urlscan.io logo urlscan.io
SecurityTrails logo

www.express.co.uk Open in urlscan Pro
2600:9000:21f3:1200:e:515c:9940:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://shr.gs/kWQbz0R
Effective URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Submission: On November 21 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 130 IPs in 9 countries across 76 domains to perform 708 HTTP transactions. The main IP is 2600:9000:21f3:1200:e:515c:9940:93a1, located in United States and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is www.express.co.uk.
TLS certificate: Issued by Amazon on August 23rd 2019. Valid for: a year.
This is the only time www.express.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 52.49.16.186 16509 (AMAZON-02)
2 2600:9000:21f... 16509 (AMAZON-02)
1 143.204.101.62 16509 (AMAZON-02)
63 2600:9000:21f... 16509 (AMAZON-02)
2 2606:2800:135... 15133 (EDGECAST)
1 148.64.56.194 200981 (GRAPESHOT...)
12 152.199.23.241 15133 (EDGECAST)
3 2a00:1450:400... 15169 (GOOGLE)
5 72.247.225.110 16625 (AKAMAI-AS)
2 209.197.3.63 20446 (HIGHWINDS3)
1 13.224.196.40 16509 (AMAZON-02)
1 142.93.164.216 14061 (DIGITALOC...)
1 72.247.225.159 16625 (AKAMAI-AS)
24 72.247.225.215 16625 (AKAMAI-AS)
1 2.16.186.19 20940 (AKAMAI-ASN1)
1 2.16.186.17 20940 (AKAMAI-ASN1)
1 216.58.207.34 15169 (GOOGLE)
1 1 2606:2800:234... 15133 (EDGECAST)
1 151.101.112.157 54113 (FASTLY)
1 2600:9000:21f... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 151.139.128.10 20446 (HIGHWINDS3)
1 4 72.247.225.98 16625 (AKAMAI-AS)
2 2600:9000:21f... 16509 (AMAZON-02)
3 7 104.124.133.20 16625 (AKAMAI-AS)
3 10 2a00:1450:400... 15169 (GOOGLE)
2 2.16.186.27 20940 (AKAMAI-ASN1)
14 2a00:1450:400... 15169 (GOOGLE)
7 88.99.5.37 24940 (HETZNER-AS)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:1b:... 54113 (FASTLY)
3 2600:9000:20e... 16509 (AMAZON-02)
18 143.204.97.127 16509 (AMAZON-02)
21 35.244.232.184 15169 (GOOGLE)
7 72.247.226.107 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
14 172.217.22.34 15169 (GOOGLE)
9 2.16.186.32 20940 (AKAMAI-ASN1)
34 2.16.186.9 20940 (AKAMAI-ASN1)
1 1 185.94.180.128 35220 (SPOTX-AMS)
1 72.247.224.133 16625 (AKAMAI-AS)
1 2a04:4e42:3::714 54113 (FASTLY)
2 64.202.112.31 22075 (AS-OUTBRAIN)
1 104.244.42.5 13414 (TWITTER)
3 13.224.196.124 16509 (AMAZON-02)
1 104.244.42.195 13414 (TWITTER)
1 2600:9000:204... 16509 (AMAZON-02)
1 18 216.52.2.48 29791 (VOXEL-DOT...)
4 54.86.129.194 14618 (AMAZON-AES)
2 3 2a00:1450:400... 15169 (GOOGLE)
2 3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 3.218.200.53 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
7 2.16.186.16 20940 (AKAMAI-ASN1)
1 143.204.101.6 16509 (AMAZON-02)
8 72.247.226.64 16625 (AKAMAI-AS)
1 143.204.98.117 16509 (AMAZON-02)
1 2600:9000:215... 16509 (AMAZON-02)
2 64.74.101.79 18908 (BRIGHTCOV...)
1 159.180.84.2 33047 (INSTART)
4 6 185.94.180.125 35220 (SPOTX-AMS)
1 13.225.78.9 16509 (AMAZON-02)
1 178.250.0.130 44788 (ASN-CRITE...)
6 7 63.32.23.112 16509 (AMAZON-02)
1 2600:9000:215... 16509 (AMAZON-02)
4 151.101.14.2 54113 (FASTLY)
6 13 54.246.172.91 16509 (AMAZON-02)
18 13.224.192.221 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
1 13.224.196.146 16509 (AMAZON-02)
1 52.217.39.110 16509 (AMAZON-02)
14 199.166.0.26 7415 (ADSAFE-1)
1 34.250.25.159 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
11 34.243.121.135 16509 (AMAZON-02)
6 50.31.142.63 22075 (AS-OUTBRAIN)
2 185.94.180.123 35220 (SPOTX-AMS)
7 2600:9000:21f... 16509 (AMAZON-02)
1 151.101.14.27 54113 (FASTLY)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 34.224.137.133 14618 (AMAZON-AES)
2 2.16.186.35 20940 (AKAMAI-ASN1)
3 2.16.186.33 20940 (AKAMAI-ASN1)
14 199.166.0.32 7415 (ADSAFE-1)
1 151.101.114.2 54113 (FASTLY)
35 104.244.37.20 7415 (ADSAFE-1)
1 64.202.112.127 22075 (AS-OUTBRAIN)
1 54.72.189.67 16509 (AMAZON-02)
15 69.16.175.10 20446 (HIGHWINDS3)
4 2.18.232.7 16625 (AKAMAI-AS)
2 2a02:26f0:10c... 20940 (AKAMAI-ASN1)
7 72.247.225.182 16625 (AKAMAI-AS)
8 54.165.42.51 14618 (AMAZON-AES)
8 34.236.27.247 14618 (AMAZON-AES)
1 2600:9000:215... 16509 (AMAZON-02)
1 2600:9000:21f... 16509 (AMAZON-02)
1 13.248.136.134 16509 (AMAZON-02)
2 69.16.175.42 20446 (HIGHWINDS3)
1 2a03:2880:f01... 32934 (FACEBOOK)
1 2a05:f500:10:... 14413 (LINKEDIN)
1 72.247.225.32 16625 (AKAMAI-AS)
2 3 185.33.223.208 29990 (ASN-APPNEXUS)
2 62.149.0.72 15497 (COLOCALL ...)
6 9 35.158.60.52 16509 (AMAZON-02)
3 2600:9000:21f... 16509 (AMAZON-02)
1 2600:9000:21f... 16509 (AMAZON-02)
4 213.174.135.1 39572 (ADVANCEDH...)
8 23.227.137.155 55081 (24SHELLS)
25 34.95.120.147 15169 (GOOGLE)
4 52.58.133.90 16509 (AMAZON-02)
1 35.201.78.160 15169 (GOOGLE)
11 52.28.21.7 16509 (AMAZON-02)
3 107.178.247.57 15169 (GOOGLE)
5 2a02:26f0:10c... 20940 (AKAMAI-ASN1)
1 18.214.198.125 14618 (AMAZON-AES)
16 3.224.13.75 14618 (AMAZON-AES)
4 3.215.59.224 14618 (AMAZON-AES)
4 18.195.99.26 16509 (AMAZON-02)
5 5 172.217.16.130 15169 (GOOGLE)
2 6 52.58.41.129 16509 (AMAZON-02)
4 2a00:1288:110... 34010 (YAHOO-IRD)
2 4 151.101.114.49 54113 (FASTLY)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.210.72.48 16509 (AMAZON-02)
2 2a00:1288:f03... 10310 (YAHOO-1)
4 18.197.135.109 16509 (AMAZON-02)
2 152.199.23.177 15133 (EDGECAST)
7 104.111.230.142 16625 (AKAMAI-AS)
708 130
1    52.49.16.186 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-49-16-186.eu-west-1.compute.amazonaws.com
shr.gs
2    2600:9000:21f3:1200:e:515c:9940:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
www.express.co.uk
1    143.204.101.62 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-101-62.fra50.r.cloudfront.net
scripts.webcontentassessor.com
63    2600:9000:21f3:fe00:1d:b722:f80:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
cdn.images.express.co.uk
2    2606:2800:135:155a:23ba:b2a:25ff:122d (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
consent.cmp.oath.com
service.cmp.oath.com
1    148.64.56.194 (United Kingdom)

ASN200981 (GRAPESHOT-UK-1, GB)
PTR: server194.hml.grapeshot.co.uk
trinitymirror.grapeshot.co.uk
12    152.199.23.241 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
tags.tiqcdn.com
3    2a00:1450:4001:825::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
5    72.247.225.110 (United States)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a72-247-225-110.deploy.static.akamaitechnologies.com
cdns.gigya.com
cdns.eu1.gigya.com
cdns2.gigya.com
cdns3.gigya.com
2    209.197.3.63 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip0x03f.map2.ssl.hwcdn.net
www.spot.im
1    13.224.196.40 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-224-196-40.fra2.r.cloudfront.net
native.sharethrough.com
1    142.93.164.216 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)
cdn.onthe.io
1    72.247.225.159 (United States)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a72-247-225-159.deploy.static.akamaitechnologies.com
players.brightcove.net
24    72.247.225.215 (United States)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a72-247-225-215.deploy.static.akamaitechnologies.com
widgets.outbrain.com
libs.outbrain.com
1    2.16.186.19 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-19.deploy.static.akamaitechnologies.com
recirculation.spot.im
1    2.16.186.17 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-17.deploy.static.akamaitechnologies.com
launcher.spot.im
1    216.58.207.34 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s24-in-f2.1e100.net
www.googleadservices.com
1    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
platform.twitter.com
1    151.101.112.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
static.ads-twitter.com
1    2600:9000:21f3:f400:1f:287:d20a:ce1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
get.s-onetag.com
2    2a00:1450:4001:821::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
1    151.139.128.10 (Dallas, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
cdn.watchingthat.net
4    72.247.225.98 (United States)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a72-247-225-98.deploy.static.akamaitechnologies.com
js-sec.indexww.com
as-sec.casalemedia.com
ssum.casalemedia.com
2    2600:9000:21f3:9800:18:1fcd:349:ca21 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
static.chartbeat.com
7    104.124.133.20 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-124-133-20.deploy.static.akamaitechnologies.com
sb.scorecardresearch.com
10    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
2    2.16.186.27 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-27.deploy.static.akamaitechnologies.com
app-cdn.spot.im
14    2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagservices.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
7    88.99.5.37 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-99-5-37.clients.your-server.de
tt.onthe.io
4    2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
1    2a04:4e42:1b::729 (Ascension Island)

ASN54113 (FASTLY - Fastly, US)
vjs.zencdn.net
3    2600:9000:20eb:fa00:15:d134:4e40:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
ovp.iris.tv
18    143.204.97.127 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-97-127.fra50.r.cloudfront.net
edge.api.brightcove.com
21    35.244.232.184 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 184.232.244.35.bc.googleusercontent.com
metrics.brightcove.com
7    72.247.226.107 (United States)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a72-247-226-107.deploy.static.akamaitechnologies.com
tcheck.outbrainimg.com
images.outbrainimg.com
2    2a00:1450:4001:816::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
imasdk.googleapis.com
2    2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.de
2    2a00:1450:4001:816::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.com
14    172.217.22.34 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s16-in-f2.1e100.net
securepubads.g.doubleclick.net
9    2.16.186.32 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-32.deploy.static.akamaitechnologies.com
api-2-0.spot.im
static-cdn.spot.im
dynamic-cdn.spot.im
34    2.16.186.9 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-9.deploy.static.akamaitechnologies.com
events-collector.spot.im
pix.spot.im
images.spot.im
1    185.94.180.128 (Netherlands)

ASN35220 (SPOTX-AMS, NL)
js.spotx.tv
1    72.247.224.133 (United States)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a72-247-224-133.deploy.static.akamaitechnologies.com
aka.spotxcdn.com
1    2a04:4e42:3::714 (Ascension Island)

ASN54113 (FASTLY - Fastly, US)
mab.chartbeat.com
2    64.202.112.31 (United States)

ASN22075 (AS-OUTBRAIN - Outbrain, Inc., US)
PTR: ny.outbrain.com
log.outbrainimg.com
1    104.244.42.5 (United States)

ASN13414 (TWITTER - Twitter Inc., US)
t.co
3    13.224.196.124 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-224-196-124.fra2.r.cloudfront.net
cdn.my.northernandshell.co.uk
1    104.244.42.195 (United States)

ASN13414 (TWITTER - Twitter Inc., US)
analytics.twitter.com
1    2600:9000:2043:c400:5:9a4c:9b00:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
beacon.s-onetag.com
18    216.52.2.48 (United States)

ASN29791 (VOXEL-DOT-NET - Internap Corporation, US)
ap.lijit.com
vap5ams1.lijit.com
4    54.86.129.194 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-86-129-194.compute-1.amazonaws.com
ping.chartbeat.net
3    2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
3    2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
3    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
1    3.218.200.53 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-3-218-200-53.compute-1.amazonaws.com
api.iris.tv
1    2a00:1450:4001:824::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
s0.2mdn.net
7    2.16.186.16 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-16.deploy.static.akamaitechnologies.com
httpsak-a.akamaihd.net
pix.spot.im
1    143.204.101.6 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-101-6.fra50.r.cloudfront.net
p.cpx.to
8    72.247.226.64 (United States)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a72-247-226-64.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
1    143.204.98.117 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-98-117.fra50.r.cloudfront.net
d2q1qtsl33ql2r.cloudfront.net
1    2600:9000:2156:d800:15:efbc:e300:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
js.agkn.com
2    64.74.101.79 (United States)

ASN18908 (BRIGHTCOVE-AS - Brightcove, Inc., US)
PTR: secure.brightcove.com
secure.brightcove.com
1    159.180.84.2 (United States)

ASN33047 (INSTART - Instart Logic, Inc, US)
cdn.digitru.st
6    185.94.180.125 (Netherlands)

ASN35220 (SPOTX-AMS, NL)
sync.search.spotxchange.com
1    13.225.78.9 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-225-78-9.fra2.r.cloudfront.net
brightcove.northernandshell.co.uk
1    178.250.0.130 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
7    63.32.23.112 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-63-32-23-112.eu-west-1.compute.amazonaws.com
match.adsrvr.org
1    2600:9000:2156:3200:19:fc2c:a140:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
d.agkn.com
4    151.101.14.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
odb.outbrain.com
13    54.246.172.91 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-246-172-91.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
18    13.224.192.221 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-224-192-221.fra2.r.cloudfront.net
video.unrulymedia.com
5    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
tpc.googlesyndication.com
1    13.224.196.146 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-224-196-146.fra2.r.cloudfront.net
cf-images.eu-west-1.prod.boltdns.net
1    52.217.39.110 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
14    199.166.0.26 (United States)

ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US)
PTR: anycast.pixel.adsafeprotected.com
pixel.adsafeprotected.com
1    34.250.25.159 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-250-25-159.eu-west-1.compute.amazonaws.com
c2.u5c93.com
4    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com
11    34.243.121.135 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-243-121-135.eu-west-1.compute.amazonaws.com
stats3.unrulymedia.com
6    50.31.142.63 (Chicago, United States)

ASN22075 (AS-OUTBRAIN - Outbrain, Inc., US)
PTR: chi.outbrain.com
mcdp-chidc2.outbrain.com
2    185.94.180.123 (Netherlands)

ASN35220 (SPOTX-AMS, NL)
search.spotxchange.com
7    2600:9000:21f3:2400:a:52eb:a100:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
dfp-gateway.s-onetag.com
1    151.101.14.27 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
f1.media.brightcove.com
1    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
google.com
1    2a00:1450:4001:818::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
2    34.224.137.133 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-224-137-133.compute-1.amazonaws.com
api-gw.spot.im
2    2.16.186.35 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-35.deploy.static.akamaitechnologies.com
spotops.spot.im
3    2.16.186.33 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-33.deploy.static.akamaitechnologies.com
publisher-assets.spot.im
14    199.166.0.32 (United States)

ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US)
PTR: anycast.static.adsafeprotected.com
static.adsafeprotected.com
1    151.101.114.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
mv.outbrain.com
35    104.244.37.20 (United States)

ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US)
PTR: daldt.adsafeprotected.com
dt.adsafeprotected.com
1    64.202.112.127 (United States)

ASN22075 (AS-OUTBRAIN - Outbrain, Inc., US)
PTR: ny.outbrain.com
videoclientsservicescalls.outbrain.com
1    54.72.189.67 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-72-189-67.eu-west-1.compute.amazonaws.com
targeting.unrulymedia.com
15    69.16.175.10 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: hwcdn.net
static.vidazoo.com
4    2.18.232.7 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com
a.teads.tv
2    2a02:26f0:10c:39b::2c92 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
cmp.teads.mgr.consensu.org
7    72.247.225.182 (United States)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a72-247-225-182.deploy.static.akamaitechnologies.com
t.teads.tv
sync.teads.tv
8    54.165.42.51 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-165-42-51.compute-1.amazonaws.com
bis.vidazoo.com
8    34.236.27.247 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-236-27-247.compute-1.amazonaws.com
server.vidazoo.com
1    2600:9000:2156:a000:5:ae3a:ba00:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
onetag-geo.s-onetag.com
1    2600:9000:21f3:ac00:7:8699:e840:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
onetag-geo-grouping.s-onetag.com
1    13.248.136.134 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ab1c511d4246f7da1.awsglobalaccelerator.com
metrics-collector.s-onetag.com
2    69.16.175.42 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: tlb.hwcdn.net
inventory.vidazoo.com
1    2a03:2880:f01c:800e:face:b00c:0:2 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
graph.facebook.com
1    2a05:f500:10:101::b93f:9101 (Ireland)

ASN14413 (LINKEDIN - LinkedIn Corporation, US)
www.linkedin.com
1    72.247.225.32 (United States)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a72-247-225-32.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    185.33.223.208 (Netherlands)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 311.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
2    62.149.0.72 (Ukraine)

ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA)
PTR: 0-72.adtelligent3-tmp.cc.colocall.com
sync.spotim.market
9    35.158.60.52 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-158-60-52.eu-central-1.compute.amazonaws.com
pixel.advertising.com
3    2600:9000:21f3:800:c:492d:cd80:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
sdk.streamrail.com
1    2600:9000:21f3:1800:4:b37b:9440:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
rumcdn.geoedge.be
4    213.174.135.1 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
player.spotim.market
player.adtelligent.com
8    23.227.137.155 (Piscataway, United States)

ASN55081 (24SHELLS - 24 SHELLS, US)
hb.spotim.market
25    34.95.120.147 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 147.120.95.34.bc.googleusercontent.com
outbrain-d.openx.net
u.openx.net
4    52.58.133.90 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-58-133-90.eu-central-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    35.201.78.160 (Ascension Island)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 160.78.201.35.bc.googleusercontent.com
api.vidiom.net
11    52.28.21.7 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-28-21-7.eu-central-1.compute.amazonaws.com
ads.adaptv.advertising.com
3    107.178.247.57 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 57.247.178.107.bc.googleusercontent.com
k.streamrail.com
5    2a02:26f0:10c:397::2c79 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
player.aniview.com
1    18.214.198.125 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-18-214-198-125.compute-1.amazonaws.com
track.aniview.com
16    3.224.13.75 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-3-224-13-75.compute-1.amazonaws.com
track1.aniview.com
4    3.215.59.224 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-3-215-59-224.compute-1.amazonaws.com
observe.aniview.com
4    18.195.99.26 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-195-99-26.eu-central-1.compute.amazonaws.com
fastlane-adv.rubiconproject.com
5    172.217.16.130 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s46-in-f2.1e100.net
cm.g.doubleclick.net
6    52.58.41.129 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-58-41-129.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
4    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
4    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
sync-tm.everesttech.net
4    2a00:1450:4001:815::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
cdn.ampproject.org
1    2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com
1    52.210.72.48 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-210-72-48.eu-west-1.compute.amazonaws.com
acds.prod.vidible.tv
2    2a00:1288:f03d:1fa::4000 (United Kingdom)

ASN10310 (YAHOO-1 - Oath Holdings Inc., US)
cdn-ssl.vidible.tv
cdn.vidible.tv
4    18.197.135.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-197-135-109.eu-central-1.compute.amazonaws.com
trk.vidible.tv
2    152.199.23.177 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
dtm.advertising.com
7    104.111.230.142 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
Apex Domain
Subdomains		 Transfer
65 express.co.uk
www.express.co.uk
cdn.images.express.co.uk
590 KB
63 adsafeprotected.com
pixel.adsafeprotected.com
static.adsafeprotected.com
dt.adsafeprotected.com
600 KB
62 spot.im
www.spot.im
recirculation.spot.im
launcher.spot.im
app-cdn.spot.im
api-2-0.spot.im
events-collector.spot.im
static-cdn.spot.im
pix.spot.im
api-gw.spot.im
spotops.spot.im
publisher-assets.spot.im
dynamic-cdn.spot.im
images.spot.im
2 MB
42 brightcove.com
edge.api.brightcove.com
metrics.brightcove.com
secure.brightcove.com
f1.media.brightcove.com
1 MB
36 outbrain.com
widgets.outbrain.com
odb.outbrain.com
mcdp-chidc2.outbrain.com
libs.outbrain.com
mv.outbrain.com
videoclientsservicescalls.outbrain.com
177 KB
33 vidazoo.com
static.vidazoo.com
bis.vidazoo.com
server.vidazoo.com
inventory.vidazoo.com
1 MB
30 unrulymedia.com
video.unrulymedia.com
stats3.unrulymedia.com
targeting.unrulymedia.com
141 KB
26 aniview.com
player.aniview.com
track.aniview.com
track1.aniview.com
observe.aniview.com
419 KB
25 openx.net
outbrain-d.openx.net
u.openx.net
5 KB
23 doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
192 KB
22 advertising.com
pixel.advertising.com
ads.adaptv.advertising.com
sync.adaptv.advertising.com Failed
dtm.advertising.com
8 KB
18 lijit.com
ap.lijit.com
vap5ams1.lijit.com
101 KB
15 rubiconproject.com
prebid-server.rubiconproject.com
fastlane.rubiconproject.com Failed
eus.rubiconproject.com Failed
fastlane-adv.rubiconproject.com
4 KB
13 spotim.market
sync.spotim.market
player.spotim.market
hb.spotim.market
103 KB
13 crwdcntrl.net
bcp.crwdcntrl.net
10 KB
12 s-onetag.com
get.s-onetag.com
beacon.s-onetag.com
dfp-gateway.s-onetag.com
onetag-geo.s-onetag.com
onetag-geo-grouping.s-onetag.com
metrics-collector.s-onetag.com
32 KB
12 tiqcdn.com
tags.tiqcdn.com
28 KB
11 teads.tv
a.teads.tv
t.teads.tv
sync.teads.tv
187 KB
10 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
3 KB
10 googletagservices.com
www.googletagservices.com
259 KB
10 google-analytics.com
www.google-analytics.com
20 KB
9 googlesyndication.com
tpc.googlesyndication.com Failed
pagead2.googlesyndication.com
97 KB
9 outbrainimg.com
tcheck.outbrainimg.com
log.outbrainimg.com
images.outbrainimg.com
90 KB
9 googleapis.com
fonts.googleapis.com
imasdk.googleapis.com
ajax.googleapis.com
214 KB
8 spotxchange.com
sync.search.spotxchange.com
search.spotxchange.com
5 KB
8 moatads.com
z.moatads.com
px.moatads.com
100 KB
8 onthe.io
cdn.onthe.io
tt.onthe.io
22 KB
7 vidible.tv
acds.prod.vidible.tv
cdn-ssl.vidible.tv
trk.vidible.tv
cdn.vidible.tv
116 KB
7 adsrvr.org
match.adsrvr.org
3 KB
7 google.com
adservice.google.com
www.google.com
google.com
1 KB
7 scorecardresearch.com
sb.scorecardresearch.com
4 KB
6 streamrail.com
sdk.streamrail.com
k.streamrail.com
223 KB
5 google.de
adservice.google.de
www.google.de
748 B
5 gigya.com
cdns.gigya.com
cdns.eu1.gigya.com
cdns2.gigya.com
cdns3.gigya.com
153 KB
4 ampproject.org
cdn.ampproject.org
110 KB
4 everesttech.net
sync-tm.everesttech.net
1 KB
4 chartbeat.net
ping.chartbeat.net
672 B
4 northernandshell.co.uk
cdn.my.northernandshell.co.uk
brightcove.northernandshell.co.uk
499 KB
4 iris.tv
ovp.iris.tv
api.iris.tv
134 KB
4 gstatic.com
fonts.gstatic.com
37 KB
3 adnxs.com
ib.adnxs.com
acdn.adnxs.com Failed
3 KB
3 casalemedia.com
as-sec.casalemedia.com
ssum.casalemedia.com
1 KB
3 chartbeat.com
static.chartbeat.com
mab.chartbeat.com
23 KB
2 consensu.org
cmp.teads.mgr.consensu.org
2 agkn.com
js.agkn.com
d.agkn.com
3 KB
2 googletagmanager.com
www.googletagmanager.com
25 KB
2 twitter.com
platform.twitter.com
analytics.twitter.com
588 B
2 oath.com
consent.cmp.oath.com
service.cmp.oath.com
26 KB
1 vidiom.net
api.vidiom.net
2 KB
1 adtelligent.com
player.adtelligent.com
1 KB
1 geoedge.be
rumcdn.geoedge.be
4 KB
1 pubmatic.com
ads.pubmatic.com
hbopenbid.pubmatic.com Failed
vid.pubmatic.com Failed
1 linkedin.com
www.linkedin.com
1 facebook.com
graph.facebook.com
689 B
1 u5c93.com
c2.u5c93.com
365 B
1 amazonaws.com
s3.amazonaws.com
9 KB
1 boltdns.net
cf-images.eu-west-1.prod.boltdns.net
4 KB
1 criteo.net
static.criteo.net
27 KB
1 digitru.st
cdn.digitru.st
11 KB
1 cloudfront.net
d2q1qtsl33ql2r.cloudfront.net
524 B
1 cpx.to
p.cpx.to
2 KB
1 akamaihd.net
httpsak-a.akamaihd.net
72 KB
1 2mdn.net
s0.2mdn.net
11 KB
1 t.co
t.co
170 B
1 spotxcdn.com
aka.spotxcdn.com
145 KB
1 spotx.tv
js.spotx.tv
589 B
1 zencdn.net
vjs.zencdn.net
7 KB
1 indexww.com
js-sec.indexww.com
40 KB
1 watchingthat.net
cdn.watchingthat.net
40 KB
1 ads-twitter.com
static.ads-twitter.com
2 KB
1 googleadservices.com
www.googleadservices.com
9 KB
1 brightcove.net
players.brightcove.net
262 KB
1 sharethrough.com
native.sharethrough.com
btlr.sharethrough.com Failed
115 KB
1 grapeshot.co.uk
trinitymirror.grapeshot.co.uk
552 B
1 webcontentassessor.com
scripts.webcontentassessor.com
28 KB
1 shr.gs
shr.gs
603 B
708 76
Domain Requested by
63 cdn.images.express.co.uk www.express.co.uk
scripts.webcontentassessor.com
cdn.images.express.co.uk
35 dt.adsafeprotected.com www.express.co.uk
27 images.spot.im cdn.images.express.co.uk
static-cdn.spot.im
scripts.webcontentassessor.com
23 widgets.outbrain.com www.express.co.uk
scripts.webcontentassessor.com
widgets.outbrain.com
libs.outbrain.com
21 metrics.brightcove.com www.express.co.uk
18 video.unrulymedia.com scripts.webcontentassessor.com
video.unrulymedia.com
ajax.googleapis.com
a.teads.tv
18 edge.api.brightcove.com players.brightcove.net
www.express.co.uk
16 track1.aniview.com
16 outbrain-d.openx.net static.vidazoo.com
player.aniview.com
15 static.vidazoo.com scripts.webcontentassessor.com
static.vidazoo.com
14 static.adsafeprotected.com pixel.adsafeprotected.com
www.express.co.uk
14 pixel.adsafeprotected.com www.express.co.uk
14 securepubads.g.doubleclick.net scripts.webcontentassessor.com
securepubads.g.doubleclick.net
shr.gs
rumcdn.geoedge.be
www.express.co.uk
13 bcp.crwdcntrl.net 6 redirects www.express.co.uk
scripts.webcontentassessor.com
12 pix.spot.im launcher.spot.im
www.express.co.uk
static-cdn.spot.im
12 tags.tiqcdn.com www.express.co.uk
scripts.webcontentassessor.com
11 ads.adaptv.advertising.com sdk.streamrail.com
player.aniview.com
cdn-ssl.vidible.tv
11 stats3.unrulymedia.com www.express.co.uk
10 vap5ams1.lijit.com ap.lijit.com
vap5ams1.lijit.com
scripts.webcontentassessor.com
10 www.googletagservices.com www.express.co.uk
scripts.webcontentassessor.com
securepubads.g.doubleclick.net
rumcdn.geoedge.be
10 www.google-analytics.com 3 redirects www.express.co.uk
www.google-analytics.com
9 u.openx.net static.vidazoo.com
player.aniview.com
9 pixel.advertising.com 6 redirects
8 hb.spotim.market player.spotim.market
8 server.vidazoo.com static.vidazoo.com
www.express.co.uk
8 bis.vidazoo.com static.vidazoo.com
www.express.co.uk
8 ap.lijit.com 1 redirects get.s-onetag.com
scripts.webcontentassessor.com
player.spotim.market
7 eus.rubiconproject.com static.vidazoo.com
player.spotim.market
player.aniview.com
7 dfp-gateway.s-onetag.com get.s-onetag.com
7 match.adsrvr.org 6 redirects js-sec.indexww.com
7 tt.onthe.io cdn.onthe.io
7 sb.scorecardresearch.com 3 redirects www.express.co.uk
6 ups.analytics.yahoo.com 2 redirects
6 t.teads.tv www.express.co.uk
6 images.outbrainimg.com www.express.co.uk
6 mcdp-chidc2.outbrain.com widgets.outbrain.com
6 px.moatads.com www.express.co.uk
6 sync.search.spotxchange.com 4 redirects www.express.co.uk
5 cm.g.doubleclick.net 5 redirects
5 player.aniview.com scripts.webcontentassessor.com
player.aniview.com
5 static-cdn.spot.im scripts.webcontentassessor.com
5 tpc.googlesyndication.com scripts.webcontentassessor.com
rumcdn.geoedge.be
www.express.co.uk
cdn.ampproject.org
4 trk.vidible.tv www.express.co.uk
4 cdn.ampproject.org securepubads.g.doubleclick.net
4 sync-tm.everesttech.net 2 redirects player.aniview.com
4 pr-bh.ybp.yahoo.com player.aniview.com
4 fastlane-adv.rubiconproject.com player.aniview.com
4 observe.aniview.com player.aniview.com
4 prebid-server.rubiconproject.com static.vidazoo.com
4 a.teads.tv scripts.webcontentassessor.com
a.teads.tv
4 pagead2.googlesyndication.com www.express.co.uk
4 ajax.googleapis.com video.unrulymedia.com
4 odb.outbrain.com scripts.webcontentassessor.com
4 www.google.com 2 redirects www.express.co.uk
4 ping.chartbeat.net www.express.co.uk
4 fonts.gstatic.com www.express.co.uk
players.brightcove.net
3 k.streamrail.com
3 player.spotim.market shr.gs
rumcdn.geoedge.be
player.spotim.market
3 sdk.streamrail.com static-cdn.spot.im
sdk.streamrail.com
3 ib.adnxs.com 2 redirects player.spotim.market
3 publisher-assets.spot.im www.express.co.uk
3 www.google.de www.express.co.uk
3 stats.g.doubleclick.net 2 redirects www.express.co.uk
3 cdn.my.northernandshell.co.uk cdn.images.express.co.uk
cdn.my.northernandshell.co.uk
3 api-2-0.spot.im launcher.spot.im
www.express.co.uk
static-cdn.spot.im
3 ovp.iris.tv scripts.webcontentassessor.com
3 fonts.googleapis.com www.express.co.uk
2 dtm.advertising.com cdn-ssl.vidible.tv
dtm.advertising.com
2 sync.spotim.market
2 ssum.casalemedia.com 1 redirects scripts.webcontentassessor.com
2 inventory.vidazoo.com www.express.co.uk
2 cmp.teads.mgr.consensu.org scripts.webcontentassessor.com
2 spotops.spot.im static-cdn.spot.im
2 api-gw.spot.im static-cdn.spot.im
2 search.spotxchange.com aka.spotxcdn.com
www.express.co.uk
sdk.streamrail.com
player.aniview.com
2 secure.brightcove.com players.brightcove.net
2 z.moatads.com tags.tiqcdn.com
cdn-ssl.vidible.tv
2 log.outbrainimg.com widgets.outbrain.com
2 adservice.google.com scripts.webcontentassessor.com
rumcdn.geoedge.be
2 adservice.google.de scripts.webcontentassessor.com
rumcdn.geoedge.be
2 imasdk.googleapis.com players.brightcove.net
scripts.webcontentassessor.com
2 app-cdn.spot.im scripts.webcontentassessor.com
2 static.chartbeat.com scripts.webcontentassessor.com
tags.tiqcdn.com
2 www.googletagmanager.com www.express.co.uk
www.googletagmanager.com
2 www.spot.im www.express.co.uk
app-cdn.spot.im
2 cdns.gigya.com www.express.co.uk
cdns.gigya.com
2 www.express.co.uk shr.gs
cdn.images.express.co.uk
1 cdn.vidible.tv cdn-ssl.vidible.tv
1 cdn-ssl.vidible.tv acds.prod.vidible.tv
1 acds.prod.vidible.tv sdk.streamrail.com
1 track.aniview.com
1 api.vidiom.net sdk.streamrail.com
1 player.adtelligent.com player.spotim.market
1 rumcdn.geoedge.be static-cdn.spot.im
1 dynamic-cdn.spot.im scripts.webcontentassessor.com
1 ads.pubmatic.com scripts.webcontentassessor.com
player.spotim.market
1 www.linkedin.com scripts.webcontentassessor.com
1 graph.facebook.com scripts.webcontentassessor.com
1 metrics-collector.s-onetag.com beacon.s-onetag.com
1 onetag-geo-grouping.s-onetag.com beacon.s-onetag.com
1 onetag-geo.s-onetag.com beacon.s-onetag.com
1 sync.teads.tv scripts.webcontentassessor.com
1 targeting.unrulymedia.com video.unrulymedia.com
1 videoclientsservicescalls.outbrain.com libs.outbrain.com
1 mv.outbrain.com scripts.webcontentassessor.com
1 libs.outbrain.com scripts.webcontentassessor.com
1 google.com 1 redirects
1 f1.media.brightcove.com players.brightcove.net
1 c2.u5c93.com players.brightcove.net
1 s3.amazonaws.com www.express.co.uk
1 cf-images.eu-west-1.prod.boltdns.net ovp.iris.tv
1 d.agkn.com js.agkn.com
1 static.criteo.net js-sec.indexww.com
1 brightcove.northernandshell.co.uk players.brightcove.net
1 cdn.digitru.st aka.spotxcdn.com
1 cdns3.gigya.com cdns.gigya.com
1 service.cmp.oath.com cdn.images.express.co.uk
1 cdns2.gigya.com www.express.co.uk
1 js.agkn.com scripts.webcontentassessor.com
1 d2q1qtsl33ql2r.cloudfront.net www.express.co.uk
1 p.cpx.to tags.tiqcdn.com
1 httpsak-a.akamaihd.net www.express.co.uk
1 s0.2mdn.net imasdk.googleapis.com
1 api.iris.tv scripts.webcontentassessor.com
1 beacon.s-onetag.com scripts.webcontentassessor.com
1 analytics.twitter.com scripts.webcontentassessor.com
1 cdns.eu1.gigya.com scripts.webcontentassessor.com
1 t.co www.express.co.uk
1 googleads.g.doubleclick.net scripts.webcontentassessor.com
1 mab.chartbeat.com static.chartbeat.com
1 aka.spotxcdn.com www.express.co.uk
1 js.spotx.tv 1 redirects
1 as-sec.casalemedia.com cdn.watchingthat.net
player.spotim.market
1 events-collector.spot.im launcher.spot.im
1 tcheck.outbrainimg.com widgets.outbrain.com
1 vjs.zencdn.net scripts.webcontentassessor.com
1 js-sec.indexww.com scripts.webcontentassessor.com
1 cdn.watchingthat.net tags.tiqcdn.com
1 get.s-onetag.com www.express.co.uk
1 static.ads-twitter.com www.express.co.uk
1 platform.twitter.com 1 redirects
1 www.googleadservices.com www.express.co.uk
1 launcher.spot.im www.express.co.uk
1 recirculation.spot.im www.express.co.uk
1 players.brightcove.net www.express.co.uk
1 cdn.onthe.io www.express.co.uk
1 native.sharethrough.com www.express.co.uk
1 trinitymirror.grapeshot.co.uk www.express.co.uk
1 consent.cmp.oath.com www.express.co.uk
1 scripts.webcontentassessor.com www.express.co.uk
1 shr.gs
0 acdn.adnxs.com Failed player.spotim.market
0 sync.adaptv.advertising.com Failed
0 vid.pubmatic.com Failed sdk.streamrail.com
0 fastlane.rubiconproject.com Failed player.spotim.market
0 btlr.sharethrough.com Failed player.spotim.market
0 hbopenbid.pubmatic.com Failed player.spotim.market
708 157
Subject Issuer Validity Valid
express.co.uk
Amazon		 2019-08-23 -
2020-09-23		 a year crt.sh
*.webcontentassessor.com
Amazon		 2019-05-13 -
2020-06-13		 a year crt.sh
cdn.images.express.co.uk
Amazon		 2019-08-28 -
2020-09-28		 a year crt.sh
service.cmp.oath.com
DigiCert SHA2 Secure Server CA		 2018-03-22 -
2020-03-26		 2 years crt.sh
*.grapeshot.co.uk
DigiCert SHA2 Secure Server CA		 2019-03-05 -
2021-03-04		 2 years crt.sh
*.tiqcdn.com
DigiCert SHA2 Secure Server CA		 2017-10-25 -
2020-05-13		 3 years crt.sh
*.googleapis.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
cdns.gigya.com
DigiCert SHA2 Secure Server CA		 2018-11-06 -
2020-02-05		 a year crt.sh
*.spot.im
COMODO RSA Domain Validation Secure Server CA		 2017-02-08 -
2020-02-17		 3 years crt.sh
*.sharethrough.com
Amazon		 2019-10-07 -
2020-11-07		 a year crt.sh
*.onthe.io
Sectigo RSA Domain Validation Secure Server CA		 2019-03-04 -
2020-05-02		 a year crt.sh
players.brightcove.net
DigiCert SHA2 Secure Server CA		 2019-06-11 -
2020-09-09		 a year crt.sh
*.outbrain.com
DigiCert SHA2 Secure Server CA		 2018-12-14 -
2020-03-14		 a year crt.sh
www.googleadservices.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
ads-twitter.com
DigiCert SHA2 High Assurance Server CA		 2019-08-14 -
2020-08-18		 a year crt.sh
*.s-onetag.com
Amazon		 2019-06-25 -
2020-07-25		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
*.watchingthat.net
AlphaSSL CA - SHA256 - G2		 2019-08-28 -
2020-10-21		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2019-07-17 -
2020-03-09		 8 months crt.sh
*.chartbeat.com
Gandi Standard SSL CA 2		 2019-04-10 -
2020-04-10		 a year crt.sh
*.scorecardresearch.com
COMODO RSA Organization Validation Secure Server CA		 2018-11-28 -
2019-12-26		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
*.google.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
osff.map.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-11-15 -
2020-01-23		 2 months crt.sh
iris.tv
Amazon		 2019-11-08 -
2020-12-08		 a year crt.sh
*.api.brightcove.com
Amazon		 2019-10-21 -
2020-11-21		 a year crt.sh
metrics.brightcove.com
Let's Encrypt Authority X3		 2019-10-01 -
2019-12-30		 3 months crt.sh
*.outbrainimg.com
DigiCert SHA2 Secure Server CA		 2019-02-24 -
2020-05-25		 a year crt.sh
cdn.spotxcdn.com
GeoTrust RSA CA 2018		 2019-04-24 -
2020-05-23		 a year crt.sh
f6.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-11-20 -
2020-08-07		 9 months crt.sh
t.co
DigiCert SHA2 High Assurance Server CA		 2019-04-09 -
2020-04-01		 a year crt.sh
*.my.northernandshell.co.uk
Amazon		 2019-08-09 -
2020-09-09		 a year crt.sh
*.twitter.com
DigiCert SHA2 High Assurance Server CA		 2019-04-09 -
2020-04-01		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2019-03-11 -
2020-05-10		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2018-12-20 -
2020-01-01		 a year crt.sh
www.google.de
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
*.doubleclick.net
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
www.google.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
a248.e.akamai.net
DigiCert Secure Site ECC CA-1		 2019-08-13 -
2020-08-12		 a year crt.sh
p.cpx.to
COMODO RSA Domain Validation Secure Server CA		 2015-02-10 -
2020-02-09		 5 years crt.sh
moatads.com
DigiCert ECC Secure Server CA		 2018-11-10 -
2020-02-09		 a year crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2019-07-17 -
2020-07-05		 a year crt.sh
*.agkn.com
RapidSSL RSA CA 2018		 2018-06-21 -
2020-09-16		 2 years crt.sh
*.brightcove.com
COMODO RSA Domain Validation Secure Server CA		 2018-04-03 -
2020-05-20		 2 years crt.sh
cdn.digitru.st
Sectigo RSA Organization Validation Secure Server CA		 2019-05-09 -
2021-05-08		 2 years crt.sh
*.search.spotxchange.com
GeoTrust RSA CA 2018		 2019-03-20 -
2021-04-21		 2 years crt.sh
brightcove.northernandshell.co.uk
Amazon		 2019-04-04 -
2020-05-04		 a year crt.sh
*.criteo.net
DigiCert ECC Secure Server CA		 2019-03-26 -
2020-03-30		 a year crt.sh
*.adsrvr.org
Trustwave Organization Validation SHA256 CA, Level 1		 2019-03-07 -
2021-04-19		 2 years crt.sh
f2.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-07-30 -
2020-07-25		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2019-06-13 -
2021-06-28		 2 years crt.sh
*.unrulymedia.com
DigiCert SHA2 Secure Server CA		 2017-08-30 -
2020-11-27		 3 years crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
*.prod.boltdns.net
Amazon		 2019-01-02 -
2020-02-02		 a year crt.sh
s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2019-09-06 -
2020-12-02		 a year crt.sh
*.adsafeprotected.com
COMODO RSA Domain Validation Secure Server CA		 2018-08-20 -
2020-09-17		 2 years crt.sh
*.p2r14.com
Amazon		 2019-04-01 -
2020-05-01		 a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2019-03-18 -
2021-03-17		 2 years crt.sh
brightcove.com
GlobalSign CloudSSL CA - SHA256 - G3		 2019-09-10 -
2020-02-26		 6 months crt.sh
*.vidazoo.com
Sectigo RSA Domain Validation Secure Server CA		 2019-03-20 -
2021-04-03		 2 years crt.sh
teads.tv
Let's Encrypt Authority X3		 2019-10-30 -
2020-01-28		 3 months crt.sh
teads.mgr.consensu.org
Let's Encrypt Authority X3		 2019-09-23 -
2019-12-22		 3 months crt.sh
bi-test.vidazoo.com
Let's Encrypt Authority X3		 2019-11-18 -
2020-02-16		 3 months crt.sh
adserver.vidazoo.com
Let's Encrypt Authority X3		 2019-10-29 -
2020-01-27		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-11-06 -
2020-02-04		 3 months crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2018-05-30 -
2020-09-01		 2 years crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2018-12-13 -
2020-03-13		 a year crt.sh
sync.spotim.market
Let's Encrypt Authority X3		 2019-10-14 -
2020-01-12		 3 months crt.sh
pixel.advertising.com
DigiCert SHA2 High Assurance Server CA		 2017-06-14 -
2020-06-18		 3 years crt.sh
*.streamrail.com
COMODO RSA Domain Validation Secure Server CA		 2018-08-21 -
2020-08-20		 2 years crt.sh
rumcdn.geoedge.be
Amazon		 2019-10-30 -
2020-11-30		 a year crt.sh
player.spotim.market
Let's Encrypt Authority X3		 2019-11-13 -
2020-02-11		 3 months crt.sh
hb.spotim.market
Let's Encrypt Authority X3		 2019-10-20 -
2020-01-18		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2018-01-04 -
2020-07-09		 3 years crt.sh
*.rubiconproject.com
DigiCert SHA2 Secure Server CA		 2019-01-10 -
2021-01-14		 2 years crt.sh
*.adtelligent.com
COMODO RSA Domain Validation Secure Server CA		 2017-11-10 -
2020-11-09		 3 years crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA		 2019-01-23 -
2021-03-08		 2 years crt.sh
*.vidiom.net
Sectigo RSA Domain Validation Secure Server CA		 2019-07-24 -
2021-08-22		 2 years crt.sh
*.adaptv.advertising.com
DigiCert SHA2 High Assurance Server CA		 2017-09-20 -
2020-09-18		 3 years crt.sh
*.aniview.com
DigiCert ECC Secure Server CA		 2018-12-16 -
2020-03-16		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2019-10-30 -
2020-04-27		 6 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2019-08-07 -
2020-02-03		 6 months crt.sh
g2.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-11-21 -
2020-11-12		 a year crt.sh
misc-sni.google.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
acds.prod.vidible.tv
DigiCert SHA2 High Assurance Server CA		 2018-01-24 -
2021-01-28		 3 years crt.sh
cdn-ycs.vidible.tv
DigiCert SHA2 High Assurance Server CA		 2019-09-02 -
2020-02-29		 6 months crt.sh
trk.vidible.tv
DigiCert SHA2 High Assurance Server CA		 2018-02-21 -
2021-02-25		 3 years crt.sh
dtm.advertising.com
DigiCert SHA2 Secure Server CA		 2019-11-14 -
2021-04-01		 a year crt.sh

