200
date: Tue, 23 Jun 2020 13:57:22 GMT
content-type: text/html; charset=utf-8
content-length: 332
x-powered-by: Express
vary: Origin
access-control-allow-credentials: true
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
expires: -1
etag: W/"14c-9r5Bjy6XDsnlA90RhdhNIIvVOvI"

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame 7AF4 0
0 143ms
40ms Document
text/html 23.210.249.92
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.11.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.92 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-92.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/

Response headers

Last-Modified: Tue, 14 Apr 2020 10:27:52 GMT
ETag: "13006b6-a4bb-5a33da6f1a023"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 15243
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=34897
Expires: Tue, 23 Jun 2020 23:38:59 GMT
Date: Tue, 23 Jun 2020 13:57:22 GMT
Connection: keep-alive
Vary: Accept-Encoding

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Domain: tlx.3lift.com
URL: https://tlx.3lift.com/header/auction?lib=prebid&v=3.11.0&referrer=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fextortionists-threaten-to-destroy-sites-in-fake-ransom-attacks%2F&tmax=1200&gdpr=false&us_privacy=1---

Domain: bh.contextweb.com
URL: https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEKdt--NNeXL_G7RzdlAfjWI&google_cver=1

Domain: sync.targeting.unrulymedia.com
URL: https://sync.targeting.unrulymedia.com/csync/RX-2eb3d09b-841a-4e9a-8d6a-87d916c35678-003?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Drhythmxchange%26nuid%3DRX-2eb3d09b-841a-4e9a-8d6a-87d916c35678-003

Verdicts & Comments Add Verdict or Comment

200 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://freestar-io.videoplayerhub.com/gallery.js(Line 1) Message: Video gallery initializing
console-api	info	URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js(Line 1) Message: %cPubfig background: #00C389; color: #fff; border-radius: 3px; padding: 3px pubfig.messaging.js - Init ========== LOADING MESSAGING ==========
console-api	info	URL: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js(Line 410) Message: Powered by AMP ⚡ HTML – Version 2005272217000 https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
console-api	info	URL: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js(Line 410) Message: Powered by AMP ⚡ HTML – Version 2005272217000 https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
console-api	info	URL: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js(Line 410) Message: Powered by AMP ⚡ HTML – Version 2005272217000 https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
console-api	info	URL: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js(Line 410) Message: Powered by AMP ⚡ HTML – Version 2005272217000 https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
console-api	info	URL: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js(Line 410) Message: Powered by AMP ⚡ HTML – Version 2005272217000 https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
console-api	info	URL: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js(Line 410) Message: Powered by AMP ⚡ HTML – Version 2005272217000 https://www.bleepingcomputer.com/news/security/extortionists-threaten-to-destroy-sites-in-fake-ransom-attacks/
console-api	warning	URL: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js(Line 21) Message: [amp-analytics/transport] Response unparseable or failed to send image request https://securepubads.g.doubleclick.net/pagead/adview?ai=C0gZQPAryXoWfG96W3gPp_LTYCf26ie5diurssIEL3oq5wI0OEAEgx4P8AWD1lc6B4ASgAeT4i-MDyAEB4AIAqAMBqgTBAk_Q4kFK4ooYJnHuLLNhjo7p5Z-jOOZ2KMLht-13do26Nw8RYR_py-rn4Idb6xC_CbYtjb_lCSN6sPRiqY20ig_ISm-oOEBcNVKr0H__2xKAG4r0kgGkuU7pgYogiI-S_opPy3pLbvQpRkzBlQ_GjdJQxDSMtwKUM4d7JuvlutGB8LDi5QnYDSuVXtj2CJLLbrD16SLceWdyEIU4Mj27q1v4rKXZQjc5sSaufuE9R_0qrxmAtc8ypkc-hpsubG_xMNHMrQTr_wJrXXyGKr_9n9PC2Q8Zbv92awuADvopsJfSNAL4xwVNrx7bzgHSH3brXC-KLK95j6tPbOrZGb7KXI65zD9HOUViu0z06ZkZ6K6XEqx5K4VIvFvJJjdgNAxrZyHCO5saq1fdxW7FIhYsJgy-G_9uFjHVJrWlq7gcI7SOlMAEkJfOk5QD4AQBgAeWgeUBqAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcB8gcEEOfQB9IIBwiAYRABGB2ACgHICwHYEwOIFAI&sigh=aOfQp81x5EM&vt=1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.pub.network
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
admiral.mgr.consensu.org
ads.creative-serving.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
apex.go.sonobi.com
as-sec.casalemedia.com
backend.upapi.net
bh.contextweb.com
btlr.sharethrough.com
c.amazon-adsystem.com
c.pub.network
c1.adform.net
capi.connatix.com
cd.connatix.com
cdn.ampproject.org
cdn.districtm.io
cdn.firstimpression.io
cds.connatix.com
cm.g.doubleclick.net
cse.google.com
d.pub.network
dapperdiscussion.com
dmx.districtm.io
eb2.3lift.com
ecdn.analysis.fi
ecdn.firstimpression.io
ef4053e46eb26f687944052b89a35efa.safeframe.googlesyndication.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