This page contains 100 frames:

Primary Page: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Frame ID: C9D67EEC0459B5D61F77F65A1D4F6FA8
Requests: 426 HTTP requests in this frame

Frame: https://cdn.images.express.co.uk/cmp-19.4.4/dx/cmpui.html
Frame ID: CFAFE66998932C2ED2EB304E25930952
Requests: 6 HTTP requests in this frame

Frame: https://cdns.eu1.gigya.com/gs/webSdk/Api.aspx?apiKey=3_BBXBRC0QUUloJ0Hujw4HOY17aLrL0Uy8FDx59O4-PrYbWWtrnCBKphB69PH9tXSb&version=latest
Frame ID: E5F75BDC4671738BDC502E7284DEE653
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/www/delivery/fpi.js?z=598981&width=320&height=50&iv=sf
Frame ID: F0C7DC95BD76D45F9990B2CD411FA6BB
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.353.0_en.html
Frame ID: D3B9776DB98D943047466FA7CB0C305B
Requests: 1 HTTP requests in this frame

Frame: https://d.agkn.com/iframe/8613/?che=783945411&gdpr=&gdpr_consent=&ref=http%3A%2F%2Fshr.gs%2FkWQbz0R&bpid=northernshelluk&c=%7B%22bpid%22%3A%22northernshelluk%22%2C%22loc%22%3A%22https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download%22%2C%22gdpr%22%3A%22%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22http%3A%2F%2Fshr.gs%2FkWQbz0R%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22-1%22%2C%22brd%22%3A%22-1%22%7D
Frame ID: DE7186A4CE8D2514BB567D7D940E2005
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuiJcuiwsGjvCXZdXvbS1okHFE_2rJThykrNekCzC3-eKlvtH9bLsabar5QTB0vBY-vh8PRk49IySEgPZSoNjTHSmPz6HGMxH4qrV8j4GarapYwJkk4lwkH1QdZa906tPczqgg15HPX6TNqbGgNxGb3j5M5hVJV5L4v4-lHZsejkNcR-NkPWiXpYTqrbEOwKQIwDADcDUzK1PTUoxquScluTD6w4fkmMnaPko1qCqXg-SWrQuJ1YToTm81bg8kPTxKomUwdIwz2qWFdI2qJC7X6xWJq5t_fSKAU7w&sai=AMfl-YRAk9sKr6kQ4YCMdm45CvtXAeuHUpv63bX4s17zBngJmH85MZ8N-dIbsEew0eewJnaRjc18s_F8vY0iZqJ7mrHNyoC6T2l-Ql_wgXOLxg&sig=Cg0ArKJSzNNrECp9aO9fEAE&urlfix=1&adurl=
Frame ID: C6A7FE6187AEA3870D2FC575B7B7618F
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstYDInWppDogVSPEwydBpHvbPNEkhmeN9QYOYmcCVlKEWA3Sw3gZzOTeXYHuJpzH_lFnaohoOEYxBMdjgDQVIxRvY-SjLRUwKEhpu1BNC9wm7RLiGSYHY5N0jd_BgIuIZkNv-6PhWCSjjT5a8qgyFvzNVRWQMfmegvi_bshpCV-6lRHp-vGsxeAT21L_PdlGFjrUYZzmzRnn44DHdctYovSQnw5rU9JUxbpT6sLyhM-edBhNaNeRP4Y_UuJac1tzxmIbPr1mVno-M_uuMz64dd_BXRUTnRF-oK3cA&sai=AMfl-YTaJOx985I9m9Y5_0dKR_ku3vxUCbZjYlNg6bc2ziB2Wa7vYjBxMs21xdkHB0J7Nrq-VL5abx_8Mrq97qwjqFIpSWf1j2NlrbpjtoTBQQ&sig=Cg0ArKJSzJ8d2zG3UCCoEAE&urlfix=1&adurl=
Frame ID: DEE6C5212CE7045B233B2477CE28FF83
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstKSYYzPXMI2Yj9Z3TbAbfEk13Bd1q8cnQyTfg_c4NlahxxnpLblldHVPD38NV2rh6xTuXEAIjnsKp3zel6YjOoLQIUlHzCcbBkkL0j5abeRDiwu9Ri69ACSCWm1S7YDSK57EoTsEKEEwnUZ2XhNptPVYKq7PTx6n9HJQ3YbR_1iXMapSwaiKHci_YwfCeQTbAHvgWIYquiLDg8fnAdn8cMQ1NMuolXf8wbxE1410h7AvCUqK5PZ-Fl07PRXDAM-OToXlumLNkTju4-rISmTcB-kjJr6-FGhCk4zg&sai=AMfl-YTaq5Y86NWICgxXCcXscZ2rm9HweIUJDqMykzp81W4npgdgz14Au0SoqUAhK6rV9E-qRvYalgYaWLDLKUBfjkL6c-x7wArzI1-UOtOyBQ&sig=Cg0ArKJSzH2M74QcLL6AEAE&urlfix=1&adurl=
Frame ID: B56FE331B3732C1858BE32703279406D
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvMLgIbdS6N58RdUM0_NYH7_Q7JCry7omvowTTAPxUDGRGeuTtyUsZdke3UN0sJlCjfJ4VZ8taSC5b3lOIi_RvDMTARV7UxTjK6qznXYx0o_x6ZxLxHAMEnmLh6m7GB2Vo2Ku7inzrfRjfub9s7swv0J0eMSlyUl69Rbw4GIyZGM6yJgP5WPIPiH6wBOJFuZU05IS87vsdEfYmY-0tiuG3G3R1dZcB0uLP2_ST0sPy2Hpob-RyUGoJ0NNySlcg6I29uhWwWeCGbzukiEjDNgA5hWjvbcmRmdcSapA&sai=AMfl-YSDNcaMkO2jgPrWmpe8vMw95NvnuCErcyH0Wbj1HuJvbna92MHqx9sOkgsuNeLSG0IDXIpwlRqcM5PL6HH2msZoix7A35JKXnDdfQHh5A&sig=Cg0ArKJSzFvzKP_MiufGEAE&urlfix=1&adurl=
Frame ID: 670F4E9D8285E096F39421BEF11D26F2
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvn45UajDzG7sGPQuKoeHNcLXwqSTBZMFxLen3i950tbFtS8bVkcMRS9l8xQpyPAz-3hnLqAWLeUd7HmDv7dxltUdpeA5wIHyDWeAh2g3i7GacajG3itgtcA1JbKYNFz7vVvwRGfBXul_4G-1WR3ivQ0WTEETMHQuCExJ4YmuNmsbdW_cjMvS6iMCqWRsmJRb-sKkWYXkC6wGSQUbrRpeosZY3P3kWXInsrxKGJ7Ys1how2AeNhrIuK2JgbAjCD3WH0K5zHe-xBtopSV7MAqz-77c9FvBVAgygC&sai=AMfl-YQv3SNZ_VX9BKMRy2apj46Nl7qr9b0IBF4thKRxgWXPU7J7u6r7VG8NOUAOm70EpF08-nZPjTs083ogDeYlPtuvJt7_MWdDDU1MBvJxCg&sig=Cg0ArKJSzB1rMfQOnJRrEAE&urlfix=1&adurl=
Frame ID: 4D94E43B674FB70FF06F17DD33AE91BE
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssT147Z9zZkvzt2_zSRZ_ODsypauqxdFLdEAZe4oUp0Tep2wNNbKaXiviT2ef8ft4hdlCpHAV0igzAQUCTmfaDbyN0bIM65xl9NnqOhjYw0Z91l3WlIUDg9-6LuGfGDqFK-r4Rq7feZDvegApDKdcRiIFdnM5cxb5kpGSEjfkB2G5iK90HIg_g4g9dVuPMK0KgxZZx-YLicVXBhTWZMwHFrWn43v3j_cNXRNDi-V9i_xednr6TTH0zAPClgqC_BfQdTD-cIkE2ctqBwwYXEMMFom2dhH8u9&sai=AMfl-YTQXiLbXsIw4CWsNzQiDNNHxdH99gL97tULFlxc5WN2atXmT7hakIV9fLzwSJU-xbPsuhuUWajMHWeyNzPRCT2LlLxaDEEn5Szy6nS3Tw&sig=Cg0ArKJSzMfW0d-pgqSNEAE&adurl=
Frame ID: 6BBB66049F3E03886FAF083ADEDEC94B
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstn129iC1f27Z5d90yNyj5MgLFQvU1DprbISmH-GaE8RY0ElIr1IIEymTI0KWV3l5omE3Viz_c9XKGMuZd3BAB6ZaJDmFvkA9TNRfpzqiRUAmxAP4EIKh2jIF8kgY2as0shmJOSoJYLZYZCwuLjdXms14kLUmNW_3WU2StTQuT7p0uWbTNotPUV2ClN1eUdEp8pXRve9TCXhGkolH6mv4qg-AzORcjkx9JfZ_kmFDyfZpAZA_NfqMMv1bzgpXkJYT_3&sai=AMfl-YS5-lQF71YRkMYMRwNuAZ-cbNQz_7dCYrvl_Iwq9zp8fwTy6JXAe4iyez936VxbHig_gUCRDNXupFWOSrOjq98QU6Q0fhiHV5lg6kLYIw&sig=Cg0ArKJSzMcxTrYlODpZEAE&urlfix=1&adurl=
Frame ID: 848827BBFE93DCA6796201577ABC17D6
Requests: 7 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10079&campId=300x250&pubId=36174863&chanId=53774423&placementId=128001743&pubCreative=67911598703&pubOrder=282217463&cb=656476056&custom=right1&adsafe_par&impId=
Frame ID: 173D9186061A398668B9B8EF79B5575A
Requests: 2 HTTP requests in this frame

Frame: https://video.unrulymedia.com/native/et_v1.0.1536-0-ge1c0788.js
Frame ID: E360F62A714B5D0C5C7825D510BF6224
Requests: 10 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10079&campId=1x1&pubId=113799503&chanId=53774423&placementId=218007983&pubCreative=94254180023&pubOrder=471976343&cb=1012571553&custom=middle&adsafe_par&impId=
Frame ID: 2F9AEA3D73BB49FC346C7C75E2366F82
Requests: 2 HTTP requests in this frame

Frame: https://video.unrulymedia.com/native/et_v1.0.1536-0-ge1c0788.js
Frame ID: B92DBF01B604BE5DD62FC31F4A1041F5
Requests: 5 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10079&campId=8x8&pubId=113799503&chanId=33739823&placementId=5225067755&pubCreative=138294843343&pubOrder=471976343&cb=1769595359&custom=&adsafe_par&impId=
Frame ID: F0C4638FF665ED401B5733BD429A721B
Requests: 2 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Frame ID: FE3E6AC6847CF99AFCECA84C67261FF5
Requests: 1 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10079&campId=970x250&pubId=4635466512&chanId=53774423&placementId=4870761093&pubCreative=138251962774&pubOrder=2435030858&cb=1177432811&custom=top&adsafe_par&impId=
Frame ID: F5E61D11248B763ED83164907F44C651
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10079&campId=300x600&pubId=4635466512&chanId=53774423&placementId=4870733667&pubCreative=138251963101&pubOrder=2435030858&cb=51464178&custom=right&adsafe_par&impId=
Frame ID: 8C2DB5BA9F7F7C6FBAEBD28DC8245B9C
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10079&campId=300x250&pubId=4635466512&chanId=53774423&placementId=4871301086&pubCreative=138251964595&pubOrder=2435030858&cb=1670030358&custom=right2&adsafe_par&impId=
Frame ID: 42793F326621A882657FF78F12EDC9B7
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10079&campId=300x250&pubId=4635466512&chanId=53774423&placementId=4870730049&pubCreative=138251763494&pubOrder=2435030858&cb=588977422&custom=right3&adsafe_par&impId=
Frame ID: 91828F6AE83166D88785DB220F1A223E
Requests: 2 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 2429CD754FE6DA5690EC3B49FD7FB116
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 8599BD256EAA47A5999426447081FE4E
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 049699FF8855BBC409AAC1FB7F40FAD7
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: D75BD3FD74515E2F43B66861C99B414E
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: EC9DABA8626D8AA4FA1E85AABF934FFA
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: D207443B8CFFB136E7D531A73FC3D88D
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: CAABCE86D89CB4A9B2048C97671513C9
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: B7B5CDF632BE2C5F39F7F2F3993FF9C8
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: F45289876D2F43B4A4E4B278882D8645
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: D79D9B92349C30444E0E8CFB57E427B9
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.4.95.js
Frame ID: EF1E32CABBF3ED0093A5A30530CCD945
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.4.95.js
Frame ID: 4A1CEDCE67A8F3C4582A60EF87F02156
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.4.95.js
Frame ID: D471F7076E8EB7B43C2915DBDDD0B056
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.4.95.js
Frame ID: 658C191852B7DC4CFD528E8BFE665B9B
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.4.95.js
Frame ID: 5B7A018288C7BA348A0AD723021C3204
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.4.95.js
Frame ID: 9A6720018297A42111362EEB76878609
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.4.95.js
Frame ID: C1771EAE6B14A9FE39C3523391C45676
Requests: 1 HTTP requests in this frame

Frame: https://video.unrulymedia.com/iframes/third-party-iframes.html?h=v1.0.1536-0-ge1c0788&siteId=1007979
Frame ID: DD0EB4A0AFF6C9EB17B13C25C5297225
Requests: 1 HTTP requests in this frame

Frame: https://cmp.teads.mgr.consensu.org/index.html
Frame ID: 4CADB4D31F5F0066B464B8D742A8F2BF
Requests: 1 HTTP requests in this frame

Frame: https://cmp.teads.mgr.consensu.org/index.html
Frame ID: D63C50E55BD969612D88AF80C34B4024
Requests: 1 HTTP requests in this frame

Frame: https://sync.teads.tv/iframe?pid=64870&userId=c1fd6d81-04b0-4d0a-b6ec-13b0135fce33&gdprIab={%22status%22:23,%22consent%22:%22%22,%22reason%22:230}&fromFormat=true&env=js-web&1574352765516
Frame ID: 2385B031D93DC2DCC4BF214861EF3D5B
Requests: 1 HTTP requests in this frame

Frame: https://video.unrulymedia.com/native/et_v1.0.1536-0-ge1c0788.js
Frame ID: E62117A80B9D7B80BCEE3A70AC51E26B
Requests: 5 HTTP requests in this frame

Frame: https://video.unrulymedia.com/native/et_v1.0.1536-0-ge1c0788.js
Frame ID: A93B49CE3EDEFEBE62F301EF3166D6DB
Requests: 5 HTTP requests in this frame

Frame: https://static.vidazoo.com/basev/prebid/prebid.js
Frame ID: 62FEF4E7CD6BA280C485236A3B5AB26E
Requests: 2 HTTP requests in this frame

Frame: https://static.vidazoo.com/basev/prebid/prebid.js
Frame ID: 8653DF475FA9742A426AFB750159E12F
Requests: 2 HTTP requests in this frame

Frame: https://static.vidazoo.com/basev/prebid/prebid.js
Frame ID: ABB88F48D54F5FB17F704C6BE84AD6B6
Requests: 2 HTTP requests in this frame

Frame: https://static.vidazoo.com/basev/prebid/prebid.js
Frame ID: BF48639B1882CDB8F44199936087C784
Requests: 2 HTTP requests in this frame

Frame: https://static.vidazoo.com/basev/prebid/prebid.js
Frame ID: 50893D123E2EF7DEED6BD1C4F85AFE72
Requests: 2 HTTP requests in this frame

Frame: https://static.vidazoo.com/basev/prebid/prebid.js
Frame ID: 9E4DA008E745612F526D796D15090059
Requests: 2 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: EF20FE2A23E0195C92FAC413E76C2EA5
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 7E968B6C6456D3704A96ACE6384586E0
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 7B2B1E77899375E45AC283F4CC56B0F6
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: B38F8BDAA71DEB558055AA2CA6B1622C
Requests: 1 HTTP requests in this frame

Frame: https://static.vidazoo.com/basev/prebid/prebid.js
Frame ID: EFADB07E5E4D43980A1163E2FEB98436
Requests: 2 HTTP requests in this frame

Frame: https://static.vidazoo.com/basev/prebid/prebid.js
Frame ID: 15CDF799DCBD345D3C295256340FEF53
Requests: 2 HTTP requests in this frame

Frame: https://static.vidazoo.com/basev/prebid/prebid.js
Frame ID: 416107EB5F1C412FF44D477295EC9B81
Requests: 2 HTTP requests in this frame

Frame: https://static.vidazoo.com/basev/prebid/prebid.js
Frame ID: D50FFA4F1753680D7EA888CECB3FF4DD
Requests: 2 HTTP requests in this frame

Frame: https://static.vidazoo.com/basev/prebid/prebid.js
Frame ID: DFC1204FD79A99E2F9624289064F815E
Requests: 2 HTTP requests in this frame

Frame: https://static.vidazoo.com/basev/prebid/prebid.js
Frame ID: 04E134FBA67535FC2F4EAE54B4C2DE8F
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: 22AE765BE58220FCB6B0404FE73C6850
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190532&cb=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D301804%26extuid%3D&C=1
Frame ID: E20D3C36954E8F29389A6D31BB5AF0C2
Requests: 1 HTTP requests in this frame

Frame: https://dynamic-cdn.spot.im/yad/index.v2.html
Frame ID: 0B7058CEF84A537AF448DF26BC6F42B9
Requests: 1 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/grumi-ip.js
Frame ID: BC6A2B6E533FDD6FB921BC7D410E27D2
Requests: 29 HTTP requests in this frame

Frame: https://sdk.streamrail.com/blade/sr.bladex.js
Frame ID: DB7D0816456CF9BAA570017975FFA5D3
Requests: 10 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 2DDBB6412107131DBE94EC7ADE62B486
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 6DD161C4068672D7135E13FC9D8BE389
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 2A8B35DC445436C55FCD369A1F3A46E8
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 36A5419338EA29F8BDFC5D7A06F889A6
Requests: 1 HTTP requests in this frame

Frame: https://sdk.streamrail.com/mrail/200/cs.html?tc=5cb74c624b194a0001f77d99&org=587dfc37febaab0002000001&sid=cb3621c0-0c79-11ea-b58d-8f1c0bf10514&ip=89.38.96.190&domain=express.co.uk&pv=1252&sv=
Frame ID: F01A6492671C187EC7BA710986320906
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: E1800DBE536738B66C5685542C60BB35
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Frame ID: 42EEFC906DC08AEA8B4CB18BADF58648
Requests: 16 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: C5409476024C0B61BB7E171A52102E62
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Frame ID: DFCBD62A149AEE4D9709082E5EBC8BB6
Requests: 15 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: F32ABEF0471526F1BA67EF16FF09FB46
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: F59CBC1CDD99EDA482224DA85C0764B0
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js
Frame ID: D9BBC0132B4EFA3E15CFE9D5C12CB604
Requests: 6 HTTP requests in this frame

Frame: https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1250361&orgId=21364&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&vrid=58d8697c-b540-4558-8b7f-53624712ceac&pblob=
Frame ID: 709F6C6A99A8DEF3845280B6C6220A8D
Requests: 10 HTTP requests in this frame

Frame: https://cdn.vidible.tv/prod/player/ad-time/local-storage.html
Frame ID: 8E6A74D4A32D3268F82D421207D5D7EF
Requests: 1 HTTP requests in this frame

Frame: https://dtm.advertising.com/ids/411f1e96-3bde-4d85-b17e-63749e5f0695?secure=true
Frame ID: 3F79EA53F6ADC4240A27570DB0FC3546
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: BAA8B0B99C1312526A872AAFD7406564
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: F625EB107F989DA5DDBDDDA9C4DD9F25
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 1C90B18A30FC6C56E9BD745187681040
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Frame ID: 6B8083D66731FE0A05D9D45AB701733E
Requests: 15 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: F36C91D060D97D637C1F35A8E8169230
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 71289B4FBDC91D92D39F27F5A9F39A30
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13399841&gdpr_consent=&dnr=1
Frame ID: 3271144B40997CC08C9458483EA7A380
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 87B24657F1E748668DD3C277940F7426
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 1C9A1BFA39838325FDC4C2819CF63B62
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 53F14EECCDD413C79E137858B5219428
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 0D2AD59AB58D79C2751A1904E50672C4
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 4CA83A9DBF0C778B38451936679B4876
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 7795FDEF4F70E2CCB77DB5A4FC75B3D5
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: CF726026A955591557A4CFB20E5B2C0B
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Frame ID: 7152D3719E5D843A6E32C85F3534ADD6
Requests: 15 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 7CB7599767D72DFC3580950FEE889171
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 219875722CAA1A6A283279EB133157D6
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 5F63322EA1943BD28F0EBF9102B770CC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://shr.gs/kWQbz0R Page URL
  2. https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Do... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /chartbeat\.js/i
Overall confidence: 100%
Detected patterns
  • script /2mdn\.net/i
Overall confidence: 100%
Detected patterns
  • script /2mdn\.net/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
  • script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

708
Requests

94 %
HTTPS

31 %
IPv6

76
Domains

157
Subdomains

130
IPs

9
Countries

10536 kB
Transfer

23843 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://shr.gs/kWQbz0R Page URL
  2. https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52
  • https://platform.twitter.com/oct.js HTTP 301
  • https://static.ads-twitter.com/oct.js
Request Chain 98
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035737&ns__t=1574352758369&ns_c=UTF-8&cv=3.1&c8=Windows%2010%20update%20is%20packed%20with%20dangerous%20ransomware%3A%20do%20not%20download%20%7C%20Express.co.uk&c7=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&c9=http%3A%2F%2Fshr.gs%2FkWQbz0R HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035737&ns__t=1574352758369&ns_c=UTF-8&cv=3.1&c8=Windows%2010%20update%20is%20packed%20with%20dangerous%20ransomware%3A%20do%20not%20download%20%7C%20Express.co.uk&c7=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&c9=http%3A%2F%2Fshr.gs%2FkWQbz0R
Request Chain 100
  • https://js.spotx.tv/directsdk/v1/216448.js HTTP 307
  • https://aka.spotxcdn.com/integration/directsdk/v1/directsdk.js
Request Chain 137
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1733279525&t=pageview&_s=1&dl=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&dr=http%3A%2F%2Fshr.gs%2FkWQbz0R&ul=en-us&de=UTF-8&dt=Windows%2010%20update%20is%20packed%20with%20dangerous%20ransomware%3A%20do%20not%20download%20%7C%20Express.co.uk&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGBACEAjB~&jid=175965675&gjid=21884206&cid=155027759.1574352758&tid=UA-545303-1&_gid=2104700690.1574352758&_r=1&cd9=0&cd2=Tech&cd12=Today&cd13=Aaron%20Brown&cd14=700-800&z=68139352 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-545303-1&cid=155027759.1574352758&jid=175965675&_gid=2104700690.1574352758&gjid=21884206&_v=j79&z=68139352 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-545303-1&cid=155027759.1574352758&jid=175965675&_v=j79&z=68139352 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-545303-1&cid=155027759.1574352758&jid=175965675&_v=j79&z=68139352&slf_rd=1&random=91290240
Request Chain 138
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1733279525&t=pageview&_s=1&dl=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&dr=http%3A%2F%2Fshr.gs%2FkWQbz0R&ul=en-us&de=UTF-8&dt=Windows%2010%20update%20is%20packed%20with%20dangerous%20ransomware%3A%20do%20not%20download%20%7C%20Express.co.uk&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGBACEAjB~&jid=1189842080&gjid=2023753298&cid=93605309.1574352759&tid=UA-123584808-1&_gid=326258054.1574352759&_r=1&cd9=express&cd2=93605309.1574352759&cd12=1207000&cd13=Windows%2010%20update%20is%20packed%20with%20dangerous%20ransomware%20-%20do%20not%20download!&cd14=2019-11-21&gtm=2wgav9NX7XL77&cd4=responsive&cd7=express&cd8=nationals&cd10=article&cd15=Aaron%20Brown&cd16=windows%2010%20update&cd28=windows%2010%20update%7Cwindows%2010%20upgrade%7Cwindows%2010%20new%20features%7Cwindows%2010%20ransomware%7Cwindows%2010%20upgrade&cd29=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&cd32=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_6)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F78.0.3904.97%20Safari%2F537.36&cd33=06%3A01%3A00&z=1191150580 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-123584808-1&cid=93605309.1574352759&jid=1189842080&_gid=326258054.1574352759&gjid=2023753298&_v=j79&z=1191150580
Request Chain 176
  • https://sync.search.spotxchange.com/partner?source=dados HTTP 302
  • https://sync.search.spotxchange.com/partner?source=dados&__user_check__=1&sync_id=bd0ba690-0c79-11ea-b3a2-1929eb630406
Request Chain 193
  • https://bcp.crwdcntrl.net/5/c=7101/ctax=Campaigns%5E4635466512%5E2435030858%5E4870761093%5E%5EImpression-4870761093138251962774 HTTP 302
  • https://bcp.crwdcntrl.net/5/ct=y/c=7101/ctax=Campaigns%5E4635466512%5E2435030858%5E4870761093%5E%5EImpression-4870761093138251962774
Request Chain 198
  • https://bcp.crwdcntrl.net/5/c=7101/ctax=Campaigns%5E4635466512%5E2435030858%5E4870733667%5E%5EImpression-4870733667138251963101 HTTP 302
  • https://bcp.crwdcntrl.net/5/ct=y/c=7101/ctax=Campaigns%5E4635466512%5E2435030858%5E4870733667%5E%5EImpression-4870733667138251963101
Request Chain 202
  • https://bcp.crwdcntrl.net/5/c=7101/ctax=Campaigns%5E4635466512%5E2435030858%5E4871301086%5E%5EImpression-4871301086138251964595 HTTP 302
  • https://bcp.crwdcntrl.net/5/ct=y/c=7101/ctax=Campaigns%5E4635466512%5E2435030858%5E4871301086%5E%5EImpression-4871301086138251964595
Request Chain 206
  • https://bcp.crwdcntrl.net/5/c=7101/ctax=Campaigns%5E4635466512%5E2435030858%5E4870730049%5E%5EImpression-4870730049138251763494 HTTP 302
  • https://bcp.crwdcntrl.net/5/ct=y/c=7101/ctax=Campaigns%5E4635466512%5E2435030858%5E4870730049%5E%5EImpression-4870730049138251763494
Request Chain 210
  • https://bcp.crwdcntrl.net/5/c=7101/ctax=Campaigns%5E113799503%5E471976343%5E218007983%5E%5EImpression-21800798394254180023 HTTP 302
  • https://bcp.crwdcntrl.net/5/ct=y/c=7101/ctax=Campaigns%5E113799503%5E471976343%5E218007983%5E%5EImpression-21800798394254180023
Request Chain 218
  • https://bcp.crwdcntrl.net/5/c=7101/ctax=Campaigns%5E36174863%5E282217463%5E128001743%5E%5EImpression-12800174367911598703 HTTP 302
  • https://bcp.crwdcntrl.net/5/ct=y/c=7101/ctax=Campaigns%5E36174863%5E282217463%5E128001743%5E%5EImpression-12800174367911598703
Request Chain 299
  • https://google.com/adsense/ad HTTP 302
  • https://www.google.com/adsense/ad?hl=en_US
Request Chain 421
  • https://sb.scorecardresearch.com/p?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1574352765181&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=78453135&cs_ucfr=1 HTTP 302
  • https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1574352765181&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=78453135&cs_ucfr=1
Request Chain 424
  • https://sb.scorecardresearch.com/p?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1574352765215&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=36088046&cs_ucfr=1 HTTP 302
  • https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1574352765215&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=36088046&cs_ucfr=1
Request Chain 512
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1733279525&t=event&_s=7&dl=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&dr=http%3A%2F%2Fshr.gs%2FkWQbz0R&ul=en-us&de=UTF-8&dt=Windows%2010%20update%20is%20packed%20with%20dangerous%20ransomware%3A%20do%20not%20download%20%7C%20Express.co.uk&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Scroll%20Depth&ea=Article%20Length&el=2844&_u=aGBACEAjB~&jid=2029692550&gjid=891373905&cid=155027759.1574352758&tid=UA-545303-1&_gid=2104700690.1574352758&_r=1&cd9=0&cd2=Tech&cd12=Today&cd13=Aaron%20Brown&cd14=700-800&z=1728406355 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-545303-1&cid=155027759.1574352758&jid=2029692550&_gid=2104700690.1574352758&gjid=891373905&_v=j79&z=1728406355 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-545303-1&cid=155027759.1574352758&jid=2029692550&_v=j79&z=1728406355 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-545303-1&cid=155027759.1574352758&jid=2029692550&_v=j79&z=1728406355&slf_rd=1&random=1537033697
Request Chain 516
  • https://ssum.casalemedia.com/usermatch?s=190532&cb=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D301804%26extuid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatch?s=190532&cb=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D301804%26extuid%3D&C=1
Request Chain 518
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D271858%26extuid%3D%24UID HTTP 302
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.spotim.market%252Fcsync%253Ft%253Da%2526ep%253D271858%2526extuid%253D%2524UID HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=271858&extuid=2277675776462304903
Request Chain 519
  • https://sync.search.spotxchange.com/partner?source=211945 HTTP 302
  • https://sync.search.spotxchange.com/partner?source=211945&__user_check__=1&sync_id=ca6104f2-0c79-11ea-a743-180e33a52006
Request Chain 521
  • https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%2F%3Ft%3Da%26ep%3D301276%26extuid%3D%24SPOTX_USER_ID%20 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%2F%3Ft%3Da%26ep%3D301276%26extuid%3D%24SPOTX_USER_ID%20&__user_check__=1&sync_id=ca613413-0c79-11ea-84c8-1a27ea401506 HTTP 302
  • https://sync.spotim.market/csync/?t=a&ep=301276&extuid=ca6133b7-0c79-11ea-84c8-1a27ea401506
Request Chain 634
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm=&google_sc=&google_tc= HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEDBiSE-eq8KEP_zw6gRKqHA&google_cver=1 HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEDBiSE-eq8KEP_zw6gRKqHA&google_cver=1&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEDBiSE-eq8KEP_zw6gRKqHA&google_cver=1&apid=UPcd30b9fa-0c79-11ea-b3b4-024295d6aa7e HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEDBiSE-eq8KEP_zw6gRKqHA&google_cver=1&apid=UPcd30b9fa-0c79-11ea-b3b4-024295d6aa7e&verify=true
Request Chain 636
  • https://sync-tm.everesttech.net/upi/pid/m7y5t93k?redir=https%3A%2F%2Fsync.adap.tv%2Fsync%3Ftype%3Dgif%26key%3Dtubemogul%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?redir=https%3A%2F%2Fsync.adap.tv%2Fsync%3Ftype%3Dgif%26key%3Dtubemogul%26uid%3D%24%7BUSER_ID%7D&_test=Xda3kgAAAKY4QTvh
Request Chain 637
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
  • https://pixel.advertising.com/ups/55953/sync?uid=b1cd176c-31a8-4d95-a9a4-c058dc23cbde&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=b1cd176c-31a8-4d95-a9a4-c058dc23cbde
Request Chain 638
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm=&google_sc=&google_tc= HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEPDv1MhgDrNw6zUs0Hp2Q6w&google_cver=1 HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEPDv1MhgDrNw6zUs0Hp2Q6w&google_cver=1&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEPDv1MhgDrNw6zUs0Hp2Q6w&google_cver=1&apid=UPcd324091-0c79-11ea-8b1d-061a16b2633a HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEPDv1MhgDrNw6zUs0Hp2Q6w&google_cver=1&apid=UPcd324091-0c79-11ea-8b1d-061a16b2633a&verify=true
Request Chain 640
  • https://sync-tm.everesttech.net/upi/pid/m7y5t93k?redir=https%3A%2F%2Fsync.adap.tv%2Fsync%3Ftype%3Dgif%26key%3Dtubemogul%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?redir=https%3A%2F%2Fsync.adap.tv%2Fsync%3Ftype%3Dgif%26key%3Dtubemogul%26uid%3D%24%7BUSER_ID%7D&_test=Xda3kgAAAHicnn6l HTTP 302
  • https://sync.adap.tv/sync?type=gif&key=tubemogul&uid=Xda3kgAAAHicnn6l&_test=Xda3kgAAAHicnn6l HTTP 302
  • https://sync.adaptv.advertising.com/sync?type=gif&key=tubemogul&uid=Xda3kgAAAHicnn6l&_test=Xda3kgAAAHicnn6l
Request Chain 641
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
  • https://pixel.advertising.com/ups/55953/sync?uid=b1cd176c-31a8-4d95-a9a4-c058dc23cbde&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=b1cd176c-31a8-4d95-a9a4-c058dc23cbde
Request Chain 688
  • https://sync-tm.everesttech.net/upi/pid/m7y5t93k?redir=https%3A%2F%2Fsync.adap.tv%2Fsync%3Ftype%3Dgif%26key%3Dtubemogul%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?redir=https%3A%2F%2Fsync.adap.tv%2Fsync%3Ftype%3Dgif%26key%3Dtubemogul%26uid%3D%24%7BUSER_ID%7D&_test=Xda3kgAAAEhpzgxi
Request Chain 689
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_sc HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEMtaU_y-4GSNvY0KvlMVR6g&google_cver=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEMtaU_y-4GSNvY0KvlMVR6g&google_cver=1&apid=UPcd30b9fa-0c79-11ea-b3b4-024295d6aa7e
Request Chain 690
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
  • https://pixel.advertising.com/ups/55953/sync?uid=7f345b1c-7ac1-44eb-8b3a-985e4a0bb2af&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=7f345b1c-7ac1-44eb-8b3a-985e4a0bb2af HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=7f345b1c-7ac1-44eb-8b3a-985e4a0bb2af&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=7f345b1c-7ac1-44eb-8b3a-985e4a0bb2af&apid=UPcd30b9fa-0c79-11ea-b3b4-024295d6aa7e
Request Chain 693
  • https://ap.lijit.com/beacon?informer=13399841&gdpr_consent= HTTP 302
  • https://ap.lijit.com/beacon?informer=13399841&gdpr_consent=&dnr=1
Request Chain 720
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_sc HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESECYznXnNGeCq_Nc0IM0QLtE&google_cver=1 HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESECYznXnNGeCq_Nc0IM0QLtE&google_cver=1&verify=true
Request Chain 721
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
  • https://pixel.advertising.com/ups/55953/sync?uid=6cc449b9-7d77-4303-8d22-74289895e2cf&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=6cc449b9-7d77-4303-8d22-74289895e2cf

708 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
kWQbz0R
shr.gs/ 		326 B
603 B 		Document
General
Check archive.org
Download Go to
Full URL
http://shr.gs/kWQbz0R
Protocol
HTTP/1.1
Server
52.49.16.186 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-49-16-186.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6206969259a92a3949d51603f3b68ffe1430534309ee658d0598edc9461ebd8a

Request headers

Host
shr.gs
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:37 GMT
Content-Length
195
Content-Type
text/html; charset=utf-8
Cache-Control
no-cache
Pragma
no-cache
Content-Encoding
gzip
Expires
-1
Vary
Accept-Encoding
X-Version
1
X-LegacyProxy
true
X-CallID
5cd8531886b14d8d9fb6e25c2a9f1938
X-Server
eu1a-web501
P3P
CP="IDC COR PSA DEV ADM OUR IND ONL"
X-Gigya-HA-cfg-ver
5
X-Robots-Tag
none
Primary Request Windows-10-Update-Ransomware-Do-Not-Download
www.express.co.uk/life-style/science-technology/1207000/ 		126 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Requested by
Host: shr.gs
URL: http://shr.gs/kWQbz0R
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:1200:e:515c:9940:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
000c9b5f6b151793eb9cdea83f3e6b1b98529f87917a7018ca880b4126fe55e5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src 'self' blob: *.brightcove.com ; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; img-src https: data: blob: http: *.images.express.co.uk *.images.dailyexpress.co.uk; media-src https: data: blob:; font-src https: data:; frame-src https: data: blob:; connect-src https: wss: blob:; object-src https:;
Strict-Transport-Security max-age=180

Request headers

:method
GET
:authority
www.express.co.uk
:scheme
https
:path
/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
http://shr.gs/kWQbz0R
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
http://shr.gs/kWQbz0R

Response headers

status
200
content-type
text/html; charset=UTF-8
date
Thu, 21 Nov 2019 16:12:37 GMT
server
nginx
x-ua-compatible
IE=edge,chrome=1
cache-control
public,max-age=180
content-security-policy
upgrade-insecure-requests; default-src 'self' blob: *.brightcove.com ; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; img-src https: data: blob: http: *.images.express.co.uk *.images.dailyexpress.co.uk; media-src https: data: blob:; font-src https: data:; frame-src https: data: blob:; connect-src https: wss: blob:; object-src https:;
strict-transport-security
max-age=180
expires
Thu, 21 Nov 2019 16:15:37 GMT
content-encoding
gzip
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
via
1.1 e5b747ffd1713cb17ddd7d55234a3301.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
ZfHiYVijJ6MXeNgFSCoDCRilF5x6bo5XOpzoGiI9I5jBhcy83ZFKLw==
70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
scripts.webcontentassessor.com/scripts/ 		90 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.101.62 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-101-62.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
190d9f8c18f5fc92ad2f29f95bd5e0fb0ea273718a5ee61fd418537180e0dfbb

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 15:16:43 GMT
content-encoding
gzip
last-modified
Thu, 21 Nov 2019 15:04:04 GMT
server
AmazonS3
age
3355
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=3600,stale-if-error=86400,stale-while-revalidate=3600
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
x-gHg3886PL2yFNJ0yuhIJGQiaHkZjbfi4If2t4TON__PkIAm0o6LA==
via
1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
vendor-header20190523.min.js
cdn.images.express.co.uk/theme/Responsive/js/dist/ 		101 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.images.express.co.uk/theme/Responsive/js/dist/vendor-header20190523.min.js
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:fe00:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1736daaeadfccedf08c180425fc810c77ff528696691940d49a27545cc0ea6e9

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Fri, 12 Jul 2019 20:30:48 GMT
content-encoding
gzip
age
11389310
x-cache
Hit from cloudfront
status
200
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
last-modified
Thu, 23 May 2019 11:19:10 GMT
server
AmazonS3
vary
Accept-Encoding
access-control-allow-methods
HEAD, GET, POST
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=32592000
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
Yl38r2nVh8r3P9Yj3z2PDuunLw0X97fDoGQy-ANGDaMvxXrJ7nEFiA==
cmp3p.js
consent.cmp.oath.com/ 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cmp.oath.com/cmp3p.js
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:135:155a:23ba:b2a:25ff:122d , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECD (fcn/40D5) /
Resource Hash
5bfb8ad6d8d501fd1e8f6bf2fd61e315735bf56cc94ab79911ea0a0019916aa9

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:12:37 GMT
content-encoding
gzip
x-amz-request-id
21F520426E87DE4E
x-cache
HIT
status
200
content-length
9438
x-amz-id-2
EB5tnt+YFJSyFJ7pRxkl8QF7W8jGMnkuGDu9iAIZRoGxbM9z0VbR1aEtWM3N1eB/ZhEfBLM/daI=
x-amz-expiration
expiry-date="Thu, 26 Nov 2020 00:00:00 GMT", rule-id="aolp-ds-prd-cmp-us-east-1"
last-modified
Tue, 22 Oct 2019 16:52:55 GMT
server
ECD (fcn/40D5)
etag
"8163e43872580b2f6f7d16a96a683951+gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=300
accept-ranges
bytes
expires
Thu, 21 Nov 2019 16:17:37 GMT
app-init20191121.min.js
cdn.images.express.co.uk/theme/Responsive/js/dist/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.images.express.co.uk/theme/Responsive/js/dist/app-init20191121.min.js
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:fe00:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fcb9b6b422c65923b0ae2435307bea3664996e355379dc2b1d341402bea111ba

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 10:01:38 GMT
content-encoding
gzip
age
22260
x-cache
Hit from cloudfront
status
200
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
last-modified
Thu, 21 Nov 2019 08:48:50 GMT
server
AmazonS3
vary
Accept-Encoding
access-control-allow-methods
HEAD, GET, POST
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=32592000
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
oOsLVmScn4ytcQpXNBxyRUxDbaZ9EnZYTa68ZfYaPlydZTxt-ysVXw==
channels.cgi
trinitymirror.grapeshot.co.uk/national/ 		404 B
552 B 		Script
General
Check archive.org
Download Go to
Full URL
https://trinitymirror.grapeshot.co.uk/national/channels.cgi?url=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
148.64.56.194 , United Kingdom, ASN200981 (GRAPESHOT-UK-1, GB),
Reverse DNS
server194.hml.grapeshot.co.uk
Software
/
Resource Hash
12f44c13b4c354151a29c98ced217e546657f4fbe668c4d51e2eabc6653fc064
Security Headers
Name Value
Strict-Transport-Security max-age=157680000

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Strict-Transport-Security
max-age=157680000
Connection
Keep-Alive
Content-Length
404
Content-Type
application/javascript
utag.sync.js
tags.tiqcdn.com/utag/northern-and-shell/dx/prod/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/northern-and-shell/dx/prod/utag.sync.js
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.241 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (lha/8C91) /
Resource Hash
82e92136be291488f0755e572386d60e2e945ca1eb54d55703c5aaa5560b3336

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:12:37 GMT
content-encoding
gzip
last-modified
Thu, 03 Oct 2019 15:08:54 GMT
server
ECAcc (lha/8C91)
etag
"583176688"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=300
accept-ranges
bytes
content-length
1713
expires
Thu, 21 Nov 2019 16:17:37 GMT
css
fonts.googleapis.com/ 		13 KB
940 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?display=swap&family=Open+Sans+Condensed:300,700%7COpen+Sans:300,400,600
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
cf30cedeb987a5fd3ce2c458fe515fecb3e6805c6d364b2c5ef69b4a59cbf90e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 21 Nov 2019 16:12:37 GMT
server
ESF
access-control-allow-origin
*
date
Thu, 21 Nov 2019 16:12:37 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Thu, 21 Nov 2019 16:12:37 GMT
app20191121.min.css
cdn.images.express.co.uk/theme/Responsive/css/dist/ 		332 KB
59 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.images.express.co.uk/theme/Responsive/css/dist/app20191121.min.css
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:fe00:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9174c07f970ba7944bf1e17f96c8a6ab70c3e559a6c006e41a88a40ba9b83bf0

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 10:01:36 GMT
content-encoding
gzip
age
22262
x-cache
Hit from cloudfront
status
200
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
last-modified
Thu, 21 Nov 2019 08:48:51 GMT
server
AmazonS3
vary
Accept-Encoding
access-control-allow-methods
HEAD, GET, POST
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=32592000
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
iJyfODXDwVPxj7KYugOIluLuV2a4zbXEaevC3a7-tn7C3lLgZBufew==
gigya.js
cdns.gigya.com/JS/ 		302 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdns.gigya.com/JS/gigya.js?apiKey=3_BBXBRC0QUUloJ0Hujw4HOY17aLrL0Uy8FDx59O4-PrYbWWtrnCBKphB69PH9tXSb
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.110 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-225-110.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6893bc326beb26f9d6152d1a7479f457f5af57f66d99936938026368ca2e5710

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:37 GMT
Content-Encoding
gzip
X-Soa
true, Gator
P3P
CP="IDC COR PSA DEV ADM OUR IND ONL"
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
X-CallID
6dc7a80e6ed4460087c5b79b568f29cd
Cache-Control
public, max-age=900, s-maxage=3600
X-Server
us1d-nomad-g10
Connection
keep-alive
X-Robots-Tag
none
X-Gigya-HA-cfg-ver
5
Content-Length
103571
Expires
Thu, 21 Nov 2019 16:27:37 GMT
bundle.js
www.spot.im/embed/modules/launcher/ 		245 KB
246 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.spot.im/embed/modules/launcher/bundle.js?module=messages-count
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.63 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip0x03f.map2.ssl.hwcdn.net
Software
/
Resource Hash
d629949a714b64d9cddb6c0bf7cbf356ddb21821c4a36792c62b0edccba858d6

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:37 GMT
Last-Modified
Mon, 24 Jun 2019 15:40:16 GMT
ETag
"1561390816"
X-HW
1574352757.dop132.fr8.t,1574352757.cds142.fr8.shn,1574352757.cds142.fr8.pr
Content-Type
application/javascript
Cache-Control
max-age=300
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
251097
sfp.js
native.sharethrough.com/assets/ 		397 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://native.sharethrough.com/assets/sfp.js
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.196.40 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-224-196-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4eb38fb30f4223025a1a2129eeb6900e4083ab14b34deef2c3679b8e5c4d6577

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 10:04:17 GMT
content-encoding
gzip
last-modified
Wed, 20 Nov 2019 17:04:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
status
200
cache-control
public, max-age=3600
x-amz-cf-id
Uqrz2j303Y0V9v-nRFdliac5N0f_Ftjjb5FeZV-E_lobFFV_BPpQfg==
via
1.1 9e62923882d737ac8cd27f0d1b1c24cf.cloudfront.net (CloudFront)
expires
Wed, 20 Nov 2019 18:04:02 GMT
1eWNpP6x0acZ
cdn.onthe.io/io.js/ 		62 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onthe.io/io.js/1eWNpP6x0acZ
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
142.93.164.216 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
6f55a5dc4a864122259790ca861842fa67dd29f310bc180ec6c20b0919896c1d

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:37 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 Jun 2019 10:15:43 GMT
Server
nginx
ETag
W/"5d0b5ccf-f997"
Transfer-Encoding
chunked
Content-Type
text/javascript
Cache-Control
max-age=86400, public
Connection
keep-alive
Expires
Mon, 28 Oct 2019 10:17:43 GMT
placeholder-horizontal.gif
cdn.images.express.co.uk/img/page/ 		43 B
530 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.images.express.co.uk/img/page/placeholder-horizontal.gif
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:fe00:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4e568073a900787fc46710900fe2556d4a6c7c7469ca1da96def7e8585e032b2

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Fri, 12 Jul 2019 20:30:48 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
age
11389310
x-cache
Hit from cloudfront
status
200
content-length
43
last-modified
Mon, 03 Jul 2017 10:59:57 GMT
server
AmazonS3
etag
"4fbc394c3a6963668a320c2439494183"
access-control-allow-methods
HEAD, GET, POST
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=32592000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
HC2fgpPO2wsmuzOUVXVXFssjGTrJnDaHieRHyGOMDNbkfgkRryAzCQ==
expires
Mon, 3 Jan 2022 12:08:50 UTC
Windows-10-Update-Malware-1207000.webp
cdn.images.express.co.uk/img/dynamic/59/590x/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.images.express.co.uk/img/dynamic/59/590x/Windows-10-Update-Malware-1207000.webp?r=1574322558487
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:fe00:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
46f6f250c349f2c386754d2dcfcc2e7bd41766f6aec587d2a0e21f823584ec01

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 08:03:54 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-cache
RefreshHit from cloudfront
status
200
content-length
26556
last-modified
Thu, 21 Nov 2019 07:49:24 GMT
server
AmazonS3
etag
"dfcaea2cc2ea956ed8dff5d089a0f2e9"
access-control-allow-methods
HEAD, GET, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=300
accept-ranges
bytes
x-amz-cf-id
me8w-ty-XIyBcbMrEcxJPENBxO-oKpzElspo4Md49CJdZTbTjJgKgw==
1205726_1.jpg
cdn.images.express.co.uk/img/dynamic/59/285x190/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.images.express.co.uk/img/dynamic/59/285x190/1205726_1.jpg
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:fe00:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
95c84c9434b9a53d11b1f194a692128d3880476c2a9462f4b528d1edddcdfd67

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Wed, 20 Nov 2019 04:53:04 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-cache
RefreshHit from cloudfront
status
200
content-length
15803
last-modified
Sun, 17 Nov 2019 22:38:39 GMT
server
AmazonS3
etag
"80cb311d105dfa26e1d415967ca3bcf9"
access-control-allow-methods
HEAD, GET, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=300
accept-ranges
bytes
x-amz-cf-id
l8-eTGfWPy1bNNjcZSNagQ5NXVJZCnA3QKbtrOAAaAZQ1KimJF2Ufw==
1206486_1.jpg
cdn.images.express.co.uk/img/dynamic/59/285x190/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.images.express.co.uk/img/dynamic/59/285x190/1206486_1.jpg
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:fe00:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bf72482b7ae41ea7b071271fc38688c008a6cafbfd4149ed17eb21885bf1ca16

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 07:18:39 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-cache
RefreshHit from cloudfront
status
200
content-length
11051
last-modified
Tue, 19 Nov 2019 17:05:16 GMT
server
AmazonS3
etag
"0c87a269f4e2d082f16787397f88a121"
access-control-allow-methods
HEAD, GET, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=300
accept-ranges
bytes
x-amz-cf-id
XDCM1lusI3GzvIIdys980vBySk94DqABQqwUbR94okZjwg40nQutiw==
Windows-10-Virus-2175249.webp
cdn.images.express.co.uk/img/dynamic/59/590x/secondary/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.images.express.co.uk/img/dynamic/59/590x/secondary/Windows-10-Virus-2175249.webp?r=1574322563968
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:fe00:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4224e10bdeb1f864418374e6ad5ad4a94a7f1b3d656d19067c76df09e6ff227c

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 08:03:55 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-cache
RefreshHit from cloudfront
status
200
content-length
19706
last-modified
Wed, 20 Nov 2019 16:05:35 GMT
server
AmazonS3
etag
"c7dd60ff4c5786b42872a2681d744268"
access-control-allow-methods
HEAD, GET, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=300
accept-ranges
bytes
x-amz-cf-id
BK6EC6lX6WZrfGCO-W8Q63IWJQRlTMFZsIuZGerwRMJb9nsdtpIVDw==
index.min.js
players.brightcove.net/2540076170001/VLKU4hbDPX_default/ 		995 KB
262 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.159 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-225-159.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1ee6e5bd0cb84577bbcc4b8db73073b1a43a68e4881355e70cdfcb8268f151c9

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

x-amz-version-id
F86l26RFX1VEwjF0hRYWe.lD35hCzf6J
Content-Encoding
gzip
x-amz-request-id
FB9F896726E068FC
Date
Thu, 21 Nov 2019 16:12:37 GMT
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
267594
x-amz-id-2
0+1pmWMYDypVkcGNiYJ26hh0IdyuNpzNgV6oWd0ij3Y4FTRqG8VrTmAhG77CemsU0Jt9nZLp3JQ=
X-BCOV-Response-Mode
1
X-Served-By
cache-hhn4035-HHN
Last-Modified
Thu, 03 Oct 2019 14:10:57 GMT
Server
AmazonS3
X-Timer
S1570112144.084181,VS0,VE2
ETag
"5eefef2ec7dbb228ac8e67c5ac234218"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=274
Accept-Ranges
bytes
X-Cache-Hits
1
outbrain.js
widgets.outbrain.com/ 		108 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.215 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-225-215.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1748a106aac15f3bf5c54191ca758c644ce07d25ff682209e7aa167e98541b4a

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:37 GMT
Content-Encoding
gzip
Last-Modified
Thu, 21 Nov 2019 13:53:45 GMT
Server
Apache
ETag
"7bf03175fbe347659baebacf5cade1bd:1574344778"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=14400
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
37498
sp_9LMINbK9
recirculation.spot.im/spot/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://recirculation.spot.im/spot/sp_9LMINbK9
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.19 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-19.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

access-control-allow-origin
*, *
sp_9LMINbK9
launcher.spot.im/spot/ 		235 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launcher.spot.im/spot/sp_9LMINbK9
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.17 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-17.deploy.static.akamaitechnologies.com
Software
istio-envoy /
Resource Hash
06c14672684f33cc86da5a83b017a0339f4e1f25bc33e370bb9d355dfc0f80f4

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:12:38 GMT
content-encoding
gzip
server
istio-envoy
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=79
x-envoy-upstream-service-time
2
content-length
49826
expires
Thu, 21 Nov 2019 16:13:57 GMT
1207528_1.webp
cdn.images.express.co.uk/img/dynamic/79/132x88/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.images.express.co.uk/img/dynamic/79/132x88/1207528_1.webp
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:fe00:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9efdf82e2faa47ad038553127d3e69541dfdf878c04307a8796ed1a472dc3d4f

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:10:08 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
age
151
x-cache
Hit from cloudfront
status
200
content-length
2878
last-modified
Thu, 21 Nov 2019 16:09:14 GMT
server
AmazonS3
etag
"44ed812d03eabb4a719763101586dbad"
access-control-allow-methods
HEAD, GET, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=300
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
cfto4wsfFa8KtPznYr9dtIh3dW9TEc3X5bmy2Gz4v6TJe2I_9HPXxQ==
1207520_1.webp
cdn.images.express.co.uk/img/dynamic/36/132x88/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.images.express.co.uk/img/dynamic/36/132x88/1207520_1.webp
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:fe00:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7a9a44a6ded7317780cda764f8ed8dbe43041e0cfaaa1f4f2edc0e16dcde8543

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 15:55:38 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
age
114
x-cache
Hit from cloudfront
status
200
content-length
3296
last-modified
Thu, 21 Nov 2019 15:55:10 GMT
server
AmazonS3
etag
"ea99d655c09dc9e352d2d6fdd5ec4627"
access-control-allow-methods
HEAD, GET, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=300
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
NUl6x5UWAWixZSsyWcZAawVlbrl5YgSV_sCyAJ60Zc4RChuVGyTiAw==
1207515_1.webp
cdn.images.express.co.uk/img/dynamic/79/132x88/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.images.express.co.uk/img/dynamic/79/132x88/1207515_1.webp
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:fe00:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e0337bdb1379b865ff9263c3588ffae213e27a95de9e8cb81fab92dc7a28a872

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 15:36:42 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
age
20
x-cache
Hit from cloudfront
status
200
content-length
3338
last-modified
Thu, 21 Nov 2019 15:34:10 GMT
server
AmazonS3
etag
"b4e3248e56bfb38388d2f761ea19ace0"
access-control-allow-methods
HEAD, GET, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=300
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
e_BBnuetXFGdKI3hFaE2xvS6FT8XGAHsxZiE8su-pX3U67p_A4P_KQ==
1207514_1.webp
cdn.images.express.co.uk/img/dynamic/23/132x88/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.images.express.co.uk/img/dynamic/23/132x88/1207514_1.webp
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:fe00:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
029774867da65181bbb235527790df5d67d29f732db0cdb4cc6393335606d3d4

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 15:35:42 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
age
65
x-cache
Hit from cloudfront
status
200
content-length
3052
last-modified
Thu, 21 Nov 2019 15:33:51 GMT
server
AmazonS3
etag
"6dce11a36270aea44689f78697370b88"
access-control-allow-methods
HEAD, GET, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=300
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
5wTRMcAtA2dPGtVci77VKI9Ko5wePx_2LIr6s8zY0ioSDXSOoad8rg==
1207512_1.webp
cdn.images.express.co.uk/img/dynamic/67/132x88/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.images.express.co.uk/img/dynamic/67/132x88/1207512_1.webp
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:fe00:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
46446e08c694ab843d14b281d43845ae2c21a2a3a312363a5dd7575fd2f77853

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 15:33:10 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
age
216
x-cache
Hit from cloudfront
status
200
content-length
3696
last-modified
Thu, 21 Nov 2019 15:31:59 GMT
server
AmazonS3
etag
"e7d8b459bc491be8e18b2ed08a092af6"
access-control-allow-methods
HEAD, GET, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=300
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
WWL8fyVOH0jZyo3iZ2UCpTfOGXOitC15nq2ZRN2BhmRfJNERYJkE6A==
1207341_1.webp
cdn.images.express.co.uk/img/dynamic/59/183x122/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.images.express.co.uk/img/dynamic/59/183x122/1207341_1.webp
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:fe00:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c4a69211b6c53d1cbbcd83d1889e947f090d34704a83edafaeae612c07e42247

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 09:52:13 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
age
216
x-cache
Hit from cloudfront
status
200
content-length
5890
last-modified
Thu, 21 Nov 2019 09:47:29 GMT
server
AmazonS3
etag
"8e199c14c07f9d7f5b46fb08868e1ad6"
access-control-allow-methods
HEAD, GET, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=300
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
9Pk6fnr3LXnV1GpKrmAv1ab0SOtTFImwA0D7j_Mb6dN9_lPg-ginMg==
1206941_1.webp
cdn.images.express.co.uk/img/dynamic/59/183x122/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.images.express.co.uk/img/dynamic/59/183x122/1206941_1.webp
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:fe00:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c54f2d72e7a8b521ade38e605113b44cc9b27c2f3c91e34b38cfe3801f8f1dba

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 07:04:38 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
age
216
x-cache
Hit from cloudfront
status
200
content-length
3950
last-modified
Wed, 20 Nov 2019 14:21:47 GMT
server
AmazonS3
etag
"931324d0c27c6fc169da9bc9fa8357ad"
access-control-allow-methods
HEAD, GET, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=300
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
baVBBdz0-gw-6aLkP33qdIEO5J2JDd23bVIl_fm9ydYacnv5SzF0VQ==
1207077_1.webp
cdn.images.express.co.uk/img/dynamic/59/183x122/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.images.express.co.uk/img/dynamic/59/183x122/1207077_1.webp
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:fe00:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0fe5d2c22cdc8c40ff73d008cf62e37b3562ce56c31045590c29236f5cb5090c

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 06:31:12 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
age
216
x-cache
Hit from cloudfront
status
200
content-length
1784
last-modified
Wed, 20 Nov 2019 18:11:14 GMT
server
AmazonS3
etag
"89574170dd6e3c3e5ad25db2faa776ef"
access-control-allow-methods
HEAD, GET, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=300
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
fCWlFjs0Wb9OD1s3eT8yFIhuDLo1PheVlvXfc6VLYI0fQw7TgGi-HQ==
1207064_1.webp
cdn.images.express.co.uk/img/dynamic/59/183x122/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.images.express.co.uk/img/dynamic/59/183x122/1207064_1.webp
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:fe00:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
35a645b45441c92532ede683748cf99a90b6624b074e9a6813fdc82576797776

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:09:03 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
age
216
x-cache
Hit from cloudfront
status
200
content-length
4186
last-modified
Wed, 20 Nov 2019 17:57:11 GMT
server
AmazonS3
etag
"9fa0b7683ca70cffd8039cf09cff92cb"
access-control-allow-methods
HEAD, GET, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=300
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
aaTpAQ-DflExWVmYayfCilUvE8KCI4ABsvMvxYp1wse_gBdfEdmobA==
1207019_1.webp
cdn.images.express.co.uk/img/dynamic/59/183x122/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.images.express.co.uk/img/dynamic/59/183x122/1207019_1.webp
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:fe00:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ba29172452d4111625d63dad135641dbec15ed3c2acc940334e3de725a67e5ab

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:09:03 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
age
216
x-cache
Hit from cloudfront
status
200
content-length
7378
last-modified
Wed, 20 Nov 2019 16:33:46 GMT
server
AmazonS3
etag
"a56d69ebaff5e96754f3e967147e11dc"
access-control-allow-methods
HEAD, GET, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=300
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
vzmiVHE4FrN5QJ-Bf0bgF0zrG2SC2knXCUmHibiZjuT3OkvnnwtKDQ==
1206869_1.webp
cdn.images.express.co.uk/img/dynamic/59/183x122/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.images.express.co.uk/img/dynamic/59/183x122/1206869_1.webp
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:fe00:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a01c389e65b713a87a5112f08364cd3940bcb5c8830e3e13020cfe089acea0e2

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 06:07:50 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
age
216
x-cache
Hit from cloudfront
status
200
content-length
3322
last-modified
Wed, 20 Nov 2019 12:02:59 GMT
server
AmazonS3
etag
"2928cb8d1bfeba5bf462b6ea4344a45a"
access-control-allow-methods
HEAD, GET, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=300
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
ANmtBHPb8ikqAZOMTxJLZiH4S6YoFEb0RaPyUbrTFmu_JD2P_xOa8Q==
1206297_1.webp
cdn.images.express.co.uk/img/dynamic/59/183x122/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.images.express.co.uk/img/dynamic/59/183x122/1206297_1.webp
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:fe00:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
90eab2c47655ab739354140cb3da51d1f8540a230cf60714d54fcd435bef17fe

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:09:03 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
age
216
x-cache
Hit from cloudfront
status
200
content-length
3674
last-modified
Tue, 19 Nov 2019 10:18:58 GMT
server
AmazonS3
etag
"5d2b1ee7d17f6a25ce86c5a955196b40"
access-control-allow-methods
HEAD, GET, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=300
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
h_Bo1_Rflak5xIobupw26LQ8g6L4Bny3lMojwEO5zzJZ7qLgiXZ1dQ==
1207277_1.webp
cdn.images.express.co.uk/img/dynamic/59/183x122/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.images.express.co.uk/img/dynamic/59/183x122/1207277_1.webp
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:fe00:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d1f7751489d7af61fd91412ebf16b49503a34961534bd38968c981bdfdc8a40b

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 06:29:36 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
age
216
x-cache
Hit from cloudfront
status
200
content-length
3018
last-modified
Thu, 21 Nov 2019 06:28:43 GMT
server
AmazonS3
etag
"e757e131468ceb40143adcf1de330a77"
access-control-allow-methods
HEAD, GET, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=300
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
xrHySNKNeUEd6Cagrw6PUCLURm7cnt8qZv-lH9gbdIEmE_hRyWgyFg==
1206532_1.webp
cdn.images.express.co.uk/img/dynamic/59/183x122/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.images.express.co.uk/img/dynamic/59/183x122/1206532_1.webp
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:fe00:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
817c5232700935d6da93c0b25abdd1ee327a1d4fc6e9457c7b34648373ca2b55

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Wed, 20 Nov 2019 06:48:13 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
age
216
x-cache
Hit from cloudfront
status
200
content-length
4116
last-modified
Tue, 19 Nov 2019 18:41:15 GMT
server
AmazonS3
etag
"8fe8c9d42e237a01586422ed1eede984"
access-control-allow-methods
HEAD, GET, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=300
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
Lsi-IXWZxcRWJQnU8av4qHjKp51NijWrbQap69gIa7p4zvmzOYe_Ww==
1207307_1.webp
cdn.images.express.co.uk/img/dynamic/59/183x122/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.images.express.co.uk/img/dynamic/59/183x122/1207307_1.webp
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:fe00:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5cdd7c1fdbd3d989a5b456b75ab464e994b635babea2181997ab3eafe9aab4b2

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 08:47:03 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
age
216
x-cache
Hit from cloudfront
status
200
content-length
6632
last-modified
Thu, 21 Nov 2019 08:46:32 GMT
server
AmazonS3
etag
"238a733917168a6a12344cb8c6fb1d6a"
access-control-allow-methods
HEAD, GET, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=300
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
gOpIuzqhKb8_Zgg-yeklKYNmvb1N2oTHHHgxOk8MVNEQrOi3DhoTCw==
1207466_1.webp
cdn.images.express.co.uk/img/dynamic/59/183x122/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.images.express.co.uk/img/dynamic/59/183x122/1207466_1.webp
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:fe00:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a4da39c862f172e05ebf4e2872c850dee65639f15503811dd0eef2752c51e3cf

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 14:05:34 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-cache
RefreshHit from cloudfront
status
200
content-length
2888
last-modified
Thu, 21 Nov 2019 14:03:12 GMT
server
AmazonS3
etag
"3d090279e450e72eaba2a29b07b83039"
access-control-allow-methods
HEAD, GET, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=300
accept-ranges
bytes
x-amz-cf-id
3W5UJiNphr72d9QNIKa6Ffr-Htz27e-WYIJT4fBZ1tTp2Jmr8NCpOQ==
1206013_1.webp
cdn.images.express.co.uk/img/dynamic/59/183x122/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.images.express.co.uk/img/dynamic/59/183x122/1206013_1.webp
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:fe00:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
55a85852f4569ca6186fc753e723c4f5dd10bff8530b7a0c8ddff306564d6832