freestar-d.openx.net
freestar-io.videoplayerhub.com
googleads.g.doubleclick.net
graph.facebook.com
hb.emxdgt.com
hbopenbid.pubmatic.com
hbx.media.net
ib.adnxs.com
img.connatix.com
jadserve.postrelease.com
m.addthis.com
mantodea.mantisadnetwork.com
match.adsrvr.org
mrb.upapi.net
p.rfihub.com
pagead2.googlesyndication.com
pixel.quantserve.com
rules.quantcount.com
s.ntv.io
s7.addthis.com
s9.addthis.com
sb.scorecardresearch.com
secure.quantserve.com
securepubads.g.doubleclick.net
sync.1rx.io
sync.go.sonobi.com
sync.mathtag.com
sync.targeting.unrulymedia.com
tlx.3lift.com
tpc.googlesyndication.com
v1.addthisedge.com
vendorlist.consensu.org
vid-io-dub.springserve.com
vid.connatix.com
vid.springserve.com
vpaid.springserve.com
web.hb.ad.cpe.dotomi.com
www.bleepingcomputer.com
www.bleepstatic.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.reddit.com
x.bidswitch.net
z.moatads.com
bh.contextweb.com
s7.addthis.com
sync.targeting.unrulymedia.com
tlx.3lift.com
104.111.230.142
104.16.190.66
104.20.59.209
104.26.12.6
13.226.146.86
130.211.23.194
151.101.114.217
172.217.18.162
172.217.18.166
172.217.18.2
178.162.133.149
178.162.133.150
18.185.145.245
18.196.104.43
185.29.133.199
185.3.92.12
185.31.128.129
185.64.189.112
198.148.27.140
199.232.53.140
2.21.36.164
2001:4de0:ac18::1:a:3a
212.71.236.31
213.19.147.150
23.210.249.164
23.210.249.83
23.210.249.92
23.210.250.13
23.210.250.213
23.42.18.223
2600:9000:215d:c000:6:44e3:f8c0:93a1
2600:9000:2182:a200:1:af78:4c0:93a1
2606:4700:20::681a:18b
2606:4700:20::681a:246
2606:4700:20::681a:832
2606:4700:20::ac43:464d
2a00:1450:4001:802::2008
2a00:1450:4001:808::2001
2a00:1450:4001:808::2002
2a00:1450:4001:808::200a
2a00:1450:4001:814::200e
2a00:1450:4001:816::2001
2a00:1450:4001:81a::2004
2a00:1450:4001:81b::200e
2a00:1450:4001:81c::2001
2a00:1450:4001:820::2002
2a00:1450:4001:821::2003
2a02:fa8:8806:16::1460
2a03:2880:f01c:800e:face:b00c:0:2
3.120.7.164
3.132.125.47
34.234.137.236
35.157.99.11
35.158.189.107
35.188.71.214
35.190.64.11
35.190.76.239
35.226.36.58
35.244.159.8
37.157.6.245
37.252.172.36
52.20.31.155
52.212.184.249
52.50.72.216
52.95.118.60
54.246.177.21
54.77.255.184
69.173.144.140
72.247.224.27
91.228.74.134
00dca6bc8c7b24b1cbc3d590cc4cf5a41cd3ce378165f3eef1257987c486b8f3
02fec5849f8ab7bceb4450d167f382e9079bd3a5d0f33a00942869641811ab3a
04752f6faab353d1207c2b6d5565220b9589b4c0d0cef4fee09d142ab60df42c
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
0c74906851e51d6bf5d282545c33cb2ace5d2a5e91dda9ed9eacc045ef5f091a
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0e477ee9acf4d98f1e077d54ed6383388e46b0041762e30de32238cf6aef83df
0f427d0f88a0698c955ff63bf13af4ca80c9b32f218b5e210847450da901a74f
117739f2fc09e108216046527c52e7d473e75265ee7db8af52f42908bf20fcec
127a50257b5711515827190b313b8b559cd873a605b003c03dd97713c10085b1
137e41c449677deb7c8da3afde63fc781b095bb028f78b789be44192e8e3f4be
15169e49855625ddd428c9b56f6762cc89529e1b024e64d7c263feba6a991bc2
187f239be41d541c6f3d1281845ea641c9a813b679aeb9853da05870c2c8730d
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
19db4a2cde712e2ceaac317e732b4ec40b62818a938a8bf8391ad68470845019
1b046225f4059631f870494a82262e305233c975a7ea4e218d04d22b39ef887f
1b370f8d3f7387b086d15fc9214622db1b35da4658fd702e4b96898fc7ab0d77
1daab0f66666bc3a1d05d70de979a80680d985cc924e233fab61eef2d03bafe2