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:09:03 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
age
216
x-cache
Hit from cloudfront
status
200
content-length
2508
last-modified
Mon, 18 Nov 2019 16:12:15 GMT
server
AmazonS3
etag
"6fa4f82d8d9d037a7b4d59a0250bd31c"
access-control-allow-methods
HEAD, GET, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=300
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
ybQolbS-igQzkpAhZF2flKsrK4N-jB3KnjUyy0gTG_Zc0mRjyZi0_w==
1206588_1.webp
cdn.images.express.co.uk/img/dynamic/59/183x122/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.images.express.co.uk/img/dynamic/59/183x122/1206588_1.webp
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:fe00:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a16b81383f078e01de183c7709ce5bd9462b01bc1ec2cddb0335427940e2af52

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:09:03 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
age
216
x-cache
Hit from cloudfront
status
200
content-length
5736
last-modified
Tue, 19 Nov 2019 20:43:51 GMT
server
AmazonS3
etag
"ff97d9942eb9fe6a8547874704e6b7ec"
access-control-allow-methods
HEAD, GET, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=300
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
PJy2vPTEG6n9NUDkfq-qlzoykB-A5HtdS92CN7kTTPYFvmJ6qZK-OQ==
1206760_1.webp
cdn.images.express.co.uk/img/dynamic/59/183x122/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.images.express.co.uk/img/dynamic/59/183x122/1206760_1.webp
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:fe00:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1056b2e0c8ec8a1c0cb2607ccdcf36e65d3bf2a79743e6e757076f7ed04fca5f

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 00:28:13 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
age
216
x-cache
Hit from cloudfront
status
200
content-length
3992
last-modified
Wed, 20 Nov 2019 08:59:47 GMT
server
AmazonS3
etag
"a13e1f6b95c4d17014e171773ca11d1f"
access-control-allow-methods
HEAD, GET, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=300
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
N9BlxUbbLBDWnG2ogPpx8glN2Vwo07-3Sq4iBC3bzIwWb8iM4KYkSA==
1206551_1.webp
cdn.images.express.co.uk/img/dynamic/59/183x122/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.images.express.co.uk/img/dynamic/59/183x122/1206551_1.webp
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:fe00:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
832576858d837e252a4c6eeb3e927750eba3ecbed375a99e047a26b2b3a17503

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Wed, 20 Nov 2019 06:31:13 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
age
216
x-cache
Hit from cloudfront
status
200
content-length
5462
last-modified
Tue, 19 Nov 2019 19:19:09 GMT
server
AmazonS3
etag
"ecd3a961450a4477c2388a70cae9e2e8"
access-control-allow-methods
HEAD, GET, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=300
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
Pq4lWIEFmSy3ifCqzsQSI8SJFAN1vm2KFaZGHO5TD46hxApTrGuDwA==
1206111_1.webp
cdn.images.express.co.uk/img/dynamic/59/183x122/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.images.express.co.uk/img/dynamic/59/183x122/1206111_1.webp
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:fe00:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d6a235b7e89648692b07fd4c4ac0f74c8c6e1a638a7606c311be477d0669a632

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:09:03 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
age
216
x-cache
Hit from cloudfront
status
200
content-length
6274
last-modified
Mon, 18 Nov 2019 20:42:22 GMT
server
AmazonS3
etag
"9871435befac644d3ef4e0d57a0cccd8"
access-control-allow-methods
HEAD, GET, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=300
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
C8sy0F1IUBEduspmT-YW83h_KQMCbBgmAjGTPom_2ikp9zSveamTKA==
1206486_1.webp
cdn.images.express.co.uk/img/dynamic/59/183x122/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.images.express.co.uk/img/dynamic/59/183x122/1206486_1.webp
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:fe00:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a15e6e643611c8ec824f1322bf0649cc06b7c92bc2f8836d935f081a98a2ae84

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Wed, 20 Nov 2019 06:02:16 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
age
216
x-cache
Hit from cloudfront
status
200
content-length
4556
last-modified
Tue, 19 Nov 2019 17:05:17 GMT
server
AmazonS3
etag
"664b28b35f53c75277752efa7913f87b"
access-control-allow-methods
HEAD, GET, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=300
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
Hov43tHnfaGkNjY5BqPUAs787c3CYDH4bP16C-kzmJZQI0wHR9qTow==
1206321_1.webp
cdn.images.express.co.uk/img/dynamic/59/183x122/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.images.express.co.uk/img/dynamic/59/183x122/1206321_1.webp
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:fe00:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
880a8c1eb7358564c4ec64bc7cc0aa734896055b8132cc2a43c9a14d1892cc21

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:09:03 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
age
216
x-cache
Hit from cloudfront
status
200
content-length
3486
last-modified
Tue, 19 Nov 2019 11:11:54 GMT
server
AmazonS3
etag
"cd5d7ed240e476988791922c34cd8ebe"
access-control-allow-methods
HEAD, GET, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=300
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
KIx5eryrdS64NbjFt4zG2oJYigEYeHpv61RF-eMgBQf_wkAfEW_J0g==
1204861_1.webp
cdn.images.express.co.uk/img/dynamic/59/183x122/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.images.express.co.uk/img/dynamic/59/183x122/1204861_1.webp
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:fe00:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
af441afd760e7a84b7687c90bd9015099ae1fa4fab29173bec4d0adc99bd61ee

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:12:39 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-cache
RefreshHit from cloudfront
status
200
content-length
4154
last-modified
Fri, 15 Nov 2019 12:04:12 GMT
server
AmazonS3
etag
"7d00cd7aba644c5fcf3b6e844b3d56d4"
access-control-allow-methods
HEAD, GET, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=300
accept-ranges
bytes
x-amz-cf-id
4XbB3d1ZQBEE25dGaD3l50SrIXwSDk4Tutm_pGwrvU50X5Q-LS_Zxw==
1206489_1.webp
cdn.images.express.co.uk/img/dynamic/59/183x122/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.images.express.co.uk/img/dynamic/59/183x122/1206489_1.webp
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:fe00:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e4ed34014b1eeee0f37d21025060380bd90a9f8fdf0dfc9a0f1fd118a5cb19ed

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:12:39 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-cache
RefreshHit from cloudfront
status
200
content-length
5568
last-modified
Tue, 19 Nov 2019 17:16:14 GMT
server
AmazonS3
etag
"7e6dbe36fd1150f84a391b535e6bd8ed"
access-control-allow-methods
HEAD, GET, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=300
accept-ranges
bytes
x-amz-cf-id
OCQoe8v3jpFDmmDVuvC-TZZF1-mahFVSFxkoet7t9pG0uXMGWHXDYQ==
jquery.scrolldepth.min.js
cdn.images.express.co.uk/theme/Responsive/js/vendor/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.images.express.co.uk/theme/Responsive/js/vendor/jquery.scrolldepth.min.js
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:fe00:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
327f01ac5f92e7ccabcb54fa03ee98eab899e454ec1fd2fc1cb806878eed437e

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Sat, 09 Nov 2019 20:31:21 GMT
content-encoding
gzip
age
1021277
x-cache
Hit from cloudfront
status
200
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
last-modified
Mon, 18 Sep 2017 11:11:05 GMT
server
AmazonS3
access-control-allow-methods
HEAD, GET, POST
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=2592000
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
EfaWwuUJRvxVuCTahU5eJSOspMWKWsOgft8I8OAnfKki147dgkNEtQ==
expires
Sat, 1 Jan 2022 11:11:00 UTC
front_2019-11-21.jpg
cdn.images.express.co.uk/img/covers/70x91/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.images.express.co.uk/img/covers/70x91/front_2019-11-21.jpg
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:fe00:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
71d204579737c43e617e798ef5b5e92bbdd9efae13956cfd1717878a8773dc28

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:10:09 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
age
150
x-cache
Hit from cloudfront
status
200
content-length
2807
last-modified
Wed, 20 Nov 2019 22:30:51 GMT
server
AmazonS3
etag
"963c2d5ced65aa1f3a6ae1ef107b9c91"
access-control-allow-methods
HEAD, GET, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=300
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
MKCPUbNFlNeYz-fDQj5vZ1VkLIDszAsmrKy8NCyuMRCDPu3BnH2lfQ==
conversion.js
www.googleadservices.com/pagead/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s24-in-f2.1e100.net
Software
cafe /
Resource Hash
e9c0379e100c6f38cb43c0109421d634144001e4292714810065b6c58f2ca7e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:12:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9545
x-xss-protection
0
server
cafe
etag
15623976075421188719
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 21 Nov 2019 16:12:37 GMT
vendor-footer20190523.min.js
cdn.images.express.co.uk/theme/Responsive/js/dist/ 		112 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.images.express.co.uk/theme/Responsive/js/dist/vendor-footer20190523.min.js
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:fe00:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
71a1e2ed870b560f3557ed3006ee1b4e8e1e05f3798d56e142bb615f3188212b

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Fri, 12 Jul 2019 20:30:48 GMT
content-encoding
gzip
age
11389310
x-cache
Hit from cloudfront
status
200
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
last-modified
Thu, 23 May 2019 11:19:10 GMT
server
AmazonS3
vary
Accept-Encoding
access-control-allow-methods
HEAD, GET, POST
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=32592000
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
J7acfIuux0N2tlOedndAJWgYLc5JPOpyQG8AyXEpKgeL4yewSZ6Axg==
app20191121.min.js
cdn.images.express.co.uk/theme/Responsive/js/dist/ 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.images.express.co.uk/theme/Responsive/js/dist/app20191121.min.js
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:fe00:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ce2faa449d2aba085ddcf7a163a35e866bfc02f229139ccfc5406f959f1758fb

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 10:01:39 GMT
content-encoding
gzip
age
22259
x-cache
Hit from cloudfront
status
200
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
last-modified
Thu, 21 Nov 2019 08:48:50 GMT
server
AmazonS3
vary
Accept-Encoding
access-control-allow-methods
HEAD, GET, POST
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=32592000
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
jhxVtB1U2foQgtzdKlMkIWquExRATVfGfpvPOgeTxplGycxVk2-5uw==
oct.js
static.ads-twitter.com/
Redirect Chain
  • https://platform.twitter.com/oct.js
  • https://static.ads-twitter.com/oct.js
5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/oct.js
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.157 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:12:37 GMT
content-encoding
gzip
age
28769
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200
content-length
1954
x-served-by
cache-hhn4044-HHN
last-modified
Tue, 23 Jan 2018 20:09:00 GMT
x-timer
S1574352758.658029,VS0,VE0
etag
"b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary
Accept-Encoding,Host
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
no-cache
accept-ranges
bytes

Redirect headers

Access-Control-Allow-Origin
*
Date
Thu, 21 Nov 2019 16:12:37 GMT
Server
ECS (fcn/41A1)
Content-Length
0
Location
https://static.ads-twitter.com/oct.js
ACCESS-CONTROL-ALLOW-METHODS
GET
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
socketcluster.min.js
cdn.images.express.co.uk/js/vendor/ 		94 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.images.express.co.uk/js/vendor/socketcluster.min.js
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:fe00:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b32285045375aef8395099224e7b6ce5cd08cb9cc9085fd40647d6a82ba1562c

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Fri, 12 Jul 2019 20:30:48 GMT
content-encoding
gzip
age
11389310
x-cache
Hit from cloudfront
status
200
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
last-modified
Fri, 12 Oct 2018 13:02:33 GMT
server
AmazonS3
vary
Accept-Encoding
access-control-allow-methods
HEAD, GET, POST
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=32592000
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
7hT1MpkE3IE_JcqBhMwKbekCQC56TYtKUfNZEA2fuvhjzWmw3csdOA==
breaking-news20190509.min.js
cdn.images.express.co.uk/js/dist/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.images.express.co.uk/js/dist/breaking-news20190509.min.js
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:fe00:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1c925d301ad8ab1c335bd096b9c622a8b76df99212f6fdee2b1f0591fc84458a

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Fri, 12 Jul 2019 20:30:48 GMT
content-encoding
gzip
age
11389310
x-cache
Hit from cloudfront
status
200
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
last-modified
Thu, 09 May 2019 10:49:02 GMT
server
AmazonS3
vary
Accept-Encoding
access-control-allow-methods
HEAD, GET, POST
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=32592000
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
0gVVmIewJzgscND6D9b1lzrBnUMrEuL2CWVu5NEcrDpjWiIDQ_zAyA==
tag.min.js
get.s-onetag.com/0db6fc14-cc7e-43d6-aa47-200c36378f86/ 		80 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/0db6fc14-cc7e-43d6-aa47-200c36378f86/tag.min.js
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:f400:1f:287:d20a:ce1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c9a0b5e3c7d47198f50124c220ff593348e5d7a62385eff10baf6109f3366c3a

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

x-amz-version-id
FTMn6gQAEVLcJ9dPVGwNREasp75H20oJ
content-encoding
gzip
last-modified
Fri, 13 Sep 2019 09:36:49 GMT
server
AmazonS3
age
2274
date
Thu, 21 Nov 2019 15:34:45 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
status
200
cache-control
max-age=3600
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
BLtKuVwOERS4sBuhFdKVnYS_LqEYS-zdvlUJAvIMHc5OTwZ0Ye_0tA==
via
1.1 eb1a8c1b1275e33a016e623478052111.cloudfront.net (CloudFront)
gtm.js
www.googletagmanager.com/ 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NX7XL77
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
109542980c848150011121fa6d77adfcc90c968282db39f9d7846a43153f96a7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:12:38 GMT
content-encoding
br
last-modified
Thu, 21 Nov 2019 15:00:00 GMT
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
25439
x-xss-protection
0
expires
Thu, 21 Nov 2019 16:12:38 GMT
wtat.page-hb3.min.js
cdn.watchingthat.net/ 		115 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.watchingthat.net/wtat.page-hb3.min.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/northern-and-shell/dx/prod/utag.sync.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3b0279812eb54bc321b3b11fcfdd21360f264236c7259bbdee7d124d8bd78674

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:12:38 GMT
content-encoding
gzip
last-modified
Fri, 26 Oct 2018 11:19:21 GMT
server
AmazonS3
x-amz-request-id
34554DAD17E2900A
etag
"17abd14ddde6abefcbed550edf5aeede"
x-hw
1574352758.cds056.fr8.hn,1574352758.cds126.fr8.c
content-type
application/javascript
status
200
cache-control
max-age=1970
x-amz-version-id
null
accept-ranges
bytes
access-control-allow-origin
*
content-length
40416
x-amz-id-2
aaxxaG+n6BAshvevq4MfKtXmPjFD6etMZN0zaa/Z3fewAMO2wFHkjkaqJudVwXqEVmnym/+JDh4=
183871-280760540362456.js
js-sec.indexww.com/ht/p/ 		133 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/183871-280760540362456.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.98 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-225-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
556b0bf80a8bef680124ff8e63b24f0fb920e52b03cbc88780d525bebf716b02

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:38 GMT
Content-Encoding
gzip
Last-Modified
Thu, 21 Nov 2019 16:10:14 GMT
Server
Apache
ETag
"9036f3-21543-597dd885ce7b7"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3570
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
40301
Expires
Thu, 21 Nov 2019 17:12:08 GMT
chartbeat_mab.js
static.chartbeat.com/js/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:9800:18:1fcd:349:ca21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
c1acfa727754dab58bedc79995a642e235c6fde6449824c4fba4318fc060c91c

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 15:08:23 GMT
content-encoding
gzip
last-modified
Wed, 14 Aug 2019 01:44:12 GMT
server
nginx
age
3855
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=7200
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
mzQECDullli7-e7BrruL0oZDlAyXOu5OcQN5XygF8s063KhL0kzDuw==
via
1.1 04ce5a607a98db6d08257633417b84d7.cloudfront.net (CloudFront)
expires
Thu, 21 Nov 2019 17:08:23 GMT
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.124.133.20 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-124-133-20.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:38 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
901
Expires
Fri, 22 Nov 2019 16:12:38 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
5941
date
Thu, 21 Nov 2019 14:33:37 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Thu, 21 Nov 2019 16:33:37 GMT
bundle.js
app-cdn.spot.im/modules/messages-count/3.3.435/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app-cdn.spot.im/modules/messages-count/3.3.435/bundle.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.27 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-27.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
2758c030ad0e7492643f4ca4a7f7f6b4c633e1010707b3afe4742ebf72a7020d

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

x-amz-version-id
KWT5b2XWpxa4CLSbfCC7v9g4HxLj4.WI
content-encoding
gzip
last-modified
Mon, 12 Mar 2018 16:33:17 GMT
server
AmazonS3
etag
"4e35ce0f3c86079feb518742b8ae8648"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
public, no-transform, max-age=2592000, s-maxage=31536000
date
Thu, 21 Nov 2019 16:12:38 GMT
accept-ranges
bytes
content-length
10180
x-amz-cf-id
_Y8Z-5wE-W2EspBfvDBKDUTvOYyek_eDu2utvk6ludMUXhiFmZTMrQ==
expires
Sat, 21 Dec 2019 16:12:38 GMT
gpt.js
www.googletagservices.com/tag/js/ 		51 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
05d89a841cb88d2bb5e6de14d30b6c0e71a0f8951d0fd73904cd5cf767b300ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:12:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"343 / 764 of 1000 / last-modified: 1574348806"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15644
x-xss-protection
0
expires
Thu, 21 Nov 2019 16:12:38 GMT
cmpui.html
cdn.images.express.co.uk/cmp-19.4.4/dx/ Frame CFAF 		372 B
875 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.images.express.co.uk/cmp-19.4.4/dx/cmpui.html
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:fe00:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5ef68f00ee373a2138326e1eda9e2ea1a6c8d301965699d67c82ccdb753ae7e5

Request headers

:method
GET
:authority
cdn.images.express.co.uk
:scheme
https
:path
/cmp-19.4.4/dx/cmpui.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
same-site
sec-fetch-mode
nested-navigate
referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download

Response headers

status
200
content-type
text/html
content-length
372
date
Fri, 27 Sep 2019 06:44:53 GMT
access-control-allow-origin
*
access-control-allow-methods
HEAD, GET, POST
access-control-expose-headers
Access-Control-Allow-Origin
last-modified
Mon, 10 Jun 2019 15:38:20 GMT
etag
"787a5af29b665f46f19f8c27f1b16939"
cache-control
public,max-age=32592000
x-amz-meta-cb-modifiedtime
Thu, 25 Apr 2019 11:42:00 GMT
accept-ranges
bytes
server
AmazonS3
x-cache
Hit from cloudfront
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
YyMb7ZlIWz05A3QxPvrQYPC0YIQO96k_tfYOzSB8y9i9qaYyKjQANw==
age
4786066
utag.js
tags.tiqcdn.com/utag/northern-and-shell/dx/prod/ 		32 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/northern-and-shell/dx/prod/utag.js
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.241 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (lha/8D71) /
Resource Hash
a4776b92245ca7a79ce8723a83b8e4796fbe3105b139dcea0f3763717f8d71eb

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:12:40 GMT
content-encoding
gzip
last-modified
Thu, 03 Oct 2019 15:08:55 GMT
server
ECAcc (lha/8D71)
etag
"170211693"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=300
accept-ranges
bytes
content-length
9438
expires
Thu, 21 Nov 2019 16:17:40 GMT
/
tt.onthe.io/ 		0
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tt.onthe.io/?k[]=41764:uniques_instantly[domain:www.express.co.uk,url:%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download,page:Windows%2010%20update%20is%20packed%20with%20dangerous%20ransomware%20-%20do%20not%20download!,author:Aaron%20Brown,language:en,category:Life%20%26%20Style,sub_category:Tech,type_article:longread,reference_time:230,pub_date:Thu%2C%2021%20Nov%202019%2006%3A01%3A00%20%2B0000,user_agent:Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_6)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F78.0.3904.97%20Safari%2F537.36,device:desktop,browser_version:Other%2078,browser:Other,referrer:shr.gs,first_source:shr.gs,depth:1,user_type:new,user_id:2062cca43.72fb7bad0_1574352758031,session_id:f3a9438ad.b769febc7_1574352758082,cdn_version:97]&s=632ae8d6a623792c016809f53c694b47&1574352758082
Requested by
Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/1eWNpP6x0acZ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.99.5.37 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-99-5-37.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:38 GMT
Server
nginx
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
/
tt.onthe.io/uniques/ 		33 B
515 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tt.onthe.io/uniques/?current=21&holding=d41d8cd98f00b204e9800998ecf8427e&hash_user=2062cca43.72fb7bad0_1574352758031&1574352758086
Requested by
Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/1eWNpP6x0acZ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.99.5.37 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-99-5-37.clients.your-server.de
Software
nginx /
Resource Hash
166f9390df29e23f9c9c45c50026de3b8ea04605424c6edc8557a3d3e71af7b8

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:38 GMT
Server
nginx
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
33
Expires
Thu, 01 Jan 1970 00:00:01 GMT
/
tt.onthe.io/ 		0
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tt.onthe.io/?k[]=41764:visits_instantly[domain:www.express.co.uk,url:%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download,page:Windows%2010%20update%20is%20packed%20with%20dangerous%20ransomware%20-%20do%20not%20download!,author:Aaron%20Brown,language:en,category:Life%20%26%20Style,sub_category:Tech,type_article:longread,reference_time:230,pub_date:Thu%2C%2021%20Nov%202019%2006%3A01%3A00%20%2B0000,user_agent:Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_6)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F78.0.3904.97%20Safari%2F537.36,device:desktop,browser_version:Other%2078,browser:Other,referrer:shr.gs,first_source:shr.gs,depth:1,user_type:new,user_id:2062cca43.72fb7bad0_1574352758031,session_id:a1845dca8.aeab6b708_1574352758092,cdn_version:97]&s=632ae8d6a623792c016809f53c694b47&__io=2062cca43.72fb7bad0_1574352758031&1574352758092
Requested by
Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/1eWNpP6x0acZ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.99.5.37 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-99-5-37.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:38 GMT
Server
nginx
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
/
tt.onthe.io/ 		0
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tt.onthe.io/?k[]=41764:pageviews[domain:www.express.co.uk,url:%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download,page:Windows%2010%20update%20is%20packed%20with%20dangerous%20ransomware%20-%20do%20not%20download!,author:Aaron%20Brown,language:en,category:Life%20%26%20Style,sub_category:Tech,type_article:longread,reference_time:230,pub_date:Thu%2C%2021%20Nov%202019%2006%3A01%3A00%20%2B0000,user_agent:Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_6)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F78.0.3904.97%20Safari%2F537.36,device:desktop,browser_version:Other%2078,browser:Other,referrer:shr.gs,first_source:shr.gs,depth:1,user_type:new,user_id:2062cca43.72fb7bad0_1574352758031,session_id:094adc0cc.d597f2e4e_1574352758098,cdn_version:97]&s=632ae8d6a623792c016809f53c694b47&1574352758098
Requested by
Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/1eWNpP6x0acZ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.99.5.37 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-99-5-37.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:38 GMT
Server
nginx
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
head2_icon_07.png
cdn.images.express.co.uk/img/weather/png/52x52/ 		414 B
917 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.images.express.co.uk/img/weather/png/52x52/head2_icon_07.png
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:fe00:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2539ef22c97f8a2e1f7f0bcd07bbeb7043e7adaa8e14f41fd3443abc6c30ea48

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Fri, 12 Jul 2019 20:31:32 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
age
11389267
x-amz-meta-cb-modifiedtime
Fri, 12 Oct 2018 10:15:58 GMT
x-cache
Hit from cloudfront
status
200
content-length
414
last-modified
Fri, 12 Oct 2018 12:24:04 GMT
server
AmazonS3
etag
"e922a3884411a065b45b87fd17857957"
access-control-allow-methods
HEAD, GET, POST
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=32592000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
VkYoSENJZLoDwU1H05_n5LWftX53LTdPkwRd0ncmzFzInWEl8G_BgQ==
header.png
cdn.images.express.co.uk/theme/Responsive/img/page/icons/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.images.express.co.uk/theme/Responsive/img/page/icons/header.png
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:fe00:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2db1636a03ded06c126389ec4c994bc6f2c675ddab40d4b5c6fd9467dd65b5bc

Request headers

Referer
https://cdn.images.express.co.uk/theme/Responsive/css/dist/app20191121.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Fri, 12 Jul 2019 20:30:49 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
age
11389309
x-amz-meta-cb-modifiedtime
Fri, 12 Oct 2018 12:02:46 GMT
x-cache
Hit from cloudfront
status
200
content-length
2305
last-modified
Fri, 12 Oct 2018 12:12:47 GMT
server
AmazonS3
etag
"f56969f913a0f2e4effbe9b9cb809dbc"
access-control-allow-methods
HEAD, GET, POST
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=32592000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
G4rMUKrCtDf85gmi-jrsWrb6PfRk8dVKaPwyT0dCOQBHmH39O8hNQg==
common.png
cdn.images.express.co.uk/theme/Responsive/img/page/icons/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.images.express.co.uk/theme/Responsive/img/page/icons/common.png?v=437
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:fe00:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
18d224bb28692ee8b1f6415513ff417143e9a5ddc5d7a52e0c233304bf246308

Request headers

Referer
https://cdn.images.express.co.uk/theme/Responsive/css/dist/app20191121.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 20:34:44 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
age
3785816
x-amz-meta-cb-modifiedtime
Tue, 12 Feb 2019 10:27:55 GMT
x-cache
Hit from cloudfront
status
200
content-length
7827
last-modified
Wed, 17 Jul 2019 11:29:24 GMT
server
AmazonS3
etag
"f186db462f51d5cbe9d96a1ae5c24536"
access-control-allow-methods
HEAD, GET, POST
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
LLWwfU1WCSWltMROZj6ybzhL-ys85xGZ6ieeW4IC3erG89KsOaelTg==
preloader.gif
cdn.images.express.co.uk/theme/Responsive/img/page/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.images.express.co.uk/theme/Responsive/img/page/preloader.gif
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:fe00:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ef25b9d3d8f48f3a0f8b96f3a287382cf19f23af16546ce72e4bf6f77fb2970b

Request headers

Referer
https://cdn.images.express.co.uk/theme/Responsive/css/dist/app20191121.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Wed, 20 Nov 2019 20:53:42 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
age
69537
x-amz-meta-cb-modifiedtime
Tue, 12 Feb 2019 10:31:20 GMT
x-cache
Hit from cloudfront
status
200
content-length
6008
last-modified
Tue, 12 Feb 2019 10:31:40 GMT
server
AmazonS3
etag
"88707fd32acdc257d1595193815a3575"
access-control-allow-methods
HEAD, GET, POST
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
5IkW0DlBJxSQHdW3ni5RYZCYrm8P8y2HDjw703HOEotpKA_AqGNERw==
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		715 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		178 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3ee0806e69f2ae70a2267a58ac5fc5d52b5aa7aca6f3c0c08adad605fd8fbc16

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		243 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d2d8043c302d3a9da9277374a53e2285c471d5dc8397885b4931b82771d5cae

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		381 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63271dcce1a2518271ecc2b0bdcc5afc9c5f0968a8635e0f97a4c9747309eb82

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Content-Type
image/svg+xml
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://fonts.googleapis.com/css?display=swap&family=Open+Sans+Condensed:300,700%7COpen+Sans:300,400,600
Origin
https://www.express.co.uk

Response headers

date
Tue, 19 Nov 2019 09:15:53 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:49 GMT
server
sffe
age
197805
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9132
x-xss-protection
0
expires
Wed, 18 Nov 2020 09:15:53 GMT
z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMR7eS2Ao.woff2
fonts.gstatic.com/s/opensanscondensed/v14/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensanscondensed/v14/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMR7eS2Ao.woff2
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
dbe1042b7290f4f6d73d1e0ebe0b7f8dd9e9d3f8bdde4e749c151f36ac7c42c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://fonts.googleapis.com/css?display=swap&family=Open+Sans+Condensed:300,700%7COpen+Sans:300,400,600
Origin
https://www.express.co.uk

Response headers

date
Wed, 20 Nov 2019 23:29:15 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:18:28 GMT
server
sffe
age
60203
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
10228
x-xss-protection
0
expires
Thu, 19 Nov 2020 23:29:15 GMT
mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://fonts.googleapis.com/css?display=swap&family=Open+Sans+Condensed:300,700%7COpen+Sans:300,400,600
Origin
https://www.express.co.uk

Response headers

date
Wed, 20 Nov 2019 01:17:55 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:37 GMT
server
sffe
age
140083
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9016
x-xss-protection
0
expires
Thu, 19 Nov 2020 01:17:55 GMT
f3179a17-e8db-44a5-a8a7-96b657063ae2
https://www.express.co.uk/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.express.co.uk/f3179a17-e8db-44a5-a8a7-96b657063ae2
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
vtt.global.min.js
vjs.zencdn.net/vttjs/0.12.5/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vjs.zencdn.net/vttjs/0.12.5/vtt.global.min.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::729 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
aa706c43e8733a58224f514db36f253bed4ea01f56a90b66916c4aa6a656ec2d

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:12:38 GMT
content-encoding
gzip
last-modified
Thu, 31 Aug 2017 21:04:55 GMT
access-control-allow-origin
*
etag
"f30dac97e5c2aaa10a7695b93cc66699"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=utf-8
status
200
cache-control
public, max-age=31536000
x-cache-hits
1194305
timing-allow-origin
*
content-length
7231
x-served-by
cache-hhn4065-HHN
iris.adaptive.js
ovp.iris.tv/libs/adaptive/v2/ 		123 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ovp.iris.tv/libs/adaptive/v2/iris.adaptive.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:fa00:15:d134:4e40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
791ce2df32893b6a98e7f88420bfd401968e28222ff2277e4224356204f636d3

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

x-amz-version-id
QflvV1_sw9UB_xTV1D5LLXlxrKF0Yo9K
via
1.1 c3b74c81fdcb7942211a6c721efa13fd.cloudfront.net (CloudFront)
last-modified
Wed, 20 Nov 2019 15:40:29 GMT
server
AmazonS3
age
97
etag
"482c35eb3a2f5944ebe644b23ecbdaf1"
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
date
Thu, 21 Nov 2019 16:12:05 GMT
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
125821
x-amz-cf-id
9UNk0ZcsVXWjtmKN4vg6NvqmT8uIIUWZtpXafAU3fmFPa2KF6pK4AA==
5454038390001
edge.api.brightcove.com/playback/v1/accounts/2540076170001/videos/ 		0
793 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://edge.api.brightcove.com/playback/v1/accounts/2540076170001/videos/5454038390001
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.97.127 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-97-127.fra50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=77766000; includeSubDomains

Request headers

Access-Control-Request-Method
GET
Origin
https://www.express.co.uk
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Access-Control-Request-Headers
accept

Response headers

Strict-Transport-Security
max-age=77766000; includeSubDomains
Via
1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
BCOV-REQUEST-ID
03d7e892-cb64-4415-91c3-01103efaeb94
X-Amz-Cf-Pop
FRA50-C1
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
0
BCOV-instance
i-02dadf9452cbfedda, ce8ca2e, 2019-11-21 16:12:38.360Z
Date
Thu, 21 Nov 2019 16:12:38 GMT
access-control-max-age
86400
access-control-allow-methods
HEAD,GET,OPTIONS
X-Originating-URL
https://edge-elb.api.brightcove.com/playback/v1/accounts/2540076170001/videos/5454038390001
access-control-allow-origin
*
Cache-Control
max-age=0, no-cache, no-store
access-control-allow-headers
accept
X-Amz-Cf-Id
0yoR8osgANSnYFG6YITfwIphuJc-LZ_VHLaGui-Fb5vVtBekbHewag==
tracker
metrics.brightcove.com/v2/ 		35 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=8e57aa78cd35e847c21b0502&account=2540076170001&destination=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&platform_version=6.19.2&player=players.brightcove.com%2F2540076170001%2FVLKU4hbDPX_default&player_name=%5BEXPRESS%5D%20-%20v3.3%20Click%20to%20Play%20prebid.js&source=http%3A%2F%2Fshr.gs%2FkWQbz0R&event=player_init&time=1574352758216&seq=0
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.244.232.184 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
184.232.244.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
via
1.1 google
date
Thu, 21 Nov 2019 16:12:38 GMT
content-type
image/gif
status
200
cache-control
must-revalidate,no-cache,no-store
alt-svc
clear
content-length
35
tracker
metrics.brightcove.com/v2/ 		35 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=8e57aa78cd35e847c21b0502&account=2540076170001&destination=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&platform_version=6.19.2&player=players.brightcove.com%2F2540076170001%2FVLKU4hbDPX_default&player_name=%5BEXPRESS%5D%20-%20v3.3%20Click%20to%20Play%20prebid.js&source=http%3A%2F%2Fshr.gs%2FkWQbz0R&event=catalog_request&url=https%3A%2F%2Fedge.api.brightcove.com%2Fplayback%2Fv1%2Faccounts%2F2540076170001%2Fvideos%2F5454038390001&time=1574352758229&seq=1
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.244.232.184 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
184.232.244.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
via
1.1 google
date
Thu, 21 Nov 2019 16:12:38 GMT
content-type
image/gif
status
200
cache-control
must-revalidate,no-cache,no-store
alt-svc
clear
content-length
35
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b03be18e07e94ff40f413fd0a41d6f374b0d3df44e951baa53295099e2c3642

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Origin
https://www.express.co.uk

Response headers

Content-Type
application/font-woff;charset=utf-8
d3d3LmV4cHJlc3MuY28udWs=
tcheck.outbrainimg.com/tcheck/check/ 		16 B
477 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tcheck.outbrainimg.com/tcheck/check/d3d3LmV4cHJlc3MuY28udWs=
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.226.107 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-226-107.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk

Response headers

Strict-Transport-Security
max-age=0; includeSubDomains;
ETag
W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=26187
Date
Thu, 21 Nov 2019 16:12:38 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
false
Content-Length
16
Expires
Thu, 21 Nov 2019 23:29:05 GMT
tracker
metrics.brightcove.com/v2/ 		35 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=8e57aa78cd35e847c21b0502&account=2540076170001&destination=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&platform_version=6.19.2&player=players.brightcove.com%2F2540076170001%2FVLKU4hbDPX_default&player_name=%5BEXPRESS%5D%20-%20v3.3%20Click%20to%20Play%20prebid.js&source=http%3A%2F%2Fshr.gs%2FkWQbz0R&usage=inpage-embed&event=player_load&time=1574352758294&qos.performance.memory.jsHeapSizeLimit=4345298944&qos.performance.memory.usedJSHeapSize=18360558&qos.performance.memory.totalJSHeapSize=20474102&qos.performance.navigation.redirectCount=0&qos.performance.navigation.type=0&qos.performance.navigation.directedMigration=false&qos.performance.timing.loadEventEnd=0&qos.performance.timing.loadEventStart=0&qos.performance.timing.domComplete=0&qos.performance.timing.domContentLoadedEventEnd=0&qos.performance.timing.domContentLoadedEventStart=0&qos.performance.timing.domInteractive=0&qos.performance.timing.domLoading=1574352757425&qos.performance.timing.responseEnd=1574352757428&qos.performance.timing.responseStart=1574352757422&qos.performance.timing.requestStart=1574352757302&qos.performance.timing.secureConnectionStart=1574352757293&qos.performance.timing.connectEnd=1574352757302&qos.performance.timing.connectStart=1574352757288&qos.performance.timing.domainLookupEnd=1574352757288&qos.performance.timing.domainLookupStart=1574352757280&qos.performance.timing.fetchStart=1574352757279&qos.performance.timing.redirectEnd=0&qos.performance.timing.redirectStart=0&qos.performance.timing.unloadEventEnd=0&qos.performance.timing.unloadEventStart=0&qos.performance.timing.navigationStart=1574352757278&qos.performance.bcInit=109.09500159323215&qos.player.dimensions=%5B%5B1574352758293%2C%220x0%22%2C%22590x331.875%22%5D%5D&qos.player.pixelratio=%5B%5B1574352758293%2C1%5D%5D&qos.player.screendimensions=%5B%5B1574352758293%2C%221600x1200%22%5D%5D&seq=2
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.244.232.184 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
184.232.244.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
via
1.1 google
date
Thu, 21 Nov 2019 16:12:38 GMT
content-type
image/gif
status
200
cache-control
must-revalidate,no-cache,no-store
alt-svc
clear
content-length
35
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		273 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5fa6833aaa4245a425c0bf047e200f7be29f46246239529a6e4ac8085736671d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:12:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
94888
x-xss-protection
0
expires
Thu, 21 Nov 2019 16:12:38 GMT
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
929 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 15:58:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
865
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
859
x-xss-protection
0
expires
Thu, 21 Nov 2019 16:58:13 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
249 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.express.co.uk
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:12:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.express.co.uk
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:12:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
pubads_impl_2019111401.js
securepubads.g.doubleclick.net/gpt/ 		159 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019111401.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.34 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s16-in-f2.1e100.net
Software
sffe /
Resource Hash
7aee25147e91ea27917ac5cfd8ea30fdcae0e6b1072e51a1d644dafb76ab5c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:12:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 14 Nov 2019 14:12:07 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
59644
x-xss-protection
0
expires
Thu, 21 Nov 2019 16:12:38 GMT
vendor,init,recirculation,conversation
api-2-0.spot.im/v1.0.0/config/launcher/sp_9LMINbK9/1207000/ 		0
419 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/config/launcher/sp_9LMINbK9/1207000/vendor,init,recirculation,conversation
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_9LMINbK9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.32 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-32.deploy.static.akamaitechnologies.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
GET
Origin
https://www.express.co.uk
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Access-Control-Request-Headers
content-type,x-spotim-page-view-id

Response headers

date
Thu, 21 Nov 2019 16:12:38 GMT
server
istio-envoy
access-control-allow-origin
https://www.express.co.uk
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
status
200
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-spotim-device-v2, x-spotim-device-uuid
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid
content-length
0
device_load
events-collector.spot.im/api/v1/ 		36 B
472 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events-collector.spot.im/api/v1/device_load
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_9LMINbK9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.9 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
fasthttp /
Resource Hash
5ed732b5d2f28ce82c767635e4363476e232174dfacfe80c91775e36cd80ace3

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Nov 2019 16:12:38 GMT
server
fasthttp
status
200
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.express.co.uk
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
access-control-allow-headers
content-type, x-spotim-device-uuid, x-spotim-page-view-id, x-spotim-source, x-xsrf-token
content-length
36
expires
Thu, 21 Nov 2019 16:12:38 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035737&ns__t=1574352758369&ns_c=UTF-8&cv=3.1&c8=Windows%2010%20update%20is%20packed%20with%20dangerous%20ransomware%3A%20do%20not%20download%20%7C%20Expr...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035737&ns__t=1574352758369&ns_c=UTF-8&cv=3.1&c8=Windows%2010%20update%20is%20packed%20with%20dangerous%20ransomware%3A%20do%20not%20download%20%7C%20Exp...
0
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6035737&ns__t=1574352758369&ns_c=UTF-8&cv=3.1&c8=Windows%2010%20update%20is%20packed%20with%20dangerous%20ransomware%3A%20do%20not%20download%20%7C%20Express.co.uk&c7=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&c9=http%3A%2F%2Fshr.gs%2FkWQbz0R
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.124.133.20 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-124-133-20.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:38 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/b2?c1=2&c2=6035737&ns__t=1574352758369&ns_c=UTF-8&cv=3.1&c8=Windows%2010%20update%20is%20packed%20with%20dangerous%20ransomware%3A%20do%20not%20download%20%7C%20Express.co.uk&c7=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&c9=http%3A%2F%2Fshr.gs%2FkWQbz0R
Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:38 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
cygnus
as-sec.casalemedia.com/ 		52 B
837 B 		Script
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?v=8&fn=pbjs.handleCygnusResponse&s=181452&r=%7B%22id%22%3A%2212391b84501664%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2220555530dc184e%22%2C%22ext%22%3A%7B%22siteID%22%3A181452%2C%22sid%22%3A%22pr_1_1_s%22%7D%2C%22video%22%3A%7B%22protocols%22%3A%5B2%2C5%2C3%2C6%5D%2C%22maxduration%22%3A30%2C%22minduration%22%3A0%2C%22startdelay%22%3A0%2C%22linearity%22%3A1%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22apiList%22%3A%5B2%5D%2C%22w%22%3A640%2C%22h%22%3A360%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download%22%7D%7D
Requested by
Host: cdn.watchingthat.net
URL: https://cdn.watchingthat.net/wtat.page-hb3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.98 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-225-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
db56b94d21cd52ac7e59c5c805f5694169b15b67213bc22f99df2ff621cbf05d

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:38 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/javascript
Content-Length
72
Expires
Thu, 21 Nov 2019 16:12:38 GMT
directsdk.js
aka.spotxcdn.com/integration/directsdk/v1/
Redirect Chain
  • https://js.spotx.tv/directsdk/v1/216448.js
  • https://aka.spotxcdn.com/integration/directsdk/v1/directsdk.js
391 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aka.spotxcdn.com/integration/directsdk/v1/directsdk.js
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.224.133 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-224-133.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
de40791a97231d95b94dd9535759ae5b1e7ae0ccf83362951337862307c820fe

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:38 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Oct 2019 21:14:16 UTC
Server
nginx
ETag
2ae6c9a6b809a0e4036614b5182b0d5a
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=85
X-SpotX-Build-Version
1.30.0-20191022.2011
Connection
keep-alive
Timing-Allow-Origin
*
Access-Control-Allow-Headers
Content-Length
147920

Redirect headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:38 GMT
Last-Modified
Thu, 21 Nov 2019 16:12:38 UTC
Server
nginx
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
//aka.spotxcdn.com/integration/directsdk/v1/directsdk.js
Cache-Control
post-check=0, pre-check=0, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
17
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
0.bundle.js
app-cdn.spot.im/modules/messages-count/3.3.435/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app-cdn.spot.im/modules/messages-count/3.3.435/0.bundle.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.27 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-27.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
73af65c1e5b508c2579327df5a38c69b31c04297ee49cd98c9ea2820a5674352

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

x-amz-version-id
3Kck8Hj7loxeA_bkR3oiNLXT9nB8uuy8
content-encoding
gzip
last-modified
Sun, 11 Mar 2018 10:18:41 GMT
server
AmazonS3
etag
"c32d53d6a999edbd085563987ce4d5c7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
public, no-transform, max-age=2592000, s-maxage=31536000
date
Thu, 21 Nov 2019 16:12:38 GMT
accept-ranges
bytes
content-length
9616
x-amz-cf-id
bJFkhJ1KDrnsG3L21Gk_NpI2juMbVb6jK6aXn7qFqJbzJ6vo239enw==
expires
Sat, 21 Dec 2019 16:12:38 GMT
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		242 B
511 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=express.co.uk&domain=express.co.uk&path=%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::714 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
2f85bbe02e047ef3fa0e949e0adca742668a7130b0a456f8f842bf2cf422d814

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk

Response headers

date
Thu, 21 Nov 2019 16:12:38 GMT
content-encoding
gzip
age
940
x-cache
HIT
status
200
x-cache-hits
1
content-length
189
x-served-by
cache-fra19143-FRA
access-control-allow-origin
*
x-timer
S1574352758.413532,VS0,VE1
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
via
1.1 varnish (Varnish/6.0), 1.1 varnish
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Tue, 19 Nov 2019 15:56:58 GMT
/
tt.onthe.io/ 		0
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tt.onthe.io/?k[]=42078:uniques_holding&s=632ae8d6a623792c016809f53c694b47&__io=2062cca43.72fb7bad0_1574352758031&1574352758395
Requested by
Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/1eWNpP6x0acZ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.99.5.37 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-99-5-37.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:38 GMT
Server
nginx
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
gtm.js
www.googletagmanager.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5LBKKH6&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NX7XL77
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers
cmpui.js
cdn.images.express.co.uk/cmp-19.4.4/dx/ Frame CFAF 		381 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.images.express.co.uk/cmp-19.4.4/dx/cmpui.js
Requested by
Host: cdn.images.express.co.uk
URL: https://cdn.images.express.co.uk/cmp-19.4.4/dx/cmpui.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:fe00:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
19f6cd03771ec6205cf92aca5fdab1ca31d6aed2815a89ed9356f5d5d3e8b8cb

Request headers

Referer
https://cdn.images.express.co.uk/cmp-19.4.4/dx/cmpui.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Fri, 12 Jul 2019 20:30:55 GMT
content-encoding
gzip
age
11389304
x-amz-meta-cb-modifiedtime
Thu, 25 Apr 2019 11:42:00 GMT
x-cache
Hit from cloudfront
status
200
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
last-modified
Mon, 10 Jun 2019 15:38:20 GMT
server
AmazonS3
vary
Accept-Encoding
access-control-allow-methods
HEAD, GET, POST
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=32592000
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
DmnagXjKEUfSScWIWY9CswO7mqBHcMqiJvY-1oaiynAGHSiD4D7n9w==
cmpui.css
cdn.images.express.co.uk/cmp-19.4.4/dx/ Frame CFAF 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.images.express.co.uk/cmp-19.4.4/dx/cmpui.css
Requested by
Host: cdn.images.express.co.uk
URL: https://cdn.images.express.co.uk/cmp-19.4.4/dx/cmpui.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:fe00:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3deda9c4104de2f32ed217f4ed0f2a7543c5f2b963fda7f9d20090eedb2432b1

Request headers

Referer
https://cdn.images.express.co.uk/cmp-19.4.4/dx/cmpui.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Fri, 12 Jul 2019 20:30:55 GMT
content-encoding
gzip
age
11389304
x-amz-meta-cb-modifiedtime
Thu, 25 Apr 2019 11:42:00 GMT
x-cache
Hit from cloudfront
status
200
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
last-modified
Mon, 10 Jun 2019 15:38:20 GMT
server
AmazonS3
vary
Accept-Encoding
access-control-allow-methods
HEAD, GET, POST
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=32592000
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
YteZ_LOz9OopJ9rFFGx-rW2tPK8nWW8Cj9xDTCJPE8xxEcjx79Dv7g==
dwce_cheq_events
log.outbrainimg.com/loggerServices/ 		4 B
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1574352758405&sessionId=e3376e9a-d78c-69cd-8746-e86ff0a09226&url=www.express.co.uk&cheqSource=1&cheqEvent=0&exitReason=2
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.31 , United States, ASN22075 (AS-OUTBRAIN - Outbrain, Inc., US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:38 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
close
X-TraceId
6df0a569a665b30ac814d27f7c64df07
Content-Length
4
Expires
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1068671835/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1068671835/?random=1574352758408&cv=9&fst=1574352758408&num=1&label=u9gYCOmHtQYQ28bK_QM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&ref=http%3A%2F%2Fshr.gs%2FkWQbz0R&tiba=Windows%2010%20update%20is%20packed%20with%20dangerous%20ransomware%3A%20do%20not%20download%20%7C%20Express.co.uk&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
61711b6297f30992d3228bef8fc4b698cbb74b75c7d01b6ded0ffbc24b057779
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Nov 2019 16:12:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1080
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsct
t.co/i/ 		43 B
170 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=l4f18&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:12:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
strict-transport-security
max-age=0
content-length
65
x-xss-protection
0
x-response-time
125
pragma
no-cache
last-modified
Thu, 21 Nov 2019 16:12:38 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
6ba3877036160f3f553ebd1689430fcb
x-transaction
00700e8900c30088
expires
Tue, 31 Mar 1981 05:00:00 GMT
social-media-4.png
cdn.images.express.co.uk/theme/Responsive/img/page/icons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.images.express.co.uk/theme/Responsive/img/page/icons/social-media-4.png
Requested by
Host: cdn.images.express.co.uk
URL: https://cdn.images.express.co.uk/theme/Responsive/js/dist/vendor-header20190523.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:fe00:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7286b781e94d84e8da08d2ca157255ad70cda39f0158d91859e575891db24255

Request headers

Referer
https://cdn.images.express.co.uk/theme/Responsive/css/dist/app20191121.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Fri, 12 Jul 2019 20:30:50 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
age
11389309
x-amz-meta-cb-modifiedtime
Fri, 12 Oct 2018 12:02:47 GMT
x-cache
Hit from cloudfront
status
200
content-length
2567
last-modified
Fri, 12 Oct 2018 12:12:48 GMT
server
AmazonS3
etag
"8b65d7995b54cadde751931bd9dc7cfe"
access-control-allow-methods
HEAD, GET, POST
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=32592000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
zvptj3zYJFlW7qCW3oHzs16p43N087xvtO75O1QiH4648LzWIZrZyg==
logo_ipso.png
cdn.images.express.co.uk/img/page/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.images.express.co.uk/img/page/logo_ipso.png
Requested by
Host: cdn.images.express.co.uk
URL: https://cdn.images.express.co.uk/theme/Responsive/js/dist/vendor-header20190523.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:fe00:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ce0e0e11e79156df3d3ba198dcc218afc14028fee592fbf2e90a3902e3430b95

Request headers

Referer
https://cdn.images.express.co.uk/theme/Responsive/css/dist/app20191121.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Fri, 12 Jul 2019 20:30:50 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
age
11389309
x-amz-meta-cb-modifiedtime
Mon, 08 Oct 2018 11:23:11 GMT
x-cache
Hit from cloudfront
status
200
content-length
1596
last-modified
Fri, 12 Oct 2018 13:01:05 GMT
server
AmazonS3
etag
"b6cd56d5e27392960a42ccf7818fcaca"
access-control-allow-methods
HEAD, GET, POST
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=32592000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
mfidr-1qPK_0jcQi8X1O1Q2fsrT0MF2dhfYFDnt5w7XRS9nLgwuqfw==
ga12h_59.json
cdn.images.express.co.uk/api/articles/recommended/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.images.express.co.uk/api/articles/recommended/ga12h_59.json
Requested by
Host: cdn.images.express.co.uk
URL: https://cdn.images.express.co.uk/theme/Responsive/js/dist/vendor-header20190523.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:fe00:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bcf3ae60f2a62e5c15664dbf7ba6e661b9e73ee85a7434ded0c638ed3f4ed169

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 15:17:58 GMT
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
age
113
x-cache
Hit from cloudfront
status
200
content-length
1651
last-modified
Thu, 21 Nov 2019 14:10:53 GMT
server
AmazonS3
etag
"634cefd24a08378bbe90aee84ae795ae"
access-control-allow-methods
HEAD, GET, POST
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
DK00hmC-Fl21hgaUNXkMWS81AlWzZTBjkiz00jb0TL1R66SOnMXKhw==
init.js
cdn.my.northernandshell.co.uk/v0.0.1/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.my.northernandshell.co.uk/v0.0.1/init.js
Requested by
Host: cdn.images.express.co.uk
URL: https://cdn.images.express.co.uk/theme/Responsive/js/dist/app20191121.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.196.124 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-224-196-124.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0fc2159485ac7d7159330dd52c143f4569ac349507e8ada36e298d09c47a8f16

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Wed, 20 Nov 2019 23:33:53 GMT
Via
1.1 e976f829f2d1c4787d42d0595ae7cf75.cloudfront.net (CloudFront)
Last-Modified
Fri, 04 Jan 2019 17:31:13 GMT
Server
AmazonS3
Age
59926
ETag
"3385e24c13a2d6db45a423eae3fbd7ba"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
X-Amz-Cf-Pop
FRA2-C1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6691
X-Amz-Cf-Id
L_rtXzh1T1Jy3FEwJr9a_2LTnmtu3mPBQ1uR5JDQV9Uxo0UPeVBbeg==
express_logo.png
cdn.images.express.co.uk/img/page/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.images.express.co.uk/img/page/express_logo.png
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:fe00:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ae3167c489b881c581eef1dd54aca4dd6d2c55ba305e39cfc3e8b71c05930998

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Fri, 27 Sep 2019 06:06:52 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
age
4788347
x-amz-meta-cb-modifiedtime
Fri, 12 Oct 2018 12:01:15 GMT
x-cache
Hit from cloudfront
status
200
content-length
4865
last-modified
Fri, 12 Oct 2018 12:11:35 GMT
server
AmazonS3
etag
"9995e580cdfe4d850cc53d26f27f3b83"
access-control-allow-methods
HEAD, GET, POST
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=32592000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
INTg5F6u3uZALZ-vTX0oZgvrMTjteqZiJYoSO40vPz6BtwFNhOLyWA==
Api.aspx
cdns.eu1.gigya.com/gs/webSdk/ Frame E5F7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdns.eu1.gigya.com/gs/webSdk/Api.aspx?apiKey=3_BBXBRC0QUUloJ0Hujw4HOY17aLrL0Uy8FDx59O4-PrYbWWtrnCBKphB69PH9tXSb&version=latest
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.110 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-225-110.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Host
cdns.eu1.gigya.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download

Response headers

Content-Length
30765
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
P3P
CP="IDC COR PSA DEV ADM OUR IND ONL"
X-Soa
true, Gator
X-Server
us1d-nomad-g5
X-CallID
4d78ccadef2d4ee8bf0031f400f50ec9
X-Gigya-HA-cfg-ver
5
X-Robots-Tag
none
Cache-Control
public, max-age=86400, s-maxage=3600
Date
Thu, 21 Nov 2019 16:12:38 GMT
Connection
keep-alive
utag.101.js
tags.tiqcdn.com/utag/northern-and-shell/dx/prod/ 		2 KB
981 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/northern-and-shell/dx/prod/utag.101.js?utv=ut4.39.201801171132
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.241 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (lha/8DA9) /
Resource Hash
5fb3612eff43b581b97b4ca8d65be1e7897ff0b214b74c74398c20a757c85ab7

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:12:38 GMT
content-encoding
gzip
last-modified
Thu, 15 Mar 2018 14:59:06 GMT
server
ECAcc (lha/8DA9)
etag
"3533156222"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=1296000
accept-ranges
bytes
content-length
920
expires
Fri, 06 Dec 2019 16:12:38 GMT
utag.17.js
tags.tiqcdn.com/utag/northern-and-shell/dx/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/northern-and-shell/dx/prod/utag.17.js?utv=ut4.39.201601281048
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.241 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (lha/8CA8) /
Resource Hash
e5f5d2cdbc00ae1469e2cdb4d7bf88f206267ced9e0e047cffa716e1561a1a33

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:12:38 GMT
content-encoding
gzip
last-modified
Thu, 15 Mar 2018 14:59:05 GMT
server
ECAcc (lha/8CA8)
etag
"314029662"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=1296000
accept-ranges
bytes
content-length
1185
expires
Fri, 06 Dec 2019 16:12:38 GMT
utag.86.js
tags.tiqcdn.com/utag/northern-and-shell/dx/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/northern-and-shell/dx/prod/utag.86.js?utv=ut4.39.201611231000
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.241 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (lha/8D41) /
Resource Hash
39a2c2c07937d3b55bb855ed20afe3d6c577a7e69ad3b7c4f61058b8fed7eed6

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:12:38 GMT
content-encoding
gzip
last-modified
Thu, 15 Mar 2018 14:59:06 GMT
server
ECAcc (lha/8D41)
etag
"2876518677"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=1296000
accept-ranges
bytes
content-length
912
expires
Fri, 06 Dec 2019 16:12:38 GMT
utag.85.js
tags.tiqcdn.com/utag/northern-and-shell/dx/prod/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/northern-and-shell/dx/prod/utag.85.js?utv=ut4.39.201701180944
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.241 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (lha/8D53) /
Resource Hash
9c78423da5100b27502ec4efd03740d4e3c121202f9dbcefff4c61070c18c04f

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:12:38 GMT
content-encoding
gzip
last-modified
Thu, 15 Mar 2018 14:59:05 GMT
server
ECAcc (lha/8D53)
etag
"2010613445"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=1296000
accept-ranges
bytes
content-length
1372
expires
Fri, 06 Dec 2019 16:12:38 GMT
utag.96.js
tags.tiqcdn.com/utag/northern-and-shell/dx/prod/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/northern-and-shell/dx/prod/utag.96.js?utv=ut4.39.201910031508
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.241 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (lha/8DC0) /
Resource Hash
f21b7aa0d3d0b1295ac9d76d728e3975358e480e272f18c24388ca73ff719faa

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:12:38 GMT
content-encoding
gzip
last-modified
Thu, 03 Oct 2019 15:08:55 GMT
server
ECAcc (lha/8DC0)
etag
"2753927617"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=1296000
accept-ranges
bytes
content-length
7892
expires
Fri, 06 Dec 2019 16:12:38 GMT
utag.98.js
tags.tiqcdn.com/utag/northern-and-shell/dx/prod/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/northern-and-shell/dx/prod/utag.98.js?utv=ut4.39.201704180849
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.241 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (lha/8C8D) /
Resource Hash
8e91957b3c50d1374f1db1c5a24172c85ce002c3cf1a47a9525cc99554d79d9b

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:12:38 GMT
content-encoding
gzip
last-modified
Thu, 15 Mar 2018 14:59:06 GMT
server
ECAcc (lha/8C8D)
etag
"716448211"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=1296000
accept-ranges
bytes
content-length
1234
expires
Fri, 06 Dec 2019 16:12:38 GMT
utag.99.js
tags.tiqcdn.com/utag/northern-and-shell/dx/prod/ 		2 KB
941 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/northern-and-shell/dx/prod/utag.99.js?utv=ut4.39.201706221557
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.241 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (lha/8DBF) /
Resource Hash
072013f8289424eaea2a286a164cceeeb1c15038901cfd2c43eaeedbd4439f38

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:12:38 GMT
content-encoding
gzip
last-modified
Thu, 15 Mar 2018 14:59:05 GMT
server
ECAcc (lha/8DBF)
etag
"387424639"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=1296000
accept-ranges
bytes
content-length
878
expires
Fri, 06 Dec 2019 16:12:38 GMT
utag.107.js
tags.tiqcdn.com/utag/northern-and-shell/dx/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/northern-and-shell/dx/prod/utag.107.js?utv=ut4.39.201803151720
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.241 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (lha/8D66) /
Resource Hash
3daa5bb872615c3ba820d165f18734b915db9bc86e826019a9bc0bdf809376db

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:12:38 GMT
content-encoding
gzip
last-modified
Thu, 15 Mar 2018 17:20:20 GMT
server
ECAcc (lha/8D66)
etag
"1418848955"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=1296000
accept-ranges
bytes
content-length
981
expires
Fri, 06 Dec 2019 16:12:38 GMT
utag.109.js
tags.tiqcdn.com/utag/northern-and-shell/dx/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/northern-and-shell/dx/prod/utag.109.js?utv=ut4.39.201808201513
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.241 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (lha/8D11) /
Resource Hash
6d5ffb7a6865f92384727ce1ebf6f65e928617a718ed26e1cba400001a7ff952

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:12:38 GMT
content-encoding
gzip
last-modified
Wed, 18 Jul 2018 15:10:22 GMT
server
ECAcc (lha/8D11)
etag
"4188075810"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=1296000
accept-ranges
bytes
content-length
1016
expires
Fri, 06 Dec 2019 16:12:38 GMT
adsct
analytics.twitter.com/i/ 		31 B
267 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=l4f18&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
tsa_o /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:12:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
content-length
57
x-xss-protection
0
x-response-time
127
pragma
no-cache
last-modified
Thu, 21 Nov 2019 16:12:38 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
1e702915abc052632ead982e4c547e80
x-transaction
0072f03d00d0170c
expires
Tue, 31 Mar 1981 05:00:00 GMT
gigya.services.plugins.base.min.js
cdns.gigya.com/js/ 		157 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdns.gigya.com/js/gigya.services.plugins.base.min.js?services=gigya.services.socialize.plugins.reactions&lang=en&version=latest
Requested by
Host: cdns.gigya.com
URL: https://cdns.gigya.com/JS/gigya.js?apiKey=3_BBXBRC0QUUloJ0Hujw4HOY17aLrL0Uy8FDx59O4-PrYbWWtrnCBKphB69PH9tXSb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.110 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-225-110.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f786f06776e1d93d93fd1d09af1d07e68698cefb6ee3f35344e8fb9eeb073328

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:38 GMT
Content-Encoding
gzip
X-Soa
true, Gator
P3P
CP="IDC COR PSA DEV ADM OUR IND ONL"
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
X-CallID
1964905db880456f9a4443addbba7121
Cache-Control
public, max-age=900, s-maxage=3600
X-Server
us1d-nomad-g15
Connection
keep-alive
X-Robots-Tag
none
X-Gigya-HA-cfg-ver
5
Content-Length
49381
Expires
Thu, 21 Nov 2019 16:27:38 GMT
5454038390001
edge.api.brightcove.com/playback/v1/accounts/2540076170001/videos/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://edge.api.brightcove.com/playback/v1/accounts/2540076170001/videos/5454038390001
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.97.127 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-97-127.fra50.r.cloudfront.net
Software
/
Resource Hash
195356f66f29ff1d50d006f6c859de0c3d24bf5c3b8e62f6acd78f6ef84cc820
Security Headers
Name Value
Strict-Transport-Security max-age=77766000; includeSubDomains

Request headers

Accept
application/json;pk=BCpkADawqM3Dmzg7zRlKEmzcSAqR4vFC4MpyD0075pbeW0d779IrRf-anBPDszKFRm29RtjAGKoEpMIaZ77MCa9sg3FEJvjlzLS_lu0eXl3P-dUfQsoJ3LvMbiGkYL0cJNwEvNhrJy8Fh7TG
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

BCOV-instance
i-07e32d5cd2daa19c9, ce8ca2e, 2019-11-21 16:02:05.277Z
Via
1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
BCOV-REQUEST-ID
93223d36-6354-4448-8967-6a6fa56a7c37
X-Amz-Cf-Pop
FRA50-C1
Date
Thu, 21 Nov 2019 16:02:05 GMT
Strict-Transport-Security
max-age=77766000; includeSubDomains
X-Cache
Hit from cloudfront
Content-Type
application/json; charset=UTF-8
access-control-allow-origin
*
X-Originating-URL
https://edge-elb.api.brightcove.com/playback/v1/accounts/2540076170001/videos/5454038390001
access-control-expose-headers
x-cache,via,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id
Cache-Control
max-age=651
Connection
keep-alive
Content-Length
2777
X-Amz-Cf-Id
TU5sCVQW8-fns81oEuhC-10-e0lwrrifmtlgy24EqSfFiI-x0Lo23w==
beacon.min.js
beacon.s-onetag.com/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon.s-onetag.com/beacon.min.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2043:c400:5:9a4c:9b00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1e794399af60ec6300017e12e37a6b7a8253a9ff05ef41ca5e42b76dced02ef4

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

x-amz-version-id
QuZjBQ9JYyZaR8wz.Z.0oyNzLjKP2j64
content-encoding
gzip
last-modified
Tue, 05 Nov 2019 16:59:56 GMT
server
AmazonS3
age
715
date
Thu, 21 Nov 2019 16:00:44 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=3600
x-amz-cf-pop
FRA54
x-amz-cf-id
7xywRo9Idz5mqj5_AhCIxJKw79VF8aBYN9y6AIZ5BYjiqS_vRCeqpA==
via
1.1 14484a063800eaed878a3068abf4dfac.cloudfront.net (CloudFront)
fpi.js
ap.lijit.com/www/delivery/ Frame F0C7 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/www/delivery/fpi.js?z=598981&width=320&height=50&iv=sf
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/0db6fc14-cc7e-43d6-aa47-200c36378f86/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET - Internap Corporation, US),
Reverse DNS
Software
nginx /
Resource Hash
b853fac19f39390912aa0ec94fb476e028f8deedc3a56196ba1b02cc08ed4cf6

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:38 GMT
Content-Encoding
gzip
Server
nginx
ETag
W/"5dd5d841-1540"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap5ams1
Expires
Thu, 01 Jan 1970 00:00:01 GMT
1206297_1.jpg
cdn.images.express.co.uk/img/dynamic/59/285x190/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.images.express.co.uk/img/dynamic/59/285x190/1206297_1.jpg
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:fe00:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
425b4571e6867d9dafc15a9dd1e45eef3fe89229a9628f2d128fa92efceeaa97

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:09:03 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
age
216
x-cache
Hit from cloudfront
status
200
content-length
9742
last-modified
Tue, 19 Nov 2019 10:18:57 GMT
server
AmazonS3
etag
"0a005499e68f0c1114b0ae8d141bc4eb"
access-control-allow-methods
HEAD, GET, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=300
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
74rnABy8ZAYMGCBDRMH_NLeDmTo9JtwWS4lJIzEOS2uwQeC5b27_kA==
1207000_1.jpg
cdn.images.express.co.uk/img/dynamic/59/285x190/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.images.express.co.uk/img/dynamic/59/285x190/1207000_1.jpg
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:fe00:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
672b80a698beb28b65cb676989e2a93d9a722b3aa3a421ef5c532861b3681e1d

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 09:11:38 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
age
216
x-cache
Hit from cloudfront
status
200
content-length
13430
last-modified
Thu, 21 Nov 2019 07:49:20 GMT
server
AmazonS3
etag
"0b7075bb635ae3b9dffc653cff33c02b"
access-control-allow-methods
HEAD, GET, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=300
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
_aFZ4FARAUIorI9BsjrzVuPCZYe1YAD5CKmQBR75Y1Dlv_h5qNAM9A==
1206760_1.jpg
cdn.images.express.co.uk/img/dynamic/59/285x190/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.images.express.co.uk/img/dynamic/59/285x190/1206760_1.jpg
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:fe00:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df826019e9ee5b90409b37c09f54395b24fbf1cfa85d16bf252a716ed85e199c

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Wed, 20 Nov 2019 20:09:05 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
age
216
x-cache
Hit from cloudfront
status
200
content-length
10926
last-modified
Wed, 20 Nov 2019 08:59:46 GMT
server
AmazonS3
etag
"fbdd3348d0a5e6de584dc86fe8cd10f4"
access-control-allow-methods
HEAD, GET, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=300
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
UpAWjwxI_bFZzBGXG4nGVs6YVrKLZP4nw53dq2lkie5qU8_rHgppOA==
1206013_1.jpg
cdn.images.express.co.uk/img/dynamic/59/285x190/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.images.express.co.uk/img/dynamic/59/285x190/1206013_1.jpg
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:fe00:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
90f425d5708d77990962ec71b5e2a15ea371c08ed1e54f62a264eee98c22d156

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:09:03 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
age
216
x-cache
Hit from cloudfront
status
200
content-length
6792
last-modified
Mon, 18 Nov 2019 16:12:14 GMT
server
AmazonS3
etag
"3863f1e8444fc77046a245e7de7f8644"
access-control-allow-methods
HEAD, GET, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=300
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
E0SJ7xIuGV4FMV6HfJ5OQgT30FPp6bsUaMcqWKH0V1D13_s1P9I69A==
1206038_1.jpg
cdn.images.express.co.uk/img/dynamic/59/285x190/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.images.express.co.uk/img/dynamic/59/285x190/1206038_1.jpg
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:fe00:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3ce5b1565a4bf0fae35d657a4ef0d9050269fdcec32cefb33361f075772ce490

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:09:03 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
age
216
x-cache
Hit from cloudfront
status
200
content-length
11885
last-modified
Mon, 18 Nov 2019 17:09:45 GMT
server
AmazonS3
etag
"8233c45fcb0e31d6be03086f804db5d9"
access-control-allow-methods
HEAD, GET, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=300
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
PI03OiUbR6u9OrQy1RwV5qTBYo2z-kgs2RP8ZGjR4WNX4P58IlMjiQ==
mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://fonts.googleapis.com/css?display=swap&family=Open+Sans+Condensed:300,700%7COpen+Sans:300,400,600
Origin
https://www.express.co.uk

Response headers

date
Wed, 20 Nov 2019 01:09:11 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:44 GMT
server
sffe
age
140607
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9180
x-xss-protection
0
expires
Thu, 19 Nov 2020 01:09:11 GMT
ping
ping.chartbeat.net/ 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=express.co.uk&p=%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&u=BNGg0kDzz3NMHuQVD&d=express.co.uk&g=33715&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=5516&o=1585&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=http%3A%2F%2Fshr.gs%2FkWQbz0R&b=1241&t=DrCnysCf55UXBMPdJ6CMaFK1B0_k6f&V=116&i=Windows%2010%20update%20is%20packed%20with%20dangerous%20ransomware%3A%20do%20not%20download%20%7C%20Express.co.uk&tz=-60&sn=1&sv=eGwBND181MFDU05kh_r5eBB2ijz3&sr=http%3A%2F%2Fshr.gs%2FkWQbz0R&sd=1&im=067b9fff&_
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.86.129.194 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-86-129-194.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

status
200
pragma
no-cache
date
Thu, 21 Nov 2019 16:12:38 GMT
cache-control
no-cache, no-store, must-revalidate
expires
0
content-length
43
content-type
image/gif
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1733279525&t=pageview&_s=1&dl=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-N...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-545303-1&cid=155027759.1574352758&jid=175965675&_gid=2104700690.1574352758&gjid=21884206&_v=j79&z=68139352
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-545303-1&cid=155027759.1574352758&jid=175965675&_v=j79&z=68139352
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-545303-1&cid=155027759.1574352758&jid=175965675&_v=j79&z=68139352&slf_rd=1&random=91290240
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-545303-1&cid=155027759.1574352758&jid=175965675&_v=j79&z=68139352&slf_rd=1&random=91290240
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Nov 2019 16:12:38 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Nov 2019 16:12:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-545303-1&cid=155027759.1574352758&jid=175965675&_v=j79&z=68139352&slf_rd=1&random=91290240
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1733279525&t=pageview&_s=1&dl=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-N...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-123584808-1&cid=93605309.1574352759&jid=1189842080&_gid=326258054.1574352759&gjid=2023753298&_v=j79&z=1191150580
35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-123584808-1&cid=93605309.1574352759&jid=1189842080&_gid=326258054.1574352759&gjid=2023753298&_v=j79&z=1191150580
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
date
Thu, 21 Nov 2019 16:12:38 GMT
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Nov 2019 16:12:38 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-123584808-1&cid=93605309.1574352759&jid=1189842080&_gid=326258054.1574352759&gjid=2023753298&_v=j79&z=1191150580
content-type
text/html; charset=UTF-8
status
302
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
418
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=1733279525&t=event&_s=2&dl=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&dr=http%3A%2F%2Fshr.gs%2FkWQbz0R&ul=en-us&de=UTF-8&dt=Windows%2010%20update%20is%20packed%20with%20dangerous%20ransomware%3A%20do%20not%20download%20%7C%20Express.co.uk&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Comments&ea=On&el=Yes&_u=aGBACEAjB~&jid=&gjid=&cid=155027759.1574352758&tid=UA-545303-1&_gid=2104700690.1574352758&cd9=0&cd2=Tech&cd12=Today&cd13=Aaron%20Brown&cd14=700-800&z=10880538
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Nov 2019 17:11:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
774065
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
IrisUpNext.css
ovp.iris.tv/libs/adaptive/styles/v2/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ovp.iris.tv/libs/adaptive/styles/v2/IrisUpNext.css
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:fa00:15:d134:4e40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
04a74928965ed27c791351d7e70bc0bb40194158a56fd949b19c66f28d4835c1

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

x-amz-version-id
wvkxUhCS82NPYaTWHesnpN1q5vhFHa5Q
content-encoding
gzip
last-modified
Mon, 11 Feb 2019 19:50:18 GMT
server
AmazonS3
age
73759
date
Wed, 20 Nov 2019 20:07:44 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
status
200
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
_3amZaJTE281PRrR2uzXEBBAkKNiTC-JXCB_YWi1jOuE4EXXO0yebg==
via
1.1 c3b74c81fdcb7942211a6c721efa13fd.cloudfront.net (CloudFront)
IrisButtons.css
ovp.iris.tv/libs/adaptive/styles/ 		6 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ovp.iris.tv/libs/adaptive/styles/IrisButtons.css
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:fa00:15:d134:4e40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
85fa47de6b71bbce922b3d89b645018063f5d4b1c7ac1383ada0da3729de6702