1dcf7182e1b8c45dae01056bec964bbd48992a1dcaec0fae9319a3fd08368833
1e9322d90411989f7e09ef5ad4a3465d6cb97c77741d1030b254cd50d7c7ffe5
1ef6b8dd7895bdad76326e7aef51b0ebbfaf5daff8891cad7d4130d6c0beb3b0
22e977346d45bab9f531ce1132d7ecfbe8e46868eaea790a0d4dcd1d0649d74b
23aca4890fe8b2728dcab78ee9f3b9614cd6cdb0dab2b785d2f8d2d666247cac
2a6bfabe65ca353e4359be32e10d40b8b514590b536dd93499bc1067e4bf6329
2dda7ea92135dcf21660d4d79391d303fc38f6a6524ae74bbe2986f1d2e990d5
2e087f7a19b3c163ff3202a9eee68e1fbc405a902f196b1df49912aec0f2d598
2ea801daae81cc1c23f014e594c5693a17d0a4fe444f4b51a3da9a004ddb001b
2ed3b50047822a7f2393f8cea0fb241e17a74ab9bc8ad9a2346a344ae58a207a
2f1ac0a35a3442b524f8f9f96d7886d14a1e6d6e7ec30bcc7c6b1571cb069207
3100d1ba41f7b830697f3bb2efe2e8cfa0299ab13f2aabeb0b23f29a49153c95
319d3877902c8eed09d48b4e37e53804c8326db2da868010be800e900936d707
31cd7d9398307ca2e6cfaa111bbe7b69d69cbaaed2ff74034412ebc5008671fd
321b8305677fbee301d8fdeb8dd5d8e8266790b6a7212de40d998a00e3a5fbf2
323c863a0e85f938df3549f53983dd34f36ea020b99eb1a6a5b945d5e3903a84
32e73e8e0eec3e6c1345d84e7ef091b90e71fb0045814043b34c914156235eb9
33eb81af8a0101c1ad2a210f322fb362ce1598e6e37f0a7ecc62d6ff39add590
34c781e5d927d5fabf19060992bbd8c112f93d06f56fa0ee0c81aaef622aa30f
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
367f33e9ced368d6a39b863431212bf952a37233ad2558978da44cad20d68012
3696fd70881127647cc155920bd934a5985868fcf627b2ffc3d3c14ef74e87f2
3b735e5df415c4fafb83b42065a8786df54187f241be0c8225ec7ce5067ad0ea
3c0aaf1ce898063554617c6bb067d408aab0ecc7b34bce29f82fd8c14bc75e3f
423c05652d1edc528c6d81f141132a47de25be942448d437b93bc8c7f2f1148f
444f7a36da2965ec54bdbd35ccec4eab71b7b3e2e27fac09540a15750faecf01
44ea18dee59aadb697f0dd2a2919b33321429a24dd65f7720db44c9cf2c681b5
489caa649bc6af24b5de49c2db88c9ec21f992310412f0bdb136c2a9df3c6a87
49e01c7a11f0777ab698753c67088cf66859973c8108fcd01b34e937f202b9a1
4ceba3cc609ad8cc0e38c894672d63a3471cb5bba40bacd1d6e5fd9dbf7f0472
4cebc8a84fdd0c120a78ed97d69053358ebf3ce3d31df0706d9bf7d02b65a8c5
4d082065c49e67c7e6201995c2f778ddbe5f96b25f1ce2e2d6a5b255672680dd
4d985f98771f21adbc91c33c8caf625c2bc956156761cb7234ea4ea38d63d3f4
4de7b847498d7c287a8c05c50b73d3e25af4bba47dc6d8dad08b3bf0b4bb40d9
4eeb4df3522892ea2ec61de6a58e870e8262019f8e3c759c099450cefb589313
5233691dffa51e70ae8b66c53b31324e7dfb405de2b01b0bebb41ed2fd52f58a
52da5dad0aa4f2c20e70f81f4c743bd49779462c3b892614103acc33f28bb740
53f32a3f9ed33b84735045901bb258ebef3ce520a249eb8f3642055f1fb9fd52
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
546fa15bf6ac914544a577be9b929d728a11b023edd89bb4d8ffba6bf25533fe
569135d55841395b02a19dd2b8640469ed6af54cec8f9f4df1509f87c6959e3f
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5d88c6a9ea4370abd8360a86f75308b72819b8e91f78e8d7a1455b3b4a74f8c1
62b0c20e7f2a4bc1d5e021c345adc7d88f48c331e0296116fa3c3764aa9eaa2d
630b0770781da86c09577621a39b452a07795a802264375def95d647bd078830
6456a5d69b8520473cde2ac6e246ac9ff72fd1e7f2f7413ee79164cd3ca5998a
66032fa7a59a95e29fe4126ee8fb861cf1ae70a2a286764bb6155fed259be6a6
6656b1a9e80abf769b5dc7dea7f8eb9d30c78f26e4555834d494b444c9b0f9d3
67535cf381b2f571935e81fcb79fed2f758b47e956d1feb944369e798bf7be1c
67d86a29de7993fbd23b7dde2c4f26bdc434055c35a4b08c830c0d02fcfa6dd2
6883ce59605b04b6c6782ba17cb02dae671c9228e429ced6c1ab1171a38e12a1
69c9b95ffc068723a3093b065a59bac94373eb0a504b2de208fd47abee537f90
6aff88f7a0a5ca7b55e77e549988c0b67946262005b7defcbcb19613cbc41845
6d23d10111755a12c87198df1c71cce449de31eca9643030c6327a2157f9bd86
6e86593083facba2710a2312f26bd7b436d7ef299f99cbc2ccc1b32693ec3144
7301462cb27dcb0cf467822211f6cdd478be091ed9d776b29f426ce78c4a414f
740b9349515e8654f3f585a90c07bea80b01b6882d548cf23e259277313a94c1
76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975
7b6f4a4d1548cffd1f829bf890b046a80108688114b6adf787415ac34849d4fb
7c42933014424dabb2256a0732a9f792559d26ba09a84308c278f52834522f9a
7d6d26827b887aa09b2a5eb7c001e35b93773e53c36ddbfc127ad824e0a6ba39
7e7c74d95df84ef3a6be5c4fcde54fae313a04a9bd611059e6a97a23ff09f26f
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
80c776971a06ee00b4a5d8dec4538712721a8593f5591f625b8316fc521a7500
812db7098ab07e4c8a7eafc8b2a55690f1150df98192690709d59eff6a8f973e
827252be04765631f8ff21fee8ffe1028e27dfa52f62c08ef3182609a0a0e991
82c7fdbc4d001907e1e5d56cd335af3f0d48e0ffa7f0ad2aa3486ebb1123cb21
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
848e6d819c590da4737acecc0199ef01e2ffe0c58d841c16a7542fbaa934666d
8491d89ba3e218f935be65d6b3f2cedb89a92e10829a21ba5e19646fe3267d29
85ae9534729617e69eafa40195c7854697eb3d13b4205f3ee467e07c4af0a24b
85d3035a8f8ddfdf1e05876bc9339258e279930aeef58b157ee825406a9c9c0c
8733e2183f16906b2fa2e58fdab82cf336f249ab71ac1b184470da2dd3c6e29f
87d0ffd2d65e940b1dc02cd1d2a7c8c3624ee6aae5949a29d6d272bb80594743
8892ef2a828d567110621e27d5edb6117640cc698f92387baabf8b98a27dc52b
8c6a3015fbfd2cb6c00d22fb2ce9d197d4034727a76d94501eb0540cee8ad003
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
8fa31c510effa7473eb3a0828e56803c1baccc72ec5541bd66eb7e245d369e00
919dd3b441996ed0307b49aa015fd3a645f4426beb4953ffda40df688244916b
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
942935ead42820e6c9184f099c77dde34fa4be70d395a17c47b5d7ad07967339
953b489bdcb537d93995a4c2ae001f0c3c89cccd50591690c05a40faf815ad96
9542d2b619287550fa7b710e753041143fe5c0fffe1411171e91de6db40e0f50
97361dda3d036caf25e270fe716db15f530cfa40f3c6a165d1a6e76a4ac17183
9965f795fc289880266b446905901a92fa25c228d458172e2ca029b842ae2091
99d1979045ca288b36f4a4fa6db2a8b9cfa55aaed6e8d7e2c2973c1fa19997ed
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
9d074bf70f383a1a6be5ebafede91a7c18e27df97408a0e9c7065a82450bf452
9f63b491b5321bceca8c83581735228bb5002d3fe688a2c0fbc73a5dd9b535fc
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1c97714c72fd99a733682ab5f360af9e20d5cf51e2936c1a227f25e89c5d54f
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2becc925e5d0b5cf843422ae023206fc40ea8651e884962d59f539ec6f00d4c
a4774a2e958e25421167fdf9534a8b518b2beac5aff94942deff7b8da6ce9752
a4e4a93e4a9fb48a74c82bcafe12ba946e478ac750ca0219b13f3a0f66fa2035
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec
a872aef195648d803861d99b96544d0b7b28c0ffa5a5b8375705fb2554a14fdc
ab52a578c101a14bbc790f87f9a7400dda65469f23c6ce85c461e07cdf776460
ab71b632d62458a0ba73b63656f90be6eccdd1c569f9c0bec49518117e99efbb
affd87461f2babd57a2f7aec75e9193e8e71a377e8249a02c95a5f43326e289e
b34676178982122b66b0a55d3ee411fa343b1d19a6c119c0c9b0ea2c892738a1
b3498f138f5418bd58413e79e4c0969e618d6f2fee2d9d98c0f4e70a6cbd04ad
b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290
b78bac35da050605e5e4544ba1e6642915ba0a5b05afcf9b70ac22e1e0d060a4