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 24 Oct 2019 19:41:23 GMT
content-encoding
gzip
last-modified
Fri, 20 Sep 2019 23:35:16 GMT
server
AmazonS3
age
72503
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
_ElMf2In3Kac4ysR1LTx01V4WFCOWbnt
status
200
x-amz-cf-pop
FRA2-C1
content-type
text/css
x-amz-cf-id
b1PdTTzV4s-iixQfy2LMQiaSREOp3zzY3BQeCFGt-_Luj9N_FqBdmg==
via
1.1 c3b74c81fdcb7942211a6c721efa13fd.cloudfront.net (CloudFront)
watch
api.iris.tv/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.iris.tv/watch?number=5&api_url=&base_url=defaultbaseurl&client_token=2540076170001&platform=brightcove&access_token=1d9f05c8b00daddfbffcf5afa8a0691bf6370c0cd9dfc8bc6fb38e13c4474dab&ssl=true&platform_id=5454038390001&player_version=Brightcove.Nextgen&persist_experience=false&disable_mobile_upnext=false&up_next_min_vid_length=23&start_up_next=true&start_up_next_text=UP%20NEXT%3A&start_up_next_time=5&start_up_next_length=7&end_up_next=true&end_up_next_text=UP%20NEXT%3A&end_up_next_time=5&end_up_next_length=7&player_id=video_5454038390001_0&campaign_tracking=true&side_rail=false&related_rail=false&set_cookie=true&carousel_recs=true&user_id=UP-RMidroYZhDZnwGQ&iframe=false&enable_category_ads=true&enable_context_ads=true&enable_category_cust_params_ads=false&recs_only=true&callback=superagentCallback1574352758909
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.218.200.53 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-218-200-53.compute-1.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
442f3bc52c51fe692a4842a07ec5492839ade1b64a5c3435c07741886087f0fc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:39 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.16.1
X-IRIS-CLIENT-TOKEN
2540076170001
X-IRIS-EXPERIENCE
5dd6b777b9d4bf54417a7ec9
Access-Control-Allow-Origin
*
X-IRIS-ACCESS-TOKEN
1d9f05c8b00daddfbffcf5afa8a0691bf6370c0cd9dfc8bc6fb38e13c4474dab
X-IRIS-USER
UP-RMidroYZhDZnwGQ
Connection
keep-alive
Content-Type
application/javascript;charset=utf-8
Content-Length
2498
X-IRIS-NEXT-REC
bridge3.353.0_en.html
imasdk.googleapis.com/js/core/ Frame D3B9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.353.0_en.html
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.353.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
196419
date
Thu, 21 Nov 2019 09:35:34 GMT
expires
Fri, 20 Nov 2020 09:35:34 GMT
last-modified
Wed, 20 Nov 2019 19:30:13 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
23824
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
client.js
s0.2mdn.net/instream/video/ 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:12:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
10523
x-xss-protection
0
expires
Thu, 21 Nov 2019 16:12:38 GMT
tracker
metrics.brightcove.com/v2/ 		35 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=8e57aa78cd35e847c21b0502&account=2540076170001&destination=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&platform_version=6.19.2&player=players.brightcove.com%2F2540076170001%2FVLKU4hbDPX_default&player_name=%5BEXPRESS%5D%20-%20v3.3%20Click%20to%20Play%20prebid.js&source=http%3A%2F%2Fshr.gs%2FkWQbz0R&event=catalog_response&url=https%3A%2F%2Fedge.api.brightcove.com%2Fplayback%2Fv1%2Faccounts%2F2540076170001%2Fvideos%2F5454038390001&time=1574352758611&response_time_ms=382&BCOV-instance=i-07e32d5cd2daa19c9%2C%20ce8ca2e%2C%202019-11-21%2016%3A02%3A05.277Z&X-Cache=Hit%20from%20cloudfront&Via=1.1%20bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net%20(CloudFront)&X-Amz-Cf-Id=TU5sCVQW8-fns81oEuhC-10-e0lwrrifmtlgy24EqSfFiI-x0Lo23w%3D%3D&seq=3
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.244.232.184 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
184.232.244.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
via
1.1 google
date
Thu, 21 Nov 2019 16:12:38 GMT
content-type
image/gif
status
200
cache-control
must-revalidate,no-cache,no-store
alt-svc
clear
content-length
35
vendor,init,recirculation,conversation
api-2-0.spot.im/v1.0.0/config/launcher/sp_9LMINbK9/1207000/ 		19 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/config/launcher/sp_9LMINbK9/1207000/vendor,init,recirculation,conversation
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.32 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-32.deploy.static.akamaitechnologies.com
Software
istio-envoy /
Resource Hash
b222743c0c2ed70caaf199a73b3184820387262aad3b70dc08d28b8466ed7981

Request headers

Accept
application/json
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
x-spotim-page-view-id
90a691a6-1241-4b2c-8028-9bfeb1891d94
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Origin
https://www.express.co.uk
Content-Type
application/json

Response headers

date
Thu, 21 Nov 2019 16:12:38 GMT
content-encoding
gzip
x-spotim-device-uuid
2c5f980d-b4d6-4538-901b-7c1cde96fb99
status
200
access-control-max-age
86400
x-envoy-upstream-service-time
25
content-length
3979
x-request-id
59c711a4-2b7c-4661-8457-7c0e889f6831
x-guid
2c5f980d-b4d6-4538-901b-7c1cde96fb99
server
istio-envoy
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.express.co.uk
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-spotim-device-v2, x-spotim-device-uuid
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid
/
www.google.com/pagead/1p-user-list/1068671835/ 		42 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1068671835/?random=1574352758408&cv=9&fst=1574352000000&num=1&label=u9gYCOmHtQYQ28bK_QM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&ref=http%3A%2F%2Fshr.gs%2FkWQbz0R&tiba=Windows%2010%20update%20is%20packed%20with%20dangerous%20ransomware%3A%20do%20not%20download%20%7C%20Express.co.uk&fmt=3&is_vtc=1&random=742960290&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Nov 2019 16:12:38 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1068671835/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1068671835/?random=1574352758408&cv=9&fst=1574352000000&num=1&label=u9gYCOmHtQYQ28bK_QM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&ref=http%3A%2F%2Fshr.gs%2FkWQbz0R&tiba=Windows%2010%20update%20is%20packed%20with%20dangerous%20ransomware%3A%20do%20not%20download%20%7C%20Express.co.uk&fmt=3&is_vtc=1&random=742960290&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Nov 2019 16:12:38 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		70 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3377593440951322&correlator=2923878904375183&output=ldjh&impl=fifs&adsid=NT&eid=21063203&vrg=2019111401&npa=1&guci=1.2.0.0.2.1.0.0&plat=1%3A536903688%2C2%3A553680904%2C8%3A32776&sc=1&sfv=1-0-36&ecs=20191121&iu_parts=34722903%2CExpress%2CLife-Style%2CScience_Tech%2Cexpress&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F4&prev_iu_szs=320x50%7C1x1%7C728x90%7C970x250%7C970x90%2C320x50%7C300x250%7C300x600%2C320x50%7C300x250%2C320x50%7C300x250%2C320x50%7C1x1%2C320x50%7C300x250%2C1x1%2C8x8&fluid=height%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2C0%2C0&ists=2&prev_scp=pos%3Dtop%7Cpos%3Dright%7Cpos%3Dright2%7Cpos%3Dright3%7Cpos%3Dmiddle%7Cpos%3Dright1%26strnativekey%3DC196fpMvhkDKp8g7hK9tEmzE%7Cpos%3Doutofpage%7C&cust_params=gdpr%3D1%26pagetype%3Darticle%26articleid%3D1207000%26keywords%3Dtechnology%252Cinternet%252Cpersonal%2520technology%252Cctp_video%252CWindows%252010%2520Update%252CWindows%252010%2520Upgrade%252CWindows%252010%2520New%2520Features%252CWindows%252010%2520Ransomware%252CWindows%252010%2520Upgrade%252C%26device%3DDesktop%26inskin_yes%3Dtrue%26home%3Dfalse%26gs_cat%3Dbespoke_home_headlines%252Cpos_danone_brandsafety_family%252Cpos_danone_brandsafety_fitness%252Cpos_danone_brandsafety_health%252Cpos_danone_brandsafety_misc%252Cpos_danone_brandsafety_society%252Cpos_omg_blacklist%252Cpos_sky_blacklist%252Cpos_test_death%252Cgs_tech_computing%252Cgv_crime%252Cshadow9hu7_pos_tuibrandsafe%252Cblacklist_nestle%252Cpr_blackfriday_cybermonday%252Cnegative_asda_medical%252Ccore_media_brand_safety_misc%252Churricane_irma&cookie_enabled=1&bc=31&abxe=1&lmt=1574352758&dt=1574352758746&dlt=1574352757425&idt=1284&frm=20&biw=1585&bih=1200&oid=3&adxs=792%2C948%2C948%2C948%2C323%2C948%2C0%2C0&adys=9%2C269%2C2330%2C5158%2C3464%2C1999%2C8%2C0&adks=1151462024%2C2299454366%2C492909140%2C492909141%2C3173311165%2C492909139%2C3656353205%2C2965745391&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&ref=http%3A%2F%2Fshr.gs%2FkWQbz0R&dssz=120&icsg=0&mso=128&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1585x10%7C330x286%7C330x286%7C330x286%7C590x33%7C330x286%7C1585x6754%7C1585x6754&msz=1585x1%7C330x271%7C330x271%7C330x271%7C590x1%7C330x271%7C1585x1%7C1585x8&ga_vid=93605309.1574352759&ga_sid=1574352759&ga_hid=1733279525&fws=4%2C4%2C4%2C4%2C4%2C4%2C4%2C4&ohw=1585%2C330%2C330%2C330%2C980%2C330%2C1585%2C1585
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019111401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.34 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s16-in-f2.1e100.net
Software
cafe /
Resource Hash
34133edb2eaa0672c9ce1ec0d4ce25876d6764fe5851ccb25b0c2d825c326e9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk

Response headers

date
Thu, 21 Nov 2019 16:12:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
16318
x-xss-protection
0
google-lineitem-id
4870761093,4870733667,4871301086,4870730049,218007983,128001743,-2,5225067755
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138251962774,138251963101,138251964595,138251763494,94254180023,67911598703,-2,138294843343
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.express.co.uk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_2019111401.js
securepubads.g.doubleclick.net/gpt/ 		64 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019111401.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019111401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.34 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s16-in-f2.1e100.net
Software
sffe /
Resource Hash
19293620368e303e572701f2f16c940806c142dd00dcccb877b16dfcd6f59c6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:12:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 14 Nov 2019 14:12:07 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
25152
x-xss-protection
0
expires
Thu, 21 Nov 2019 16:12:38 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-36/html/ 		0
0
2540076170001_5454040654001_5454038390001-vs.jpg
httpsak-a.akamaihd.net/2540076170001/ 		71 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://httpsak-a.akamaihd.net/2540076170001/2540076170001_5454040654001_5454038390001-vs.jpg?pubId=2540076170001&videoId=5454038390001
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.186.16 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b353af7598e07542b04f94ad93cdb11c7593977aef042b408195ee682ec45568

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:38 GMT
Last-Modified
Wed, 31 May 2017 06:35:02 GMT
X-Amz-Cf-Pop
FRA53-C1
ETag
"8b4d7078f729810cf14337212da89832"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Requested-With
Content-Length
72904
X-Amz-Cf-Id
WCn1vrNq1fTYypGNZOL8_V1cQQSG5oEsUBeZNBelbFG81kUZfY_53w==
sync
vap5ams1.lijit.com/ Frame F0C7 		49 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vap5ams1.lijit.com/sync
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/www/delivery/fpi.js?z=598981&width=320&height=50&iv=sf
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET - Internap Corporation, US),
Reverse DNS
Software
nginx /
Resource Hash
8d80f87c0ab65461ab708db543e6554276a3eb1c1e21eaafae717af2d7c4fe9b

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:38 GMT
Content-Encoding
gzip
Last-Modified
Thu, 21 Nov 2019 00:20:24 GMT
Server
nginx
ETag
W/"5dd5d848-c3a3"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=86400, must-revalidate
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap5ams1
Expires
Fri, 22 Nov 2019 16:12:38 GMT
ping
ping.chartbeat.net/ 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=video%40express.co.uk&g=33715&p=5454038390001&i=Here%27s%20what%20you%20should%20do%20after%20a%20Windows%2010%20upgrade&u=xsULnBxLMC-n7Btu&t=BlNoDmB6z4PCBgd6X-DO3uhOBysZeX&x=0&y=0&V=116&VS=BCN&n=1&b=1247&r=http%3A%2F%2Fshr.gs%2FkWQbz0R&_vd=-1&_vi=Windows%2010%20update%20is%20packed%20with%20dangerous%20ransomware%3A%20do%20not%20download%20%7C%20Express.co.uk&_vp=express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&_vh=express.co.uk&_pu=BNGg0kDzz3NMHuQVD&_pt=DrCnysCf55UXBMPdJ6CMaFK1B0_k6f&_pr=http%3A%2F%2Fshr.gs%2FkWQbz0R&_vdd=express.co.uk&_vt=ct&_vs=s1&_vcs=0&_vbr=-1&_vvs=0.32&_vpt=0&_vtn=https%3A%2F%2Fhttpsak-a.akamaihd.net%2F2540076170001%2F2540076170001_5454040540001_5454038390001-th.jpg%3FpubId%3D2540076170001%26videoId%3D5454038390001&_vaup=unkn&_vce=0&c=0.01&W=0&R=0&I=1&E=0&j=75&tz=-60&_
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.86.129.194 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-86-129-194.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

status
200
pragma
no-cache
date
Thu, 21 Nov 2019 16:12:38 GMT
cache-control
no-cache, no-store, must-revalidate
expires
0
content-length
43
content-type
image/gif
px.js
p.cpx.to/p/11062/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.cpx.to/p/11062/px.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/northern-and-shell/dx/prod/utag.86.js?utv=ut4.39.201611231000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.101.6 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-101-6.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fbf57280833f63be3a67c650170d8ed7e26714816cb138516c9514b3743517f4

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Fri, 14 Jun 2019 00:49:54 GMT
Content-Encoding
UTF-8
Last-Modified
Wed, 10 Oct 2018 10:48:56 GMT
Server
AmazonS3
Age
2321351
ETag
"f928b5eedc26676d1d44b05e026025c0"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
Cache-Control
max-age=2419200
X-Amz-Cf-Pop
FRA50-C1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1498
X-Amz-Cf-Id
4UEhlwAajl6lglFWPNuQJ-ujpv6pOuqkc-AaDTRhGZRpQeMTagY4eg==
moatcontent.js
z.moatads.com/nandscontent759292113/ 		165 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/nandscontent759292113/moatcontent.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/northern-and-shell/dx/prod/utag.17.js?utv=ut4.39.201601281048
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
72.247.226.64 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-226-64.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6a081ef7a0f9d9ad92b6044730ec86ac2e3c9bfe9853fa7bc2c36e0f85bcc942

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:38 GMT
Content-Encoding
gzip
Last-Modified
Tue, 01 Nov 2016 18:25:47 GMT
Server
AmazonS3
x-amz-request-id
03B16663544CDD01
ETag
"2a7a49d4b6801003ac99ca358bbe7253"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=35085
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
54852
x-amz-id-2
8jma3h7SAne3HBvgD+Cmz4IQ0bXHXxhSitODk3p55gl0Kb7ahpp7Y4lrJ420jMQ6fpoiTxPNhNQ=
/
d2q1qtsl33ql2r.cloudfront.net/ 		43 B
524 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2q1qtsl33ql2r.cloudfront.net/?a=5b3033e2f4d14cbeb159bce2147902d5
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.98.117 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-98-117.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:55 GMT
Via
1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
Last-Modified
Mon, 22 Apr 2013 19:31:32 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA50-C1
ETag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
X-Cache
RefreshHit from cloudfront
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
X-Amz-Cf-Id
LK3fT-Y3phXumc-yKApZkQg5VBMTRERyShPYuDzR605LIntamgmMmQ==
tag.js
js.agkn.com/prod/v0/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.agkn.com/prod/v0/tag.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:d800:15:efbc:e300:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dc82de33871a9ed40a5379ed264dd0456d9bf58839286b913231648f527bc72b

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Wed, 20 Nov 2019 20:23:25 GMT
via
1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
last-modified
Tue, 22 Oct 2019 20:22:52 GMT
server
AmazonS3
age
80593
etag
"f53f55cbab099be3a970b446a66c496a"
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
3167
x-amz-cf-id
cpdp4jkRrELV5pjfCC-jItokXO5Xca7RfJ_Hjw5XbvUevfGZTRpkvQ==
2783fed7-9c54-4039-9ded-ec310e47edfb
https://www.express.co.uk/ 		6 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.express.co.uk/2783fed7-9c54-4039-9ded-ec310e47edfb
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9ce15b5438604bf3eb4ff1b92cd0972d7df3940e9bcbd63c6eaac226cb52367e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Content-Length
6143
Content-Type
application/javascript
master.m3u8
secure.brightcove.com/services/mobile/streaming/index/ 		669 B
1009 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.brightcove.com/services/mobile/streaming/index/master.m3u8?videoId=5454038390001&pubId=2540076170001&secure=true
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.74.101.79 , United States, ASN18908 (BRIGHTCOVE-AS - Brightcove, Inc., US),
Reverse DNS
secure.brightcove.com
Software
brightcove /
Resource Hash
b6ade9968394b018d28fce087da049bdba197aed1ef9f35167ef816841796503

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk

Response headers

Date
Thu, 21 Nov 2019 16:12:38 GMT
X-BC-Connecting-IP
89.38.96.190
Server
brightcove
X-BC-Client-IP
89.38.96.190
Content-Type
application/vnd.apple.mpegurl;charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
must-revalidate,max-age=0
Last-Modified
Fri, 23 Feb 2018 12:46:50 GMT
Content-Length
669
chartbeat.js
static.chartbeat.com/js/ 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/northern-and-shell/dx/prod/utag.109.js?utv=ut4.39.201808201513
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:9800:18:1fcd:349:ca21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
ffe2ef5ce19169f51b69f0dfdac122f402043b13afd7c65b2dab551ebf3b7629

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 14:24:55 GMT
content-encoding
gzip
last-modified
Tue, 29 Oct 2019 02:24:02 GMT
server
nginx
age
6462
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=7200
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
DN2fQlMbKDQ37IWsPY1gKb9ZJUtzeWTs6FbGtLddAVhT14o7N3bVbA==
via
1.1 04ce5a607a98db6d08257633417b84d7.cloudfront.net (CloudFront)
expires
Thu, 21 Nov 2019 16:24:55 GMT
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
116 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=northern-and-shell/dx/201910031508&cb=1574352758810
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.241 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (lha/8D36) /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:12:38 GMT
last-modified
Thu, 14 Apr 2016 16:59:33 GMT
server
ECAcc (lha/8D36)
etag
"2243872957"
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=600
accept-ranges
bytes
content-length
2
expires
Thu, 21 Nov 2019 16:22:38 GMT
buttonCenterImgUp.png
cdns2.gigya.com/gs/i/shareBar/button/ 		174 B
542 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdns2.gigya.com/gs/i/shareBar/button/buttonCenterImgUp.png
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.110 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-225-110.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
de34e56163cf7b887c17a511f4fcff7848ed39e769d40f621dfd5422c92471ba

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

X-Version
1
Date
Thu, 21 Nov 2019 16:12:38 GMT
Last-Modified
Tue, 23 Jul 2019 10:00:37 GMT
P3P
CP="IDC COR PSA DEV ADM OUR IND ONL"
Content-Type
image/png
X-LegacyProxy
true
Cache-Control
max-age=86400
X-Server
us1d-web505
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
X-Gigya-HA-cfg-ver
5
Content-Length
174
facebook.png
cdn.images.express.co.uk/img/static/share/ 		704 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.images.express.co.uk/img/static/share/facebook.png
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:fe00:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eecc9f4abadf636ac0d14d4dd07020b35e2e8686068df77f867ad7e6da2556da

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Wed, 04 Sep 2019 00:55:47 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
age
6794212
x-amz-meta-cb-modifiedtime
Thu, 04 Oct 2018 11:30:24 GMT
x-cache
Hit from cloudfront
status
200
content-length
704
last-modified
Mon, 17 Jun 2019 14:28:54 GMT
server
AmazonS3
etag
"6eb10077e143582485db19c54d2eb793"
access-control-allow-methods
HEAD, GET, POST
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=32592000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
zd2TteYYjOu2R2esMJtlLhTQ-gbB279UKRRVdI-R4sOswtk493SxoA==
twitter.png
cdn.images.express.co.uk/img/static/share/ 		682 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.images.express.co.uk/img/static/share/twitter.png
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:fe00:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9a5f751768fc13fc0def36ae104772a86cc4af4d031ec70951819f89cbed13f6

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Fri, 12 Jul 2019 20:30:51 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
age
11389307
x-amz-meta-cb-modifiedtime
Thu, 04 Oct 2018 11:30:24 GMT
x-cache
Hit from cloudfront
status
200
content-length
682
last-modified
Mon, 17 Jun 2019 14:28:56 GMT
server
AmazonS3
etag
"ef8d972b5edd8a9bb585fb0b1b964516"
access-control-allow-methods
HEAD, GET, POST
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=32592000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
lEcE221SYY6F-1E1V8LeNpp49T64NU4dkpVlAwOK8MD4K3-I9tvlpQ==
linkedin.png
cdn.images.express.co.uk/img/static/share/ 		274 B
775 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.images.express.co.uk/img/static/share/linkedin.png
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:fe00:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
874ce89fe959deb46939037d3f5c17fecddada9e22a6027bfecd7d46983ed292

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Fri, 12 Jul 2019 20:30:51 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
age
11389307
x-amz-meta-cb-modifiedtime
Thu, 04 Oct 2018 11:16:00 GMT
x-cache
Hit from cloudfront
status
200
content-length
274
last-modified
Mon, 17 Jun 2019 14:28:55 GMT
server
AmazonS3
etag
"50a28e1db7e78e3f67bb2fdcaed4f8e1"
access-control-allow-methods
HEAD, GET, POST
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=32592000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
PJ4ev5NmvUoV40VrrUxfUjKb6torAY9SycOjvgopkRPRwtrwA9TE8Q==
gplus.png
cdn.images.express.co.uk/img/static/share/ 		391 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.images.express.co.uk/img/static/share/gplus.png
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:fe00:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
50d7cea7f74df30e660306c5e40a9e390c5c471488ade8940a20efc43794d553

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Fri, 12 Jul 2019 20:30:51 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
age
11389308
x-amz-meta-cb-modifiedtime
Thu, 04 Oct 2018 11:30:24 GMT
x-cache
Hit from cloudfront
status
200
content-length
391
last-modified
Mon, 17 Jun 2019 14:28:55 GMT
server
AmazonS3
etag
"f7a1e4cc92551681f43275177696816a"
access-control-allow-methods
HEAD, GET, POST
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=32592000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
NzdBq3JQCiiaZsS3Rnl2XW-a1uFr1ZVp7ldO5AA-LVkwy65_oFB-tQ==
pinterest.png
cdn.images.express.co.uk/img/static/share/ 		442 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.images.express.co.uk/img/static/share/pinterest.png
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:fe00:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
daf4b32a87ae8820092eb9367d3360b045f0379737cd8585ebb97f48177d51fa

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Fri, 12 Jul 2019 20:30:51 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
age
11389308
x-amz-meta-cb-modifiedtime
Thu, 04 Oct 2018 11:16:00 GMT
x-cache
Hit from cloudfront
status
200
content-length
442
last-modified
Mon, 17 Jun 2019 14:28:55 GMT
server
AmazonS3
etag
"295eb4b09615d837b612c9f13317b673"
access-control-allow-methods
HEAD, GET, POST
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=32592000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
Nnx7bQp-fmj75dTetQ-1CpbFGEsC-s3QUj0_C-OMgQW4VaEOw1cxaA==
email.png
cdn.images.express.co.uk/img/static/share/ 		302 B
803 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.images.express.co.uk/img/static/share/email.png
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:fe00:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
073899583d7d08709cacbbe3308293db7ebbfc59fc5d9d2a79620cad9ca24d59

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Fri, 12 Jul 2019 20:30:51 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
age
11389308
x-amz-meta-cb-modifiedtime
Thu, 04 Oct 2018 11:30:24 GMT
x-cache
Hit from cloudfront
status
200
content-length
302
last-modified
Mon, 17 Jun 2019 14:28:54 GMT
server
AmazonS3
etag
"99f4cc5cf8a550013f4795fd8e471cec"
access-control-allow-methods
HEAD, GET, POST
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=32592000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
oTc9uCdvqgeMkSGUFMQO2T0LJaUMs-jNesZylMsyJ9kLzxa9m8j-eA==
comment.png
cdn.images.express.co.uk/img/static/share/ 		221 B
723 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.images.express.co.uk/img/static/share/comment.png
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:fe00:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8f51414c30b3370577599ded959cf31abe64c2245101f155d94157059420138e

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Wed, 04 Sep 2019 00:55:26 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
age
6794233
x-amz-meta-cb-modifiedtime
Thu, 04 Oct 2018 11:30:24 GMT
x-cache
Hit from cloudfront
status
200
content-length
221
last-modified
Mon, 17 Jun 2019 14:28:54 GMT
server
AmazonS3
etag
"f6e3f2ff31a6af34f0e98b72ec51d968"
access-control-allow-methods
HEAD, GET, POST
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=32592000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
k_ZXl4GVK3sPtJ4SQGh_3H4Je3omJa79fh6e42FZPTIFujKoEH74gQ==
main.css
cdn.my.northernandshell.co.uk/v0.0.1/ 		267 KB
268 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.my.northernandshell.co.uk/v0.0.1/main.css
Requested by
Host: cdn.my.northernandshell.co.uk
URL: https://cdn.my.northernandshell.co.uk/v0.0.1/init.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.196.124 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-224-196-124.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
635eb7149aea502ca1ef78530e72e2baa05e2cdcda7270e0b08f8bfd48eed6f4

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Wed, 20 Nov 2019 21:42:15 GMT
Via
1.1 e976f829f2d1c4787d42d0595ae7cf75.cloudfront.net (CloudFront)
Last-Modified
Tue, 16 Apr 2019 14:48:06 GMT
Server
AmazonS3
Age
66624
ETag
"551d793f1a53da32df306d0b9826b2fc"
X-Cache
Hit from cloudfront
Content-Type
text/css
X-Amz-Cf-Pop
FRA2-C1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
273862
X-Amz-Cf-Id
ld0zoHYpdcQvtHDPD6fE2Y1OsIOwPSnnUtDlyux9MRWQkkhanmmrkw==
app.js
cdn.my.northernandshell.co.uk/v0.0.1/ 		219 KB
219 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.my.northernandshell.co.uk/v0.0.1/app.js
Requested by
Host: cdn.my.northernandshell.co.uk
URL: https://cdn.my.northernandshell.co.uk/v0.0.1/init.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.196.124 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-224-196-124.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
51ecd90ee6904a0a5af8404484d755d173e758766b5c84f55e298f7e551a010b

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Wed, 20 Nov 2019 21:42:15 GMT
Via
1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
Last-Modified
Fri, 04 Jan 2019 17:31:13 GMT
Server
AmazonS3
Age
66624
ETag
"450b796e96595c5a7ffec507ae6396d7"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
X-Amz-Cf-Pop
FRA2-C1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
223754
X-Amz-Cf-Id
HlnylmJhbSSdBqlZrhCdqh3ZmJZ1r9lhoYx3j1BQ2JkOofCZHRKg_A==
global
service.cmp.oath.com/cmp/v0/vendor_list/ Frame CFAF 		90 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://service.cmp.oath.com/cmp/v0/vendor_list/global
Requested by
Host: cdn.images.express.co.uk
URL: https://cdn.images.express.co.uk/cmp-19.4.4/dx/cmpui.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:135:155a:23ba:b2a:25ff:122d , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECD (fcn/4087) /
Resource Hash
14a28375aee482e8aac8079689e6c143a10a34a52a6ecb60d8b2fffb492fda3d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://cdn.images.express.co.uk/cmp-19.4.4/dx/cmpui.html
Origin
https://cdn.images.express.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'none'
content-encoding
gzip
status
200
last-modified
Thu, 21 Nov 2019 16:08:04 GMT
server
ECD (fcn/4087)
x-frame-options
SAMEORIGIN
date
Thu, 21 Nov 2019 16:12:38 GMT
vary
Accept-Encoding
x-cache
HIT
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
17011
gigya.services.socialize.plugins.shareCounts.min.js
cdns3.gigya.com/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdns3.gigya.com/js/gigya.services.socialize.plugins.shareCounts.min.js?version=latest
Requested by
Host: cdns.gigya.com
URL: https://cdns.gigya.com/JS/gigya.js?apiKey=3_BBXBRC0QUUloJ0Hujw4HOY17aLrL0Uy8FDx59O4-PrYbWWtrnCBKphB69PH9tXSb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.110 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-225-110.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
284b4de0e96bd0ca2dc776d8380a81598b650e85d035c0c3b066db657279e1e4

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:38 GMT
Content-Encoding
gzip
X-Soa
true, Gator
P3P
CP="IDC COR PSA DEV ADM OUR IND ONL"
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
X-CallID
62fc84239f3e4526baa24d7bf97fdc02
Cache-Control
public, max-age=900, s-maxage=3600
X-Server
us1d-nomad-g12
Connection
keep-alive
X-Robots-Tag
none
X-Gigya-HA-cfg-ver
5
Content-Length
1906
Expires
Thu, 21 Nov 2019 16:27:38 GMT
digitrust.min.js
cdn.digitru.st/prod/1/ 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.digitru.st/prod/1/digitrust.min.js
Requested by
Host: aka.spotxcdn.com
URL: https://aka.spotxcdn.com/integration/directsdk/v1/directsdk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.180.84.2 , United States, ASN33047 (INSTART - Instart Logic, Inc, US),
Reverse DNS
Software
DTOrigin /
Resource Hash
26ca840c9d02b5b4c1013bf1e2371ff3e04dea1fb2dc7b60cc7d21345359938d

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Tue, 19 Nov 2019 07:12:50 GMT
content-encoding
gzip
last-modified
Mon, 23 Sep 2019 14:27:17 GMT
server
DTOrigin
access-control-allow-origin
*
etag
"651f6d3b36aa4bd56fedba685427757f"
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
status
200
cache-control
max-age=86400
x-instart-request-id
9306640210226292771:NZF01-CPVNPPRY14:1574352758:0
x-instart-cache-id
14:2046446439274610902::1574147570
accept-ranges
bytes
content-type
application/javascript
content-length
11230
expires
Wed, 20 Nov 2019 07:12:50 GMT
partner
sync.search.spotxchange.com/
Redirect Chain
  • https://sync.search.spotxchange.com/partner?source=dados
  • https://sync.search.spotxchange.com/partner?source=dados&__user_check__=1&sync_id=bd0ba690-0c79-11ea-b3a2-1929eb630406
0
563 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?source=dados&__user_check__=1&sync_id=bd0ba690-0c79-11ea-b3a2-1929eb630406
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.94.180.125 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

x-spotx-halt-type
Audience Dsp sync Priority Sync endpoint Source ID is not on enabled source whitelist
Date
Thu, 21 Nov 2019 16:12:39 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
124
Connection
keep-alive
Content-Length
0

Redirect headers

Date
Thu, 21 Nov 2019 16:12:39 GMT
Server
nginx
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, OPTIONS
Location
/partner?source=dados&__user_check__=1&sync_id=bd0ba690-0c79-11ea-b3a2-1929eb630406
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
9
Connection
keep-alive
Content-Length
0
vendor-bundle.js
static-cdn.spot.im/production/launcher/tags/v2.9.4/vendor/ 		361 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/launcher/tags/v2.9.4/vendor/vendor-bundle.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.32 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-32.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
c9fc596f182f40b88ab62a77fa9f94b00281112fea6ad2dcc2868ebaeb84228c

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

x-amz-version-id
1.zxAIqrsZrO6ebeuzydO2uH2fJxac0T
content-encoding
gzip
last-modified
Wed, 06 Nov 2019 09:51:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
date
Thu, 21 Nov 2019 16:12:38 GMT
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=31622400
server-timing
cdn-cache; desc=HIT, edge; dur=4
access-control-allow-origin
*
content-length
118220
x-amz-cf-id
zZ0msBCuopBWTSUndiXXRexAmv5vnQNMi0qlx8maCm4wSWLahwcUNg==
expires
Sat, 21 Nov 2020 16:12:38 GMT
pixel
pix.spot.im/api/v1/ 		0
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pix.spot.im/api/v1/pixel?m=eyJwYWdlX3ZpZXdfaWQiOiI5MGE2OTFhNi0xMjQxLTRiMmMtODAyOC05YmZlYjE4OTFkOTQiLCJyZWZlcnJlciI6Imh0dHA6Ly9zaHIuZ3Mva1dRYnowUiIsInNvdXJjZSI6ImxhdW5jaGVyIiwic291cmNlX3ZlcnNpb24iOiJ2MiIsInNwb3RfaWQiOiJzcF85TE1JTmJLOSIsInR5cGUiOiJsb2FkZWQifQ%3D%3D&rnd=0.8038562384144039
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_9LMINbK9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.16 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-16.deploy.static.akamaitechnologies.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
GET
Origin
https://www.express.co.uk
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Access-Control-Request-Headers
x-spotim-device-uuid,x-spotim-page-view-id

Response headers

pragma
no-cache
date
Thu, 21 Nov 2019 16:12:39 GMT
server
fasthttp
access-control-allow-origin
https://www.express.co.uk
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
status
200
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
access-control-allow-headers
content-type, x-spotim-device-uuid, x-spotim-page-view-id, x-spotim-source, x-xsrf-token
content-length
0
expires
Thu, 21 Nov 2019 16:12:39 GMT
icomoon.ttf
brightcove.northernandshell.co.uk/fonts/dx/ 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://brightcove.northernandshell.co.uk/fonts/dx/icomoon.ttf?otg4ti32332
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.78.9 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-225-78-9.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
02c851ded2dc8888229b1dd5ecb987d3596f6749985280095bbb598c2bc722ae

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk

Response headers

x-amz-version-id
null
via
1.1 cc0ab20766d57035422a2c4c69fe0620.cloudfront.net (CloudFront)
age
70108
x-cache
Hit from cloudfront
status
200
date
Wed, 20 Nov 2019 20:44:15 GMT
content-length
5160
last-modified
Tue, 30 May 2017 13:51:22 GMT
server
AmazonS3
etag
"73fd1d03c16d94e1403c58fb74eeca77"
access-control-allow-methods
GET
content-type
application/x-font-ttf
access-control-allow-origin
*
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
VE8hB3wg2UMulBaw2ln5_hcZovG0qpFYNSvOfYY5kmXQ4N4Vff5Umg==
publishertag.js
static.criteo.net/js/ld/ 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183871-280760540362456.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
40483fac4e86b90f4d46c4b9ab5b5a25662849de0c9789e571abc23ef1217a6e

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:12:39 GMT
content-encoding
gzip
last-modified
Fri, 25 Oct 2019 13:44:17 GMT
server
nginx
access-control-allow-origin
*
etag
W/"5db2fc31-15cda"
content-type
text/javascript
status
200
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Fri, 22 Nov 2019 16:12:39 GMT
rid
match.adsrvr.org/track/ 		109 B
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=183871
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183871-280760540362456.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.23.112 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-63-32-23-112.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e5110006f9cbec85309f6ca87b94ed679e58183af51ea971308162d45e8c754f

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 21 Nov 2019 16:12:42 GMT
x-aspnet-version
4.0.30319
status
200
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.express.co.uk
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Sat, 21 Dec 2019 16:12:42 GMT
adcfg
vap5ams1.lijit.com/ Frame F0C7 		158 B
569 B 		Script
General
Check archive.org
Download Go to
Full URL
https://vap5ams1.lijit.com/adcfg?zoneid=598981&tid=eb3e22c2dec344528cdad6599b2f6c9eb388727b&mode=1&dmn=www.express.co.uk
Requested by
Host: vap5ams1.lijit.com
URL: https://vap5ams1.lijit.com/sync
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET - Internap Corporation, US),
Reverse DNS
Software
nginx /
Resource Hash
5a9e5188b6ca8f49f6e0a216522281b4e2cdb1830a7112be895f6c3705a7a3dc

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:38 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
/
d.agkn.com/iframe/8613/ Frame DE71 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://d.agkn.com/iframe/8613/?che=783945411&gdpr=&gdpr_consent=&ref=http%3A%2F%2Fshr.gs%2FkWQbz0R&bpid=northernshelluk&c=%7B%22bpid%22%3A%22northernshelluk%22%2C%22loc%22%3A%22https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download%22%2C%22gdpr%22%3A%22%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22http%3A%2F%2Fshr.gs%2FkWQbz0R%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22-1%22%2C%22brd%22%3A%22-1%22%7D
Requested by
Host: js.agkn.com
URL: https://js.agkn.com/prod/v0/tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:3200:19:fc2c:a140:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash

Request headers

:method
GET
:authority
d.agkn.com
:scheme
https
:path
/iframe/8613/?che=783945411&gdpr=&gdpr_consent=&ref=http%3A%2F%2Fshr.gs%2FkWQbz0R&bpid=northernshelluk&c=%7B%22bpid%22%3A%22northernshelluk%22%2C%22loc%22%3A%22https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download%22%2C%22gdpr%22%3A%22%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22http%3A%2F%2Fshr.gs%2FkWQbz0R%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22-1%22%2C%22brd%22%3A%22-1%22%7D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download

Response headers

status
200
content-type
text/html;charset=UTF-8
content-length
481
cache-control
no-cache, must-revalidate
date
Thu, 21 Nov 2019 16:12:38 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pragma
no-cache
server
Apache-Coyote/1.1
set-cookie
ab=0001%3A%2BQY3Dmj%2BKJIXPkGR1te6IWs%2FlyihKO0q;Max-Age=31536000;domain=agkn.com;path=/ u=C|0AEAlaXP2JWlz9gAAAAAAAg1RAQCADVIBAIA;Max-Age=31536000;domain=agkn.com;path=/
x-cache
Miss from cloudfront
via
1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
xPxDKfTx0HyvyX_dd4UxNdxRuV29FGbszxUJ4muy4rHC3uTsJocjWw==
EN_vendors.json
cdn.images.express.co.uk/vendorlist/19.4.4/dx/ Frame CFAF 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.images.express.co.uk/vendorlist/19.4.4/dx/EN_vendors.json
Requested by
Host: cdn.images.express.co.uk
URL: https://cdn.images.express.co.uk/cmp-19.4.4/dx/cmpui.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:fe00:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ae7007781238285bd305071452666ffb2b9456d039d43bbacb1228a28469b4dc

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://cdn.images.express.co.uk/cmp-19.4.4/dx/cmpui.html
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Fri, 12 Jul 2019 20:30:56 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
age
3785749
x-amz-meta-cb-modifiedtime
Fri, 19 Apr 2019 14:34:22 GMT
x-cache
Hit from cloudfront
status
200
content-length
2273
last-modified
Fri, 19 Apr 2019 14:35:30 GMT
server
AmazonS3
etag
"9705cb852eea48bc02d549fd20282ef0"
access-control-allow-methods
HEAD, GET, POST
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
_gkNxDSWWX_N36UG8vlhdd_G3AA_N6h0Q4VpLOQN-HpXVLKcUFB1lw==
tracker
metrics.brightcove.com/v2/ 		35 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=8e57aa78cd35e847c21b0502&account=2540076170001&destination=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&platform_version=6.19.2&player=players.brightcove.com%2F2540076170001%2FVLKU4hbDPX_default&player_name=%5BEXPRESS%5D%20-%20v3.3%20Click%20to%20Play%20prebid.js&source=http%3A%2F%2Fshr.gs%2FkWQbz0R&time=1574352758910&event=video_impression&web_ad_info=%7B%22plugin%22%3A%22ima3%22%2C%22pluginVersion%22%3A%223.2.1%22%2C%22adTech%22%3A%22html5%22%2C%22requestMode%22%3A%22onplay%22%2C%22timeout%22%3A12000%7D&video=5454038390001&video_name=Here%27s%20what%20you%20should%20do%20after%20a%20Windows%2010%20upgrade&video_duration=125&autoplay=false&preload=auto&seq=4_0
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.244.232.184 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
184.232.244.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
via
1.1 google
date
Thu, 21 Nov 2019 16:12:38 GMT
content-type
image/gif
status
200
cache-control
must-revalidate,no-cache,no-store
alt-svc
clear
content-length
35
css
fonts.googleapis.com/ 		10 KB
812 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,800
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
15b54d408557488fd7cc7fc3c6240046813d492b9d2b936a0bee8b8fe1597853
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 21 Nov 2019 16:12:38 GMT
server
ESF
access-control-allow-origin
*
date
Thu, 21 Nov 2019 16:12:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Thu, 21 Nov 2019 16:12:38 GMT
pubvendors.json
www.express.co.uk/ Frame CFAF 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.express.co.uk/pubvendors.json
Requested by
Host: cdn.images.express.co.uk
URL: https://cdn.images.express.co.uk/cmp-19.4.4/dx/cmpui.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:1200:e:515c:9940:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
3a819ebf9c72c6bc403110067ad8b8cac0deb61d84c0bd4b48aeba78b7410791

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://cdn.images.express.co.uk/cmp-19.4.4/dx/cmpui.html
Origin
https://cdn.images.express.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:12:04 GMT
content-encoding
gzip
age
21
x-cache
Hit from cloudfront
status
200
x-ua-compatible
IE=edge,chrome=1
access-control-allow-origin
*
server
nginx
vary
Accept-Encoding,User-Agent
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH, OPTIONS
content-type
application/json; charset=UTF-8
via
1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
cache-control
public,max-age=180
x-amz-cf-pop
FRA2-C2
access-control-allow-headers
X-Requested-With, Content-Type, Authorization
x-amz-cf-id
3rUXZWfRbEkUO7S_rHf8ag6i-gVf5bNemBAzjVm1FzajsY8bbzjxkQ==
expires
Thu, 21 Nov 2019 16:15:04 GMT
get
odb.outbrain.com/utils/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&srcUrl=https%3A%2F%2Fwww.express.co.uk%2Fposts%2Frss%2F59%2Ftechnology&settings=true&recs=true&widgetJSId=AR_21&key=NANOWDGT01&idx=0&version=104086&apv=false&sig=BS0FNwdL&format=html&va=true&rand=67130&pdobuid=-1&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&adblck=false&secured=true&cmpStat=1&ref=http%3A%2F%2Fshr.gs%2FkWQbz0R
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
b51c7b7973ca6b575c84ff1eee1a914ea9b300d3a4579018fce0f1ee63907605
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=0; includeSubDomains;
content-encoding
gzip
traffic-path
CHIDC2, MDW, FRA, Europe2
x-cache
MISS, MISS
p3p
policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
status
200
x-traceid
4a885e4d8675e3179080a90cca8dc3b4
content-length
9811
x-served-by
cache-mdw17365-MDW, cache-fra19126-FRA
pragma
no-cache
x-timer
S1574352759.068518,VS0,VE137
date
Thu, 21 Nov 2019 16:12:39 GMT
vary
Accept-Encoding, User-Agent
content-type
text/x-json; charset=UTF-8
via
1.1 varnish, 1.1 varnish
expires
Thu, 01 Jan 1970 00:00:00 GMT
cache-control
no-cache
backend-ip
157.52.75.65
accept-ranges
bytes, bytes
x-cache-hits
0, 0
pixel.gif
px.moatads.com/ 		43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=NANDSCONTENT1&hp=1&pl=1&cm=1&kq=1&bq=0&f=0&j=http%3A%2F%2Fshr.gs&o=3&t=1574352758979&de=4526693643&m=0&ar=de60227-clean&q=0&cb=0&cu=1574352758979&ll=2&ln=0&em=0&en=0&d=express.co.uk%3AWindows%2010%20update%20is%20packed%20with%20dangerous%20ransomware%20-%20do%20not%20download!%3A__page__%3A-&qs=1&gw=nandscontent759292113&fd=1&ac=1&it=500&fs=98334&na=442218525&cs=0
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
72.247.226.64 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-226-64.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:44 GMT
Last-Modified
Fri, 20 May 2016 15:16:00 GMT
Server
AkamaiNetStorage
ETag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Thu, 21 Nov 2019 16:12:44 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C6A7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuiJcuiwsGjvCXZdXvbS1okHFE_2rJThykrNekCzC3-eKlvtH9bLsabar5QTB0vBY-vh8PRk49IySEgPZSoNjTHSmPz6HGMxH4qrV8j4GarapYwJkk4lwkH1QdZa906tPczqgg15HPX6TNqbGgNxGb3j5M5hVJV5L4v4-lHZsejkNcR-NkPWiXpYTqrbEOwKQIwDADcDUzK1PTUoxquScluTD6w4fkmMnaPko1qCqXg-SWrQuJ1YToTm81bg8kPTxKomUwdIwz2qWFdI2qJC7X6xWJq5t_fSKAU7w&sai=AMfl-YRAk9sKr6kQ4YCMdm45CvtXAeuHUpv63bX4s17zBngJmH85MZ8N-dIbsEew0eewJnaRjc18s_F8vY0iZqJ7mrHNyoC6T2l-Ql_wgXOLxg&sig=Cg0ArKJSzNNrECp9aO9fEAE&urlfix=1&adurl=
Requested by
Host: shr.gs
URL: http://shr.gs/kWQbz0R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.34 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s16-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 21 Nov 2019 16:12:39 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 21 Nov 2019 16:12:39 GMT
fpi.js
ap.lijit.com/www/delivery/ Frame C6A7 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/www/delivery/fpi.js?z=592017&width=970&height=250
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET - Internap Corporation, US),
Reverse DNS
Software
nginx /
Resource Hash
b853fac19f39390912aa0ec94fb476e028f8deedc3a56196ba1b02cc08ed4cf6

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:39 GMT
Content-Encoding
gzip
Server
nginx
ETag
W/"5dd5d847-1540"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap5ams1
Expires
Thu, 01 Jan 1970 00:00:01 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame C6A7 		76 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
e48c4975b293be404aa17aca3844095d270597494ffabe5316cad8c3e45d5004
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:12:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1573858490126243"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29138
x-xss-protection
0
expires
Thu, 21 Nov 2019 16:12:39 GMT
ctax=Campaigns%5E4635466512%5E2435030858%5E4870761093%5E%5EImpression-4870761093138251962774
bcp.crwdcntrl.net/5/ct=y/c=7101/ Frame C6A7
Redirect Chain
  • https://bcp.crwdcntrl.net/5/c=7101/ctax=Campaigns%5E4635466512%5E2435030858%5E4870761093%5E%5EImpression-4870761093138251962774
  • https://bcp.crwdcntrl.net/5/ct=y/c=7101/ctax=Campaigns%5E4635466512%5E2435030858%5E4870761093%5E%5EImpression-4870761093138251962774
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/5/ct=y/c=7101/ctax=Campaigns%5E4635466512%5E2435030858%5E4870761093%5E%5EImpression-4870761093138251962774
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.172.91 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-246-172-91.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:39 GMT
P3P
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Access-Control-Allow-Origin
*
Cache-Control
no-cache
X-Server
10.45.15.143
Connection
keep-alive
Content-Type
image/gif
Content-Length
49
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:39 GMT
P3P
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Location
https://bcp.crwdcntrl.net/5/ct=y/c=7101/ctax=Campaigns%5E4635466512%5E2435030858%5E4870761093%5E%5EImpression-4870761093138251962774
Cache-Control
no-cache
X-Server
10.45.28.81
Connection
keep-alive
Content-Length
0
Expires
0
osd.js
www.googletagservices.com/activeview/js/current/ 		78 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019111401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0e946b0ee0337cf23c845f67a238e1fefd5f1e014fdbd8ea27870172fcedd40f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:12:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1573858490126243"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29338
x-xss-protection
0
expires
Thu, 21 Nov 2019 16:12:39 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame DEE6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstYDInWppDogVSPEwydBpHvbPNEkhmeN9QYOYmcCVlKEWA3Sw3gZzOTeXYHuJpzH_lFnaohoOEYxBMdjgDQVIxRvY-SjLRUwKEhpu1BNC9wm7RLiGSYHY5N0jd_BgIuIZkNv-6PhWCSjjT5a8qgyFvzNVRWQMfmegvi_bshpCV-6lRHp-vGsxeAT21L_PdlGFjrUYZzmzRnn44DHdctYovSQnw5rU9JUxbpT6sLyhM-edBhNaNeRP4Y_UuJac1tzxmIbPr1mVno-M_uuMz64dd_BXRUTnRF-oK3cA&sai=AMfl-YTaJOx985I9m9Y5_0dKR_ku3vxUCbZjYlNg6bc2ziB2Wa7vYjBxMs21xdkHB0J7Nrq-VL5abx_8Mrq97qwjqFIpSWf1j2NlrbpjtoTBQQ&sig=Cg0ArKJSzJ8d2zG3UCCoEAE&urlfix=1&adurl=
Requested by
Host: shr.gs
URL: http://shr.gs/kWQbz0R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.34 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s16-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 21 Nov 2019 16:12:39 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 21 Nov 2019 16:12:39 GMT
fpi.js
ap.lijit.com/www/delivery/ Frame DEE6 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/www/delivery/fpi.js?z=592015&width=300&height=600
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET - Internap Corporation, US),
Reverse DNS
Software
nginx /
Resource Hash
b853fac19f39390912aa0ec94fb476e028f8deedc3a56196ba1b02cc08ed4cf6

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:39 GMT
Content-Encoding
gzip
Server
nginx
ETag
W/"5dd5d848-1540"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap5ams1
Expires
Thu, 01 Jan 1970 00:00:01 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame DEE6 		76 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
e48c4975b293be404aa17aca3844095d270597494ffabe5316cad8c3e45d5004
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:12:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1573858490126243"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29138
x-xss-protection
0
expires
Thu, 21 Nov 2019 16:12:39 GMT
ctax=Campaigns%5E4635466512%5E2435030858%5E4870733667%5E%5EImpression-4870733667138251963101
bcp.crwdcntrl.net/5/ct=y/c=7101/ Frame DEE6
Redirect Chain
  • https://bcp.crwdcntrl.net/5/c=7101/ctax=Campaigns%5E4635466512%5E2435030858%5E4870733667%5E%5EImpression-4870733667138251963101
  • https://bcp.crwdcntrl.net/5/ct=y/c=7101/ctax=Campaigns%5E4635466512%5E2435030858%5E4870733667%5E%5EImpression-4870733667138251963101
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/5/ct=y/c=7101/ctax=Campaigns%5E4635466512%5E2435030858%5E4870733667%5E%5EImpression-4870733667138251963101
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.172.91 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-246-172-91.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:39 GMT
P3P
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Access-Control-Allow-Origin
*
Cache-Control
no-cache
X-Server
10.45.22.144
Connection
keep-alive
Content-Type
image/gif
Content-Length
49
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:39 GMT
P3P
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Location
https://bcp.crwdcntrl.net/5/ct=y/c=7101/ctax=Campaigns%5E4635466512%5E2435030858%5E4870733667%5E%5EImpression-4870733667138251963101
Cache-Control
no-cache
X-Server
10.45.22.144
Connection
keep-alive
Content-Length
0
Expires
0
view
securepubads.g.doubleclick.net/pcs/ Frame B56F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstKSYYzPXMI2Yj9Z3TbAbfEk13Bd1q8cnQyTfg_c4NlahxxnpLblldHVPD38NV2rh6xTuXEAIjnsKp3zel6YjOoLQIUlHzCcbBkkL0j5abeRDiwu9Ri69ACSCWm1S7YDSK57EoTsEKEEwnUZ2XhNptPVYKq7PTx6n9HJQ3YbR_1iXMapSwaiKHci_YwfCeQTbAHvgWIYquiLDg8fnAdn8cMQ1NMuolXf8wbxE1410h7AvCUqK5PZ-Fl07PRXDAM-OToXlumLNkTju4-rISmTcB-kjJr6-FGhCk4zg&sai=AMfl-YTaq5Y86NWICgxXCcXscZ2rm9HweIUJDqMykzp81W4npgdgz14Au0SoqUAhK6rV9E-qRvYalgYaWLDLKUBfjkL6c-x7wArzI1-UOtOyBQ&sig=Cg0ArKJSzH2M74QcLL6AEAE&urlfix=1&adurl=
Requested by
Host: shr.gs
URL: http://shr.gs/kWQbz0R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.34 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s16-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 21 Nov 2019 16:12:39 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 21 Nov 2019 16:12:39 GMT
fpi.js
ap.lijit.com/www/delivery/ Frame B56F 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/www/delivery/fpi.js?z=592022&width=300&height=250
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET - Internap Corporation, US),
Reverse DNS
Software
nginx /
Resource Hash
b853fac19f39390912aa0ec94fb476e028f8deedc3a56196ba1b02cc08ed4cf6

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:39 GMT
Content-Encoding
gzip
Server
nginx
ETag
W/"5dd5d84a-1540"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap5ams1
Expires
Thu, 01 Jan 1970 00:00:01 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame B56F 		76 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
e48c4975b293be404aa17aca3844095d270597494ffabe5316cad8c3e45d5004
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:12:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1573858490126243"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29138
x-xss-protection
0
expires
Thu, 21 Nov 2019 16:12:39 GMT
ctax=Campaigns%5E4635466512%5E2435030858%5E4871301086%5E%5EImpression-4871301086138251964595
bcp.crwdcntrl.net/5/ct=y/c=7101/ Frame B56F
Redirect Chain
  • https://bcp.crwdcntrl.net/5/c=7101/ctax=Campaigns%5E4635466512%5E2435030858%5E4871301086%5E%5EImpression-4871301086138251964595
  • https://bcp.crwdcntrl.net/5/ct=y/c=7101/ctax=Campaigns%5E4635466512%5E2435030858%5E4871301086%5E%5EImpression-4871301086138251964595
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/5/ct=y/c=7101/ctax=Campaigns%5E4635466512%5E2435030858%5E4871301086%5E%5EImpression-4871301086138251964595
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.172.91 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-246-172-91.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:39 GMT
P3P
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Access-Control-Allow-Origin
*
Cache-Control
no-cache
X-Server
10.45.1.34
Connection
keep-alive
Content-Type
image/gif
Content-Length
49
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:39 GMT
P3P
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Location
https://bcp.crwdcntrl.net/5/ct=y/c=7101/ctax=Campaigns%5E4635466512%5E2435030858%5E4871301086%5E%5EImpression-4871301086138251964595
Cache-Control
no-cache
X-Server
10.45.26.49
Connection
keep-alive
Content-Length
0
Expires
0
view
securepubads.g.doubleclick.net/pcs/ Frame 670F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvMLgIbdS6N58RdUM0_NYH7_Q7JCry7omvowTTAPxUDGRGeuTtyUsZdke3UN0sJlCjfJ4VZ8taSC5b3lOIi_RvDMTARV7UxTjK6qznXYx0o_x6ZxLxHAMEnmLh6m7GB2Vo2Ku7inzrfRjfub9s7swv0J0eMSlyUl69Rbw4GIyZGM6yJgP5WPIPiH6wBOJFuZU05IS87vsdEfYmY-0tiuG3G3R1dZcB0uLP2_ST0sPy2Hpob-RyUGoJ0NNySlcg6I29uhWwWeCGbzukiEjDNgA5hWjvbcmRmdcSapA&sai=AMfl-YSDNcaMkO2jgPrWmpe8vMw95NvnuCErcyH0Wbj1HuJvbna92MHqx9sOkgsuNeLSG0IDXIpwlRqcM5PL6HH2msZoix7A35JKXnDdfQHh5A&sig=Cg0ArKJSzFvzKP_MiufGEAE&urlfix=1&adurl=
Requested by
Host: shr.gs
URL: http://shr.gs/kWQbz0R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.34 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s16-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 21 Nov 2019 16:12:39 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 21 Nov 2019 16:12:39 GMT
fpi.js
ap.lijit.com/www/delivery/ Frame 670F 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/www/delivery/fpi.js?z=592013&width=300&height=250
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET - Internap Corporation, US),
Reverse DNS
Software
nginx /
Resource Hash
b853fac19f39390912aa0ec94fb476e028f8deedc3a56196ba1b02cc08ed4cf6

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:39 GMT
Content-Encoding
gzip
Server
nginx
ETag
W/"5dd5d841-1540"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap5ams1
Expires
Thu, 01 Jan 1970 00:00:01 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 670F 		76 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
e48c4975b293be404aa17aca3844095d270597494ffabe5316cad8c3e45d5004
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:12:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1573858490126243"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29138
x-xss-protection
0
expires
Thu, 21 Nov 2019 16:12:39 GMT
ctax=Campaigns%5E4635466512%5E2435030858%5E4870730049%5E%5EImpression-4870730049138251763494
bcp.crwdcntrl.net/5/ct=y/c=7101/ Frame 670F
Redirect Chain
  • https://bcp.crwdcntrl.net/5/c=7101/ctax=Campaigns%5E4635466512%5E2435030858%5E4870730049%5E%5EImpression-4870730049138251763494
  • https://bcp.crwdcntrl.net/5/ct=y/c=7101/ctax=Campaigns%5E4635466512%5E2435030858%5E4870730049%5E%5EImpression-4870730049138251763494
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/5/ct=y/c=7101/ctax=Campaigns%5E4635466512%5E2435030858%5E4870730049%5E%5EImpression-4870730049138251763494
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.172.91 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-246-172-91.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:39 GMT
P3P
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Access-Control-Allow-Origin
*
Cache-Control
no-cache
X-Server
10.45.17.100
Connection
keep-alive
Content-Type
image/gif
Content-Length
49
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:39 GMT
P3P
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Location
https://bcp.crwdcntrl.net/5/ct=y/c=7101/ctax=Campaigns%5E4635466512%5E2435030858%5E4870730049%5E%5EImpression-4870730049138251763494
Cache-Control
no-cache
X-Server
10.45.21.139
Connection
keep-alive
Content-Length
0
Expires
0
view
securepubads.g.doubleclick.net/pcs/ Frame 4D94 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvn45UajDzG7sGPQuKoeHNcLXwqSTBZMFxLen3i950tbFtS8bVkcMRS9l8xQpyPAz-3hnLqAWLeUd7HmDv7dxltUdpeA5wIHyDWeAh2g3i7GacajG3itgtcA1JbKYNFz7vVvwRGfBXul_4G-1WR3ivQ0WTEETMHQuCExJ4YmuNmsbdW_cjMvS6iMCqWRsmJRb-sKkWYXkC6wGSQUbrRpeosZY3P3kWXInsrxKGJ7Ys1how2AeNhrIuK2JgbAjCD3WH0K5zHe-xBtopSV7MAqz-77c9FvBVAgygC&sai=AMfl-YQv3SNZ_VX9BKMRy2apj46Nl7qr9b0IBF4thKRxgWXPU7J7u6r7VG8NOUAOm70EpF08-nZPjTs083ogDeYlPtuvJt7_MWdDDU1MBvJxCg&sig=Cg0ArKJSzB1rMfQOnJRrEAE&urlfix=1&adurl=
Requested by
Host: shr.gs
URL: http://shr.gs/kWQbz0R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.34 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s16-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 21 Nov 2019 16:12:39 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 21 Nov 2019 16:12:39 GMT
native-loader.js
video.unrulymedia.com/native/ Frame 4D94 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.unrulymedia.com/native/native-loader.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.192.221 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-224-192-221.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
12943be72bc8364363630060423b7717d7fe4a0c1de5fcaaa67ed1a624417be4

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:04:04 GMT
content-encoding
gzip
x-amz-expiration
expiry-date="Wed, 18 Nov 2026 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified
Tue, 19 Nov 2019 18:22:43 GMT
server
AmazonS3
age
518
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=600
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
l6kIIMaKR30HMw1WLIO24506xoThj_qvy75ngteJSJs80sHAYIiCqw==
via
1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 4D94 		76 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
e48c4975b293be404aa17aca3844095d270597494ffabe5316cad8c3e45d5004
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:12:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1573858490126243"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29138
x-xss-protection
0
expires
Thu, 21 Nov 2019 16:12:39 GMT
ctax=Campaigns%5E113799503%5E471976343%5E218007983%5E%5EImpression-21800798394254180023
bcp.crwdcntrl.net/5/ct=y/c=7101/ Frame 4D94
Redirect Chain
  • https://bcp.crwdcntrl.net/5/c=7101/ctax=Campaigns%5E113799503%5E471976343%5E218007983%5E%5EImpression-21800798394254180023
  • https://bcp.crwdcntrl.net/5/ct=y/c=7101/ctax=Campaigns%5E113799503%5E471976343%5E218007983%5E%5EImpression-21800798394254180023
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/5/ct=y/c=7101/ctax=Campaigns%5E113799503%5E471976343%5E218007983%5E%5EImpression-21800798394254180023
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.172.91 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-246-172-91.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:39 GMT
P3P
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Access-Control-Allow-Origin
*
Cache-Control
no-cache
X-Server
10.45.15.22
Connection
keep-alive
Content-Type
image/gif
Content-Length
49
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:39 GMT
P3P
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Location
https://bcp.crwdcntrl.net/5/ct=y/c=7101/ctax=Campaigns%5E113799503%5E471976343%5E218007983%5E%5EImpression-21800798394254180023
Cache-Control
no-cache
X-Server
10.45.1.153
Connection
keep-alive
Content-Length
0
Expires
0
pixel
pix.spot.im/api/v1/ 		16 B
429 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pix.spot.im/api/v1/pixel?m=eyJwYWdlX3ZpZXdfaWQiOiI5MGE2OTFhNi0xMjQxLTRiMmMtODAyOC05YmZlYjE4OTFkOTQiLCJyZWZlcnJlciI6Imh0dHA6Ly9zaHIuZ3Mva1dRYnowUiIsInNvdXJjZSI6ImxhdW5jaGVyIiwic291cmNlX3ZlcnNpb24iOiJ2MiIsInNwb3RfaWQiOiJzcF85TE1JTmJLOSIsInR5cGUiOiJsb2FkZWQifQ%3D%3D&rnd=0.8038562384144039
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.9 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
fasthttp /
Resource Hash
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
x-spotim-device-uuid
undefined
x-spotim-page-view-id
90a691a6-1241-4b2c-8028-9bfeb1891d94
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Origin
https://www.express.co.uk

Response headers

pragma
no-cache
date
Thu, 21 Nov 2019 16:12:39 GMT
server
fasthttp
status
200
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.express.co.uk
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
access-control-allow-headers
content-type, x-spotim-device-uuid, x-spotim-page-view-id, x-spotim-source, x-xsrf-token
content-length
16
expires
Thu, 21 Nov 2019 16:12:39 GMT
pitc-ab-tester-bundle-e57da06ea75d4c9b6fe8.js
static-cdn.spot.im/production/pitc-ab-tester/ 		57 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/pitc-ab-tester/pitc-ab-tester-bundle-e57da06ea75d4c9b6fe8.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.32 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-32.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
bd3362f440ad84794ba6fc85fb328979a4ab58a2a0f57929cc7b6dfecb28e114

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

x-amz-version-id
PNts7uOgnNtmQw6zRPcbEpG_3xyzSfK8
content-encoding
gzip
last-modified
Tue, 24 Sep 2019 14:11:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
date
Thu, 21 Nov 2019 16:12:39 GMT
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=31622400
server-timing
cdn-cache; desc=HIT, edge; dur=1
access-control-allow-origin
*
content-length
20379
x-amz-cf-id
1wfpc4hgY-kgKxwAjHnBBzpedquzTAywNwhMxlw869mFNuDmkR56_w==
expires
Sat, 21 Nov 2020 16:12:39 GMT
broadcast-fetcher-bundle-b3c9b893663205a06e63.js
static-cdn.spot.im/production/broadcast/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/broadcast/broadcast-fetcher-bundle-b3c9b893663205a06e63.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.32 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-32.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
bbeffb8ce60bcf715f0b0cf5ab6770dd1d50e65e7645e096fe540e12922b9a83

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

x-amz-version-id
6N_CMwb3queqLOhtXbTfLVJNuOUyVRiM
content-encoding
gzip
last-modified
Tue, 10 Sep 2019 11:46:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA50
date
Thu, 21 Nov 2019 16:12:39 GMT
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=31622400
server-timing
cdn-cache; desc=HIT, edge; dur=1
access-control-allow-origin
*
content-length
1159
x-amz-cf-id
kYp7KvcbxahxtTFPZQFzkXEZm13FBk11SBgTIm-Iq0s3wmLl2hB4RQ==
expires
Sat, 21 Nov 2020 16:12:39 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6BBB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssT147Z9zZkvzt2_zSRZ_ODsypauqxdFLdEAZe4oUp0Tep2wNNbKaXiviT2ef8ft4hdlCpHAV0igzAQUCTmfaDbyN0bIM65xl9NnqOhjYw0Z91l3WlIUDg9-6LuGfGDqFK-r4Rq7feZDvegApDKdcRiIFdnM5cxb5kpGSEjfkB2G5iK90HIg_g4g9dVuPMK0KgxZZx-YLicVXBhTWZMwHFrWn43v3j_cNXRNDi-V9i_xednr6TTH0zAPClgqC_BfQdTD-cIkE2ctqBwwYXEMMFom2dhH8u9&sai=AMfl-YTQXiLbXsIw4CWsNzQiDNNHxdH99gL97tULFlxc5WN2atXmT7hakIV9fLzwSJU-xbPsuhuUWajMHWeyNzPRCT2LlLxaDEEn5Szy6nS3Tw&sig=Cg0ArKJSzMfW0d-pgqSNEAE&adurl=
Requested by
Host: shr.gs
URL: http://shr.gs/kWQbz0R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.34 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s16-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 21 Nov 2019 16:12:39 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite.js
tpc.googlesyndication.com/pagead/js/r20191114/r20110914/ Frame 6BBB 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20191114/r20110914/abg_lite.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
91fd13d213ef266cb4fccdda1fdf5deacd3a06a2b0fc92a9239561e55032bf11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Wed, 20 Nov 2019 11:45:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
102429
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
11470
x-xss-protection
0
server
cafe
etag
3656872508270369265
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 04 Dec 2019 11:45:30 GMT
window_focus.js
tpc.googlesyndication.com/pagead/js/r20191114/r20110914/client/ Frame 6BBB 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20191114/r20110914/client/window_focus.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
d31b12baad65082a7d404da9971cc9fed871e35f29a5893f815f468f1050491f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 14 Nov 2019 16:55:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
602212
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1044
x-xss-protection
0
server
cafe
etag
16885093947315342629
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Nov 2019 16:55:47 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 6BBB 		76 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
e48c4975b293be404aa17aca3844095d270597494ffabe5316cad8c3e45d5004
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:12:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1573858490126243"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29138
x-xss-protection
0
expires
Thu, 21 Nov 2019 16:12:39 GMT
ctax=Campaigns%5E36174863%5E282217463%5E128001743%5E%5EImpression-12800174367911598703
bcp.crwdcntrl.net/5/ct=y/c=7101/ Frame 6BBB
Redirect Chain
  • https://bcp.crwdcntrl.net/5/c=7101/ctax=Campaigns%5E36174863%5E282217463%5E128001743%5E%5EImpression-12800174367911598703
  • https://bcp.crwdcntrl.net/5/ct=y/c=7101/ctax=Campaigns%5E36174863%5E282217463%5E128001743%5E%5EImpression-12800174367911598703
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/5/ct=y/c=7101/ctax=Campaigns%5E36174863%5E282217463%5E128001743%5E%5EImpression-12800174367911598703
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.172.91 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-246-172-91.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:39 GMT
P3P
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Access-Control-Allow-Origin
*
Cache-Control
no-cache
X-Server
10.45.18.130
Connection
keep-alive
Content-Type
image/gif
Content-Length
49
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:39 GMT
P3P
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Location
https://bcp.crwdcntrl.net/5/ct=y/c=7101/ctax=Campaigns%5E36174863%5E282217463%5E128001743%5E%5EImpression-12800174367911598703
Cache-Control
no-cache
X-Server
10.45.4.217
Connection
keep-alive
Content-Length
0
Expires
0
366630826949181888
tpc.googlesyndication.com/simgad/ Frame 6BBB 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/366630826949181888
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
e2821ba2eba1c2d0af93006e171370f679891ab0576977654a1ea146792aaad2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Wed, 20 Nov 2019 23:26:06 GMT
x-content-type-options
nosniff
age
60393
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
63648
x-xss-protection
0
last-modified
Mon, 10 Aug 2015 16:43:31 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Nov 2020 23:26:06 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 8488 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstn129iC1f27Z5d90yNyj5MgLFQvU1DprbISmH-GaE8RY0ElIr1IIEymTI0KWV3l5omE3Viz_c9XKGMuZd3BAB6ZaJDmFvkA9TNRfpzqiRUAmxAP4EIKh2jIF8kgY2as0shmJOSoJYLZYZCwuLjdXms14kLUmNW_3WU2StTQuT7p0uWbTNotPUV2ClN1eUdEp8pXRve9TCXhGkolH6mv4qg-AzORcjkx9JfZ_kmFDyfZpAZA_NfqMMv1bzgpXkJYT_3&sai=AMfl-YS5-lQF71YRkMYMRwNuAZ-cbNQz_7dCYrvl_Iwq9zp8fwTy6JXAe4iyez936VxbHig_gUCRDNXupFWOSrOjq98QU6Q0fhiHV5lg6kLYIw&sig=Cg0ArKJSzMcxTrYlODpZEAE&urlfix=1&adurl=
Requested by
Host: shr.gs
URL: http://shr.gs/kWQbz0R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.34 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s16-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 21 Nov 2019 16:12:39 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
native-loader.js
video.unrulymedia.com/native/ Frame 8488 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.unrulymedia.com/native/native-loader.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.192.221 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-224-192-221.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
12943be72bc8364363630060423b7717d7fe4a0c1de5fcaaa67ed1a624417be4

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:04:04 GMT
content-encoding
gzip
x-amz-expiration
expiry-date="Wed, 18 Nov 2026 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified
Tue, 19 Nov 2019 18:22:43 GMT
server
AmazonS3
age
518
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=600
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
7Eb4bhclrnTiyAedx0Q0ePhS-RMZ_FKooOrYuQmrOTTjeT4jNDc9kA==
via
1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 8488 		76 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
e48c4975b293be404aa17aca3844095d270597494ffabe5316cad8c3e45d5004
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:12:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1573858490126243"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29138
x-xss-protection
0
expires
Thu, 21 Nov 2019 16:12:39 GMT
ctax=Campaigns%5E113799503%5E471976343%5E5225067755%5E%5EImpression-5225067755138294843343
bcp.crwdcntrl.net/5/c=7101/ Frame 8488 		49 B
811 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/5/c=7101/ctax=Campaigns%5E113799503%5E471976343%5E5225067755%5E%5EImpression-5225067755138294843343
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.172.91 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-246-172-91.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:39 GMT
P3P
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Access-Control-Allow-Origin
*
Cache-Control
no-cache
X-Server
10.45.14.63
Connection
keep-alive
Content-Type
image/gif
Content-Length
49
Expires
0
sync
vap5ams1.lijit.com/ Frame C6A7 		49 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vap5ams1.lijit.com/sync
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET - Internap Corporation, US),
Reverse DNS
Software
nginx /
Resource Hash
8d80f87c0ab65461ab708db543e6554276a3eb1c1e21eaafae717af2d7c4fe9b

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:39 GMT
Content-Encoding
gzip
Last-Modified
Thu, 21 Nov 2019 00:20:25 GMT
Server
nginx
ETag
W/"5dd5d849-c3a3"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=86400, must-revalidate
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap5ams1
Expires
Fri, 22 Nov 2019 16:12:39 GMT
sync
vap5ams1.lijit.com/ Frame DEE6 		49 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vap5ams1.lijit.com/sync
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET - Internap Corporation, US),
Reverse DNS
Software
nginx /
Resource Hash
8d80f87c0ab65461ab708db543e6554276a3eb1c1e21eaafae717af2d7c4fe9b

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:39 GMT
Content-Encoding
gzip
Last-Modified
Thu, 21 Nov 2019 00:20:21 GMT
Server
nginx
ETag
W/"5dd5d845-c3a3"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=86400, must-revalidate
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap5ams1
Expires
Fri, 22 Nov 2019 16:12:39 GMT
5454038390001
edge.api.brightcove.com/playback/v1/accounts/2540076170001/videos/ 		0
793 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://edge.api.brightcove.com/playback/v1/accounts/2540076170001/videos/5454038390001
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.97.127 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-97-127.fra50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=77766000; includeSubDomains

Request headers

Access-Control-Request-Method
GET
Origin
https://www.express.co.uk
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Access-Control-Request-Headers
accept

Response headers

Strict-Transport-Security
max-age=77766000; includeSubDomains
Via
1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
BCOV-REQUEST-ID
b014748f-0832-421a-b07c-e55c4a898479
X-Amz-Cf-Pop
FRA50-C1
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
0
BCOV-instance
i-0e59e3d6e8b3134ca, ce8ca2e, 2019-11-21 16:12:39.484Z
Date
Thu, 21 Nov 2019 16:12:39 GMT
access-control-max-age
86400
access-control-allow-methods
HEAD,GET,OPTIONS
X-Originating-URL
https://edge-elb.api.brightcove.com/playback/v1/accounts/2540076170001/videos/5454038390001
access-control-allow-origin
*
Cache-Control
max-age=0, no-cache, no-store
access-control-allow-headers
accept
X-Amz-Cf-Id
Dt2A2cygWFmR67mDv36AyVbzd2yzV692Vq6le_0ut_drymIZBDuTag==
6002961541001
edge.api.brightcove.com/playback/v1/accounts/2540076170001/videos/ 		0
793 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://edge.api.brightcove.com/playback/v1/accounts/2540076170001/videos/6002961541001
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.97.127 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-97-127.fra50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=77766000; includeSubDomains

Request headers

Access-Control-Request-Method
GET
Origin
https://www.express.co.uk
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Access-Control-Request-Headers
accept

Response headers

Strict-Transport-Security
max-age=77766000; includeSubDomains
Via
1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
BCOV-REQUEST-ID
3ed10bd1-f23e-4708-aa5d-93e9dee9eee2
X-Amz-Cf-Pop
FRA50-C1
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
0
BCOV-instance
i-050c3442cad8c8a28, ce8ca2e, 2019-11-21 16:12:39.623Z
Date
Thu, 21 Nov 2019 16:12:39 GMT
access-control-max-age
86400
access-control-allow-methods
HEAD,GET,OPTIONS
X-Originating-URL
https://edge-elb.api.brightcove.com/playback/v1/accounts/2540076170001/videos/6002961541001
access-control-allow-origin
*
Cache-Control
max-age=0, no-cache, no-store
access-control-allow-headers
accept
X-Amz-Cf-Id
WlFw-PvBHufWhTLxVkCabRKt38SE1O2Iwvm17RF0hSEHdQmGXxrYFg==
6001565573001
edge.api.brightcove.com/playback/v1/accounts/2540076170001/videos/ 		0
793 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://edge.api.brightcove.com/playback/v1/accounts/2540076170001/videos/6001565573001
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.97.127 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-97-127.fra50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=77766000; includeSubDomains