b7bcd20a9591f7be4aa4102011d388e2197eac3f10827eebb82562501a78fed9
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc779acb5da26130dfd21920646b66cf481c2f9fa9475d9c46b0f0cb633e5d12
bdf16308c9560c6bd794d345f82cf7df2ab1b7ddeec75d3bdd37ef169db81ece
befee3f1747c13b9f237cc37db0fc31232e15d30133e1b93b2e05ea84e09e3d2
bfc8e65089dc5421d56ecc71a0328eafd4feb2a602503ae5c15bfa3189c02f7e
c0135f6cfd95036a1a3352e5e592de2e6ce738830a42f2f0ab2bdf5a8c6e9635
c4a7b4babd8d76af2ddc0840bda733cd5a0b409895bb74d5302ff1155c9b32bc
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf67b75cbbe817e0ef212d43a869f55003cc3a0b423d8c2536165d17c90b58ba
d020fa6036628dd1d6dbf760edc742273359e93119832249bdce332d05d6db4d
d0cbfb1ab0f94123834567e32df7ec74a1c210793f797368d41a4b4c2732d4a0
d41de9899e332ab82a5baeea6b46edc20b2e863e01cce36421e9ec94ffd4988a
d69eb0c4b5d9482e6bab4d38289dc6c11a55fe378927d689d962d83821eca47f
d6fe90201b6bec01211a67dd63611aeff450b2c7b4a9e21298993d126424e5bd
d7591393ec621a60edd177905f4d609a62ddbfc892c3ecb884f83b9e310459fa
d834b89dac9f5a8f73dc34ead37d64bf2fc0ba88373057a070a584621d53ca23
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dc911888903c69dd030449bbc5508b58c8414eb48fe71655450d70c64cead65d
de571ac792474f3378578eb5843c33f3bb9fdc6ad72948d563799712bba37505
e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91
e2c29a44024947c29e9765b77ad783ae88f5c8f89a99359b599dbbd2da90133c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5e0f326458e8b8ed839d42a0cf6892df80bf26d7dc7e4f8276a65c41582ab85
e68b8aa98b8226bc9c0006ea5642ecf65bec07fa8e4269a85939919458049504
e6e50fd1047f835e02b1b4140c8a63062dff27f25906501694c4829624150955
e78afb71e0b170c9c19e66ff7c7ffc752a2d3e8f3171c36085ff962015d841f1
ea82d11a7712dc319ba1e968ed436d52b4c75a1945365a8c3465d3353d614c40
eb12a261a24e54883613710a4c12f4d9205f634ca1a29d1df07f90105a93e746
ecbafd9b31431c61b62f37bda43bdb7f03eb59f2881779748b1850acc13780fb
eea4366b5efe8c105639c72c6e3989b928aef241653b2a9e8d4bdfe4a0c25520
eeba52faae8a2c59e8ab19d238cb68f48246d19d6ce678515e31cd464b8a58b3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
effbe1a4a394c3eefa565d528b56fff738b44ed421e12b914e84ace819669a0b
f0be3894e2f1a4695c36dc31cef86a244bfad1d0df55b6fb54fb37d2648a4f8e
f0c989d73b411b2433c5d04aba8b0d8dc186ac741606cbf03e6f6b24c61dfcbe
f199a20f1fee7dec152b3591272f9715b536ed88b4c36194488fd5a734caf707
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
f8a52990bbe6892abb730d241570fbfbd2ff2fc707fdd3004c7dba6e843bbae3
fafac6d297b31774f3b7e688d4ded2d9eb95225bdb22109a6c1ffc5d8f216636
fc5e2f7a3f4a5598cdb4d16dd342dbcda53bfd8db1696b2ccf1da6243f228165
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
fdd803105d28099a8def23fb31da1e36c0ece01f807c4a95464f3f9a9e6e9183

www.bleepingcomputer.com Open in urlscan Pro 104.20.59.209 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

306 Requests

99 %HTTPS

29 %IPv6

55 Domains

84 Subdomains

61 IPs

9 Countries

3615 kBTransfer

10891 kBSize

0 Cookies

20 Outgoing links

Redirected requests

306 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.bleepingcomputer.com Open in urlscan Pro
104.20.59.209 Public Scan

Screenshot
Live screenshot

Full Image

306
Requests

99 %
HTTPS

29 %
IPv6

55
Domains

84
Subdomains

61
IPs

9
Countries

3615 kB
Transfer

10891 kB
Size

0
Cookies

306 HTTP transactions
12 data transactions