Request headers

Access-Control-Request-Method
GET
Origin
https://www.express.co.uk
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Access-Control-Request-Headers
accept

Response headers

Strict-Transport-Security
max-age=77766000; includeSubDomains
Via
1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
BCOV-REQUEST-ID
9f87e365-9d8d-4308-8695-14e25c72efb7
X-Amz-Cf-Pop
FRA50-C1
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
0
BCOV-instance
i-02178ef9600bce5d3, ce8ca2e, 2019-11-21 16:12:39.748Z
Date
Thu, 21 Nov 2019 16:12:39 GMT
access-control-max-age
86400
access-control-allow-methods
HEAD,GET,OPTIONS
X-Originating-URL
https://edge-elb.api.brightcove.com/playback/v1/accounts/2540076170001/videos/6001565573001
access-control-allow-origin
*
Cache-Control
max-age=0, no-cache, no-store
access-control-allow-headers
accept
X-Amz-Cf-Id
KkOkrz-Dkg5LZt-122tKPVmfWLQqVusamMe4Kz0gpLI9SWa7mfNt5Q==
5840789327001
edge.api.brightcove.com/playback/v1/accounts/2540076170001/videos/ 		0
793 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://edge.api.brightcove.com/playback/v1/accounts/2540076170001/videos/5840789327001
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.97.127 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-97-127.fra50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=77766000; includeSubDomains

Request headers

Access-Control-Request-Method
GET
Origin
https://www.express.co.uk
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Access-Control-Request-Headers
accept

Response headers

Strict-Transport-Security
max-age=77766000; includeSubDomains
Via
1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
BCOV-REQUEST-ID
f393f66d-9aff-4d49-8b78-3ed37edb1473
X-Amz-Cf-Pop
FRA50-C1
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
0
BCOV-instance
i-02da4bdcdc42a74d2, ce8ca2e, 2019-11-21 16:12:39.869Z
Date
Thu, 21 Nov 2019 16:12:39 GMT
access-control-max-age
86400
access-control-allow-methods
HEAD,GET,OPTIONS
X-Originating-URL
https://edge-elb.api.brightcove.com/playback/v1/accounts/2540076170001/videos/5840789327001
access-control-allow-origin
*
Cache-Control
max-age=0, no-cache, no-store
access-control-allow-headers
accept
X-Amz-Cf-Id
V3butg-YZ0UoHzaMKGUNLytFXEATTceOtixT6J681ZwF7KVkGuXJZw==
5772475067001
edge.api.brightcove.com/playback/v1/accounts/2540076170001/videos/ 		0
793 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://edge.api.brightcove.com/playback/v1/accounts/2540076170001/videos/5772475067001
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.97.127 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-97-127.fra50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=77766000; includeSubDomains

Request headers

Access-Control-Request-Method
GET
Origin
https://www.express.co.uk
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Access-Control-Request-Headers
accept

Response headers

Strict-Transport-Security
max-age=77766000; includeSubDomains
Via
1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
BCOV-REQUEST-ID
f51c0757-9c7b-439e-8f55-2b70237da8b5
X-Amz-Cf-Pop
FRA50-C1
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
0
BCOV-instance
i-05ad0d876117c6629, ce8ca2e, 2019-11-21 16:12:40.257Z
Date
Thu, 21 Nov 2019 16:12:40 GMT
access-control-max-age
86400
access-control-allow-methods
HEAD,GET,OPTIONS
X-Originating-URL
https://edge-elb.api.brightcove.com/playback/v1/accounts/2540076170001/videos/5772475067001
access-control-allow-origin
*
Cache-Control
max-age=0, no-cache, no-store
access-control-allow-headers
accept
X-Amz-Cf-Id
WEQnizaFegRXQ685N2j4QA5XdwaJqU61N_bjGPYgEfbOG-lLgRSGHA==
5731144511001
edge.api.brightcove.com/playback/v1/accounts/2540076170001/videos/ 		0
793 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://edge.api.brightcove.com/playback/v1/accounts/2540076170001/videos/5731144511001
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.97.127 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-97-127.fra50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=77766000; includeSubDomains

Request headers

Access-Control-Request-Method
GET
Origin
https://www.express.co.uk
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Access-Control-Request-Headers
accept

Response headers

Strict-Transport-Security
max-age=77766000; includeSubDomains
Via
1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
BCOV-REQUEST-ID
1eb087f3-5b2f-40b9-88b7-9b3b0a456b0e
X-Amz-Cf-Pop
FRA50-C1
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
0
BCOV-instance
i-0b978175dc9226ba4, ce8ca2e, 2019-11-21 16:12:40.396Z
Date
Thu, 21 Nov 2019 16:12:40 GMT
access-control-max-age
86400
access-control-allow-methods
HEAD,GET,OPTIONS
X-Originating-URL
https://edge-elb.api.brightcove.com/playback/v1/accounts/2540076170001/videos/5731144511001
access-control-allow-origin
*
Cache-Control
max-age=0, no-cache, no-store
access-control-allow-headers
accept
X-Amz-Cf-Id
As0qzmRDsey2OoLKF13IIkM33oq8arn3ualDj0pB27qF-qGgIiyZWg==
6002961541001
edge.api.brightcove.com/playback/v1/accounts/2540076170001/videos/ 		0
793 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://edge.api.brightcove.com/playback/v1/accounts/2540076170001/videos/6002961541001
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.97.127 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-97-127.fra50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=77766000; includeSubDomains

Request headers

Access-Control-Request-Method
GET
Origin
https://www.express.co.uk
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Access-Control-Request-Headers
accept

Response headers

Strict-Transport-Security
max-age=77766000; includeSubDomains
Via
1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
BCOV-REQUEST-ID
6450fd49-ae7b-442a-9ca3-0dab554b7772
X-Amz-Cf-Pop
FRA50-C1
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
0
BCOV-instance
i-0dfcf07a7cc73d4df, ce8ca2e, 2019-11-21 16:12:40.777Z
Date
Thu, 21 Nov 2019 16:12:40 GMT
access-control-max-age
86400
access-control-allow-methods
HEAD,GET,OPTIONS
X-Originating-URL
https://edge-elb.api.brightcove.com/playback/v1/accounts/2540076170001/videos/6002961541001
access-control-allow-origin
*
Cache-Control
max-age=0, no-cache, no-store
access-control-allow-headers
accept
X-Amz-Cf-Id
G_mDv61LTga0p-QnGaSCKOxKAhhXJQlJJRq7CHhLPTqsm2bnoPTbKw==
6002961541001
edge.api.brightcove.com/playback/v1/accounts/2540076170001/videos/ 		0
793 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://edge.api.brightcove.com/playback/v1/accounts/2540076170001/videos/6002961541001
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.97.127 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-97-127.fra50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=77766000; includeSubDomains

Request headers

Access-Control-Request-Method
GET
Origin
https://www.express.co.uk
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Access-Control-Request-Headers
accept

Response headers

Strict-Transport-Security
max-age=77766000; includeSubDomains
Via
1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
BCOV-REQUEST-ID
d9f50ea4-b252-4bb5-bd7a-8e80a79924d2
X-Amz-Cf-Pop
FRA50-C1
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
0
BCOV-instance
i-012b5d3854a85fbd3, ce8ca2e, 2019-11-21 16:12:41.160Z
Date
Thu, 21 Nov 2019 16:12:41 GMT
access-control-max-age
86400
access-control-allow-methods
HEAD,GET,OPTIONS
X-Originating-URL
https://edge-elb.api.brightcove.com/playback/v1/accounts/2540076170001/videos/6002961541001
access-control-allow-origin
*
Cache-Control
max-age=0, no-cache, no-store
access-control-allow-headers
accept
X-Amz-Cf-Id
Q_mbbZeEjlsRC1yEKOnJT8hnJUncZ0cgidbWXgLAyp3PRZM9qQXT-w==
image.jpg
cf-images.eu-west-1.prod.boltdns.net/v1/jit/2540076170001/5050139b-138c-4847-89b4-a9f7536724a8/main/160x90/12s74ms/match/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf-images.eu-west-1.prod.boltdns.net/v1/jit/2540076170001/5050139b-138c-4847-89b4-a9f7536724a8/main/160x90/12s74ms/match/image.jpg
Requested by
Host: ovp.iris.tv
URL: https://ovp.iris.tv/libs/adaptive/v2/iris.adaptive.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.196.146 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-224-196-146.fra2.r.cloudfront.net
Software
/ BC
Resource Hash
2f627430a4a3a8695b47660a7fd041948349b8b74410f369479f069f437dfbf1

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Wed, 20 Nov 2019 17:36:52 GMT
Via
1.1 1ac3fd533bf6be1b511077f8b8e23bfd.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA2-C1
X-Powered-From
eu-west-1c
X-Powered-By
BC
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Connection
keep-alive
X-Amz-Cf-Id
PYjK885W9eirzwvDTBHEcGA4tPy1rOwdVUIeCIzBm02h-ABRJ7gsxw==
tracker
metrics.brightcove.com/v2/ 		35 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=8e57aa78cd35e847c21b0502&account=2540076170001&destination=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&platform_version=6.19.2&player=players.brightcove.com%2F2540076170001%2FVLKU4hbDPX_default&player_name=%5BEXPRESS%5D%20-%20v3.3%20Click%20to%20Play%20prebid.js&source=http%3A%2F%2Fshr.gs%2FkWQbz0R&event=catalog_request&url=https%3A%2F%2Fedge.api.brightcove.com%2Fplayback%2Fv1%2Faccounts%2F2540076170001%2Fvideos%2F5454038390001&time=1574352759254&seq=5
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.244.232.184 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
184.232.244.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
via
1.1 google
date
Thu, 21 Nov 2019 16:12:39 GMT
content-type
image/gif
status
200
cache-control
must-revalidate,no-cache,no-store
alt-svc
clear
content-length
35
tracker
metrics.brightcove.com/v2/ 		35 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=8e57aa78cd35e847c21b0502&account=2540076170001&destination=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&platform_version=6.19.2&player=players.brightcove.com%2F2540076170001%2FVLKU4hbDPX_default&player_name=%5BEXPRESS%5D%20-%20v3.3%20Click%20to%20Play%20prebid.js&source=http%3A%2F%2Fshr.gs%2FkWQbz0R&event=catalog_request&url=https%3A%2F%2Fedge.api.brightcove.com%2Fplayback%2Fv1%2Faccounts%2F2540076170001%2Fvideos%2F6002961541001&time=1574352759255&seq=6
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.244.232.184 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
184.232.244.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
via
1.1 google
date
Thu, 21 Nov 2019 16:12:39 GMT
content-type
image/gif
status
200
cache-control
must-revalidate,no-cache,no-store
alt-svc
clear
content-length
35
tracker
metrics.brightcove.com/v2/ 		35 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=8e57aa78cd35e847c21b0502&account=2540076170001&destination=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&platform_version=6.19.2&player=players.brightcove.com%2F2540076170001%2FVLKU4hbDPX_default&player_name=%5BEXPRESS%5D%20-%20v3.3%20Click%20to%20Play%20prebid.js&source=http%3A%2F%2Fshr.gs%2FkWQbz0R&event=catalog_request&url=https%3A%2F%2Fedge.api.brightcove.com%2Fplayback%2Fv1%2Faccounts%2F2540076170001%2Fvideos%2F6001565573001&time=1574352759255&seq=7
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.244.232.184 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
184.232.244.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
via
1.1 google
date
Thu, 21 Nov 2019 16:12:39 GMT
content-type
image/gif
status
200
cache-control
must-revalidate,no-cache,no-store
alt-svc
clear
content-length
35
tracker
metrics.brightcove.com/v2/ 		35 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=8e57aa78cd35e847c21b0502&account=2540076170001&destination=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&platform_version=6.19.2&player=players.brightcove.com%2F2540076170001%2FVLKU4hbDPX_default&player_name=%5BEXPRESS%5D%20-%20v3.3%20Click%20to%20Play%20prebid.js&source=http%3A%2F%2Fshr.gs%2FkWQbz0R&event=catalog_request&url=https%3A%2F%2Fedge.api.brightcove.com%2Fplayback%2Fv1%2Faccounts%2F2540076170001%2Fvideos%2F5840789327001&time=1574352759255&seq=8
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.244.232.184 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
184.232.244.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
via
1.1 google
date
Thu, 21 Nov 2019 16:12:39 GMT
content-type
image/gif
status
200
cache-control
must-revalidate,no-cache,no-store
alt-svc
clear
content-length
35
tracker
metrics.brightcove.com/v2/ 		35 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=8e57aa78cd35e847c21b0502&account=2540076170001&destination=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&platform_version=6.19.2&player=players.brightcove.com%2F2540076170001%2FVLKU4hbDPX_default&player_name=%5BEXPRESS%5D%20-%20v3.3%20Click%20to%20Play%20prebid.js&source=http%3A%2F%2Fshr.gs%2FkWQbz0R&event=catalog_request&url=https%3A%2F%2Fedge.api.brightcove.com%2Fplayback%2Fv1%2Faccounts%2F2540076170001%2Fvideos%2F5772475067001&time=1574352759256&seq=9
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.244.232.184 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
184.232.244.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
via
1.1 google
date
Thu, 21 Nov 2019 16:12:39 GMT
content-type
image/gif
status
200
cache-control
must-revalidate,no-cache,no-store
alt-svc
clear
content-length
35
tracker
metrics.brightcove.com/v2/ 		35 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=8e57aa78cd35e847c21b0502&account=2540076170001&destination=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&platform_version=6.19.2&player=players.brightcove.com%2F2540076170001%2FVLKU4hbDPX_default&player_name=%5BEXPRESS%5D%20-%20v3.3%20Click%20to%20Play%20prebid.js&source=http%3A%2F%2Fshr.gs%2FkWQbz0R&event=catalog_request&url=https%3A%2F%2Fedge.api.brightcove.com%2Fplayback%2Fv1%2Faccounts%2F2540076170001%2Fvideos%2F5731144511001&time=1574352759256&seq=10
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.244.232.184 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
184.232.244.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
via
1.1 google
date
Thu, 21 Nov 2019 16:12:39 GMT
content-type
image/gif
status
200
cache-control
must-revalidate,no-cache,no-store
alt-svc
clear
content-length
35
play-button.png
s3.amazonaws.com/cdn.jukeboxu.com/brightcove/nextgen/buttons/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.jukeboxu.com/brightcove/nextgen/buttons/play-button.png
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.39.110 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
45f08f27c7337d189e8c31e635b5d0a0781b273131135cd77ee8b6f12366e7a2

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:43 GMT
Last-Modified
Wed, 22 Apr 2015 01:47:56 GMT
Server
AmazonS3
x-amz-request-id
DE591C3B2EE63480
ETag
"182516d4ba61695d505ca0bd246f63fb"
Content-Type
image/png
Content-Length
8810
Accept-Ranges
bytes
x-amz-version-id
null
x-amz-id-2
SvAxo449tROX+bgIgaGGj8eUADpPqozDRdGlDInzRIqRhz+5c++w3b9m2F/B6iGcMCPxNyIH03A=
tracker
metrics.brightcove.com/v2/ 		35 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=8e57aa78cd35e847c21b0502&account=2540076170001&destination=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&platform_version=6.19.2&player=players.brightcove.com%2F2540076170001%2FVLKU4hbDPX_default&player_name=%5BEXPRESS%5D%20-%20v3.3%20Click%20to%20Play%20prebid.js&source=http%3A%2F%2Fshr.gs%2FkWQbz0R&event=catalog_request&url=https%3A%2F%2Fedge.api.brightcove.com%2Fplayback%2Fv1%2Faccounts%2F2540076170001%2Fvideos%2F6002961541001&time=1574352759257&seq=11
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.244.232.184 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
184.232.244.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
via
1.1 google
date
Thu, 21 Nov 2019 16:12:39 GMT
content-type
image/gif
status
200
cache-control
must-revalidate,no-cache,no-store
alt-svc
clear
content-length
35
tracker
metrics.brightcove.com/v2/ 		35 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=8e57aa78cd35e847c21b0502&account=2540076170001&destination=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&platform_version=6.19.2&player=players.brightcove.com%2F2540076170001%2FVLKU4hbDPX_default&player_name=%5BEXPRESS%5D%20-%20v3.3%20Click%20to%20Play%20prebid.js&source=http%3A%2F%2Fshr.gs%2FkWQbz0R&event=catalog_request&url=https%3A%2F%2Fedge.api.brightcove.com%2Fplayback%2Fv1%2Faccounts%2F2540076170001%2Fvideos%2F6002961541001&time=1574352759258&seq=12
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.244.232.184 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
184.232.244.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
via
1.1 google
date
Thu, 21 Nov 2019 16:12:39 GMT
content-type
image/gif
status
200
cache-control
must-revalidate,no-cache,no-store
alt-svc
clear
content-length
35
sync
vap5ams1.lijit.com/ Frame B56F 		49 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vap5ams1.lijit.com/sync
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET - Internap Corporation, US),
Reverse DNS
Software
nginx /
Resource Hash
8d80f87c0ab65461ab708db543e6554276a3eb1c1e21eaafae717af2d7c4fe9b

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:39 GMT
Content-Encoding
gzip
Last-Modified
Thu, 21 Nov 2019 00:20:17 GMT
Server
nginx
ETag
W/"5dd5d841-c3a3"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=86400, must-revalidate
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap5ams1
Expires
Fri, 22 Nov 2019 16:12:39 GMT
sync
vap5ams1.lijit.com/ Frame 670F 		49 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vap5ams1.lijit.com/sync
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET - Internap Corporation, US),
Reverse DNS
Software
nginx /
Resource Hash
8d80f87c0ab65461ab708db543e6554276a3eb1c1e21eaafae717af2d7c4fe9b

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:39 GMT
Content-Encoding
gzip
Last-Modified
Thu, 21 Nov 2019 00:20:26 GMT
Server
nginx
ETag
W/"5dd5d84a-c3a3"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=86400, must-revalidate
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap5ams1
Expires
Fri, 22 Nov 2019 16:12:39 GMT
truncated
/ Frame 6BBB 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56960f4c104c694f4d3bccba0e66565e962f2c6c069a1d0e016d5b740cc3414b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame 173D 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10079&campId=300x250&pubId=36174863&chanId=53774423&placementId=128001743&pubCreative=67911598703&pubOrder=282217463&cb=656476056&custom=right1&adsafe_par&impId=
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.166.0.26 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
anycast.pixel.adsafeprotected.com
Software
nginx /
Resource Hash
2bbb26e002b9ab7fa2fae8c9769fdc86dcdd53817db4a0ac552a5f3489f865b7

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:39 GMT
Content-Encoding
gzip
X-Server-Name
app12ami.ami.303net.pvt
Transfer-Encoding
chunked
Content-Type
application/javascript;charset=utf-8
Access-Control-Allow-Origin
pixel.adsafeprotected.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Server
nginx
Expires
Wed, 31 Dec 1969 23:59:59 GMT
sp_9LMINbK9
api-2-0.spot.im/v1.0.0/broadcasts/broadcasts/ 		25 B
681 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/broadcasts/broadcasts/sp_9LMINbK9
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/broadcast/broadcast-fetcher-bundle-b3c9b893663205a06e63.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.32 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-32.deploy.static.akamaitechnologies.com
Software
istio-envoy /
Resource Hash
b15adda52043ab41ba5663be05a91676db5ff3ad95e82dfafe7c5047eedc3f26

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk

Response headers

date
Thu, 21 Nov 2019 16:12:39 GMT
x-spotim-device-uuid
650da302-b995-4a19-9b72-57d9eee47450
x-guid
650da302-b995-4a19-9b72-57d9eee47450
server
istio-envoy
status
200
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.express.co.uk
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-spotim-device-v2, x-spotim-device-uuid
access-control-allow-credentials
true
x-envoy-upstream-service-time
11
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid
content-length
25
x-request-id
0167e575-058c-4e31-9aa8-69164057744b
popular-in-the-community-bundle-1c394e7b45d3769f38a5.js
static-cdn.spot.im/production/popular-in-the-community/ 		530 KB
155 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/popular-in-the-community/popular-in-the-community-bundle-1c394e7b45d3769f38a5.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.32 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-32.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e5a96d33a4b6c2b15833b30b05e2d574faa840b3030a63771c6f233fc1eab6ef

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

x-amz-version-id
uqXFnG8P0b5ot2qkJmmRXKkFfUUR8eiv
content-encoding
gzip
last-modified
Thu, 14 Nov 2019 12:02:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
date
Thu, 21 Nov 2019 16:12:39 GMT
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=31622400
server-timing
cdn-cache; desc=HIT, edge; dur=1
access-control-allow-origin
*
content-length
157622
x-amz-cf-id
ERTZbSqv1HeoXJtEBjDvlZ9cJuvOUrDuEFqeCC8HRe5KSOplSaZ7BQ==
expires
Sat, 21 Nov 2020 16:12:39 GMT
popular-in-the-community-bundle-64e895b42b55ce162e56.css
static-cdn.spot.im/production/popular-in-the-community/ 		65 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/popular-in-the-community/popular-in-the-community-bundle-64e895b42b55ce162e56.css
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.32 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-32.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f7d8b4390df2937b5af596357b8a68864be788f84bbb1e1a12692b95dbbfcbe1

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

x-amz-version-id
_Ya79VI5Sx070HHkR5z1jT_3PyLeN4oz
content-encoding
gzip
last-modified
Sun, 10 Nov 2019 14:15:13 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
date
Thu, 21 Nov 2019 16:12:39 GMT
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=31622400
server-timing
cdn-cache; desc=HIT, edge; dur=1
access-control-allow-origin
*
content-length
18135
x-amz-cf-id
_blyuQsw0gVqd3HJLdtEVraq1bOextTa_em5ZNWKmw7v966MKQge0w==
expires
Sat, 21 Nov 2020 16:12:39 GMT
pixel
pix.spot.im/api/v1/ 		0
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pix.spot.im/api/v1/pixel?m=eyJwYWdlX3ZpZXdfaWQiOiI5MGE2OTFhNi0xMjQxLTRiMmMtODAyOC05YmZlYjE4OTFkOTQiLCJyZWZlcnJlciI6Imh0dHA6Ly9zaHIuZ3Mva1dRYnowUiIsInNvdXJjZSI6InBpdGMiLCJzb3VyY2VfdmVyc2lvbiI6MCwic3BvdF9pZCI6InNwXzlMTUlOYks5IiwiY29udmVyc2F0aW9uX2lkIjoic3BfOUxNSU5iSzlfMTIwNzAwMCIsInR5cGUiOiJwYWdlX2luaXRpYWxpemVkIiwidXNlcl9pZCI6MCwiZG9tYWluIjoiIiwiZHVyYXRpb24iOjAsImliX2Jyb3dzZXJfaWQiOiIiLCJsYW5nIjoiIiwidGltZV9kZWx0YSI6MCwidWlkIjoiIiwidXJsIjoiIiwidmlzaXRfaWQiOiIiLCJlbGVtZW50IjoiZmFsc2UifQ%3D%3D&rnd=0.8405484343860603
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/pitc-ab-tester/pitc-ab-tester-bundle-e57da06ea75d4c9b6fe8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.16 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-16.deploy.static.akamaitechnologies.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
GET
Origin
https://www.express.co.uk
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Access-Control-Request-Headers
x-spotim-device-uuid,x-spotim-page-view-id

Response headers

pragma
no-cache
date
Thu, 21 Nov 2019 16:12:39 GMT
server
fasthttp
access-control-allow-origin
https://www.express.co.uk
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
status
200
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
access-control-allow-headers
content-type, x-spotim-device-uuid, x-spotim-page-view-id, x-spotim-source, x-xsrf-token
content-length
0
expires
Thu, 21 Nov 2019 16:12:39 GMT
rendition.m3u8
secure.brightcove.com/services/mobile/streaming/index/ 		2 KB
592 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.brightcove.com/services/mobile/streaming/index/rendition.m3u8?assetId=5454040670001&secure=true&pubId=2540076170001&videoId=5454038390001
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.74.101.79 , United States, ASN18908 (BRIGHTCOVE-AS - Brightcove, Inc., US),
Reverse DNS
secure.brightcove.com
Software
brightcove /
Resource Hash
185a31bd91984517ce195abcaebf07c9872aff7e2b881218b35ba277669b1402

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk

Response headers

Date
Thu, 21 Nov 2019 16:12:38 GMT
Content-Encoding
gzip
X-BC-Connecting-IP
89.38.96.190
Server
brightcove
X-BC-Client-IP
89.38.96.190
Content-Type
application/vnd.apple.mpegurl;charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
must-revalidate,max-age=0
Last-Modified
Fri, 23 Feb 2018 12:46:53 GMT
Content-Length
228
in
c2.u5c93.com/v5/ 		2 B
365 B 		Other
General
Check archive.org
Download Go to
Full URL
https://c2.u5c93.com/v5/in
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.25.159 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-250-25-159.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryRrSryFkbLraTOUsJ

Response headers

date
Thu, 21 Nov 2019 16:12:45 GMT
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
access-control-allow-origin
https://www.express.co.uk
x-powered-by
Express
vary
Origin
content-type
text/plain; charset=utf-8
status
200
access-control-allow-credentials
true
content-length
2
adcfg
vap5ams1.lijit.com/ Frame C6A7 		159 B
569 B 		Script
General
Check archive.org
Download Go to
Full URL
https://vap5ams1.lijit.com/adcfg?zoneid=592017&tid=b4686f46054e413f97135fea36823a2d728ef10e&mode=1&dmn=www.express.co.uk
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET - Internap Corporation, US),
Reverse DNS
Software
nginx /
Resource Hash
9e313d07a1d5f10654657e267aad2142e2ef1e3cc9d6cef2ae665e62cd5b3283

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:39 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
et_v1.0.1536-0-ge1c0788.js
video.unrulymedia.com/native/ Frame E360 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.unrulymedia.com/native/et_v1.0.1536-0-ge1c0788.js
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/native-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.192.221 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-224-192-221.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7cbbcb3bd888776b93da7e45c406322c6b133ada80f53b8143bc785171c14485

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk

Response headers

date
Mon, 11 Nov 2019 13:35:04 GMT
content-encoding
gzip
age
873457
x-cache
Hit from cloudfront
status
200
access-control-max-age
3000
via
1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
x-amz-expiration
expiry-date="Tue, 10 Nov 2026 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified
Mon, 11 Nov 2019 13:28:19 GMT
server
AmazonS3
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
HEAD, GET
content-type
application/javascript
access-control-allow-origin
https://www.express.co.uk
cache-control
max-age=63072000
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
a4lgEVqoIn_Dzaa2XXa-AmyStHHJ99jACOE2mvBL1loy8Pp_GyLPZw==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ Frame E360 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/native-loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk

Response headers

date
Fri, 01 Nov 2019 09:14:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1753079
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
30244
x-xss-protection
0
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 31 Oct 2020 09:14:40 GMT
blank.gif
stats3.unrulymedia.com/ Frame 4D94 		43 B
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats3.unrulymedia.com/blank.gif?t=pp_tag_imp&app=native&pid=1007979&id=666693881&d=1574352759356&in_iframe=true&h=v1.0.1536-0-ge1c0788&compat=BackCompat&pageLoadId=76892143&supplyMode=direct&unr.site.env=html&ts=2019-11-21T16%253A12%253A39.357-%252B01%253A00
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
34.243.121.135 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-243-121-135.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.2 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:39 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.4.2
X-Unruly-Server
stats3n-eu-074.unrulymedia.com
P3P
CP="CUR IVDo OUR IND"
Cache-Control
no-store,no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
truncated
/ Frame 4D94 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dd84828540f9791f05361c91881af42fb47179f985c0b5ff2819d809fa8017cc

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame 2F9A 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10079&campId=1x1&pubId=113799503&chanId=53774423&placementId=218007983&pubCreative=94254180023&pubOrder=471976343&cb=1012571553&custom=middle&adsafe_par&impId=
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.166.0.26 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
anycast.pixel.adsafeprotected.com
Software
nginx /
Resource Hash
0e7327f64b2520e722a288671cc8e975c73e62ccfabdd04a40e301036397b66f

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:39 GMT
Content-Encoding
gzip
X-Server-Name
app12ami.ami.303net.pvt
Transfer-Encoding
chunked
Content-Type
application/javascript;charset=utf-8
Access-Control-Allow-Origin
pixel.adsafeprotected.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Server
nginx
Expires
Wed, 31 Dec 1969 23:59:59 GMT
et_v1.0.1536-0-ge1c0788.js
video.unrulymedia.com/native/ Frame B92D 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.unrulymedia.com/native/et_v1.0.1536-0-ge1c0788.js
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/native-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.192.221 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-224-192-221.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7cbbcb3bd888776b93da7e45c406322c6b133ada80f53b8143bc785171c14485

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk

Response headers

date
Mon, 11 Nov 2019 13:35:04 GMT
content-encoding
gzip
age
873457
x-cache
Hit from cloudfront
status
200
access-control-max-age
3000
via
1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
x-amz-expiration
expiry-date="Tue, 10 Nov 2026 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified
Mon, 11 Nov 2019 13:28:19 GMT
server
AmazonS3
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
HEAD, GET
content-type
application/javascript
access-control-allow-origin
https://www.express.co.uk
cache-control
max-age=63072000
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
xcifYOtTxFflyoeBRvFCZtLOshRixtwtDmQQQj6EiEu7A_8IGMC3xQ==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ Frame B92D 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/native-loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk

Response headers

date
Fri, 01 Nov 2019 09:14:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1753079
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
30244
x-xss-protection
0
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 31 Oct 2020 09:14:40 GMT
blank.gif
stats3.unrulymedia.com/ Frame 8488 		43 B
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats3.unrulymedia.com/blank.gif?t=pp_tag_imp&app=native&pid=1089072&id=840739269&d=1574352759370&in_iframe=true&h=v1.0.1536-0-ge1c0788&compat=BackCompat&pageLoadId=76892143&supplyMode=direct&unr.site.env=html&ts=2019-11-21T16%253A12%253A39.370-%252B01%253A00
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
34.243.121.135 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-243-121-135.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.2 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:39 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.4.2
X-Unruly-Server
stats3n-eu-074.unrulymedia.com
P3P
CP="CUR IVDo OUR IND"
Cache-Control
no-store,no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
truncated
/ Frame 8488 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a2202a8d831968d7f12535a3fd13ff322b6df27da73804c206f368cd63760f6d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame F0C4 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10079&campId=8x8&pubId=113799503&chanId=33739823&placementId=5225067755&pubCreative=138294843343&pubOrder=471976343&cb=1769595359&custom=&adsafe_par&impId=
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.166.0.26 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
anycast.pixel.adsafeprotected.com
Software
nginx /
Resource Hash
743144e63b0f5786769c9cbf9d8b0afc06a5a872cb58af6bf59d56cf3a21f7f3

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:39 GMT
Content-Encoding
gzip
X-Server-Name
app12ami.ami.303net.pvt
Transfer-Encoding
chunked
Content-Type
application/javascript;charset=utf-8
Access-Control-Allow-Origin
pixel.adsafeprotected.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Server
nginx
Expires
Wed, 31 Dec 1969 23:59:59 GMT
adcfg
vap5ams1.lijit.com/ Frame DEE6 		159 B
569 B 		Script
General
Check archive.org
Download Go to
Full URL
https://vap5ams1.lijit.com/adcfg?zoneid=592015&tid=939f1b00deca421ab30bbdc96c3f24a71fa911a8&mode=1&dmn=www.express.co.uk
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET - Internap Corporation, US),
Reverse DNS
Software
nginx /
Resource Hash
821983e4d7f83a1290af82e00f554f9e27efa6689a5102f751b7105befb75aaf

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:39 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
adcfg
vap5ams1.lijit.com/ Frame B56F 		159 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://vap5ams1.lijit.com/adcfg?zoneid=592022&tid=a3b81ca128684b2590d362a591073f9f86c09855&mode=1&dmn=www.express.co.uk
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET - Internap Corporation, US),
Reverse DNS
Software
nginx /
Resource Hash
3a00dc84cfaab933a300dbbc8efb0e56cba895a16295fb26c96951face5b86e7

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:39 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
l
mcdp-chidc2.outbrain.com/ 		4 B
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcdp-chidc2.outbrain.com/l?token=303ffa806ed5d04c90cad689022ca6fb_511_1574352759140&tm=1115&eT=0&widgetWidth=940&widgetHeight=78&widgetX=323&widgetY=478&wRV=104086&pVis=0&lsd=8d70a77c-fe37-4c97-83f5-563d77f6ae19&eIdx=&cheq=0&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.31.142.63 Chicago, United States, ASN22075 (AS-OUTBRAIN - Outbrain, Inc., US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk

Response headers

Date
Thu, 21 Nov 2019 16:12:40 GMT
content-encoding
gzip
Strict-Transport-Security
max-age=0; includeSubDomains;
Content-Type
application/json; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
content-range
Connection
close
X-TraceId
8495784546a2b6e7f075e69795d6b6dc
Content-Length
30
Cookie set obUserSync.html
widgets.outbrain.com/widgetOBUserSync/ Frame FE3E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.215 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-225-215.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Host
widgets.outbrain.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Accept-Encoding
gzip, deflate, br
Cookie
obuid=8d70a77c-fe37-4c97-83f5-563d77f6ae19; recs_b3ba3fd2d24bb96a4531818531d757a2=0B2511542391A2476040462A2472296267A2503199273A2448313276ACD0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download

Response headers

Server
Apache
ETag
"bde00515e78ede0ea70140f39b2425bf:1573658318"
Last-Modified
Wed, 13 Nov 2019 15:16:25 GMT
Accept-Ranges
bytes
Content-Type
text/html
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
3469
Cache-Control
max-age=604800
Date
Thu, 21 Nov 2019 16:12:39 GMT
Connection
keep-alive
Timing-Allow-Origin
*
Access-Control-Allow-Credentials
false
Access-Control-Allow-Methods
GET,POST
Access-Control-Allow-Origin
*
Set-Cookie
akacd_widgets_routing=3751805558~rv=7~id=f1b8a7e1d14ce46a2e174e9125259783; path=/;
get
odb.outbrain.com/utils/ 		70 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&srcUrl=https%3A%2F%2Fwww.express.co.uk%2Fposts%2Frss%2F59%2Ftechnology&settings=true&recs=true&widgetJSId=AR_22&key=NANOWDGT01&idx=1&version=104086&apv=false&sig=BS0FNwdL&format=html&va=true&rand=37211&lsd=8d70a77c-fe37-4c97-83f5-563d77f6ae19&lsdt=1574352759386&pdobuid=0&osLang=en-US&t=MzAzZmZhODA2ZWQ1ZDA0YzkwY2FkNjg5MDIyY2E2ZmI=&winW=1600&winH=1200&scrW=1600&scrH=1200&adblck=false&secured=true&cmpStat=1&ref=http%3A%2F%2Fshr.gs%2FkWQbz0R
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
62db28a1bb060affb755dec16a9fc7a50eb484f4f087fd3682d37c87b597a095
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=0; includeSubDomains;
content-encoding
gzip
traffic-path
CHIDC2, MDW, FRA, Europe2
x-cache
MISS, MISS
p3p
policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
status
200
x-traceid
fd1f53ad6dcb3bc35a2c71604595a7f6
content-length
26727
x-served-by
cache-mdw17325-MDW, cache-fra19126-FRA
pragma
no-cache
x-timer
S1574352759.410260,VS0,VE256
date
Thu, 21 Nov 2019 16:12:39 GMT
vary
Accept-Encoding, User-Agent
content-type
text/x-json; charset=UTF-8
via
1.1 varnish, 1.1 varnish
expires
Thu, 01 Jan 1970 00:00:00 GMT
cache-control
no-cache
backend-ip
157.52.75.25
accept-ranges
bytes, bytes
x-cache-hits
0, 0
eyJpdSI6ImUzNGE0NGMwMGI1NTc1YTVmMDgzYzE0NWI3NzBiYjM3NmM1MmNiNWRjYjBhYjc1Nzk3Y2JlYTkyMDJjODkwNmMiLCJ3IjoxNzUsImgiOjEzNCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImUzNGE0NGMwMGI1NTc1YTVmMDgzYzE0NWI3NzBiYjM3NmM1MmNiNWRjYjBhYjc1Nzk3Y2JlYTkyMDJjODkwNmMiLCJ3IjoxNzUsImgiOjEzNCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.226.107 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-226-107.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a52988d4c64d3358c38886e9241db64721b4f301c5ac7bb0de02cda3a01e06ee
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Strict-Transport-Security
max-age=0; includeSubDomains;
Content-Encoding
gzip
Last-Modified
Sat, 16 Nov 2019 05:20:44 GMT
Date
Thu, 21 Nov 2019 16:12:54 GMT
Vary
Accept-Encoding
Content-Type
image/webp
Cache-Control
max-age=2016542
Connection
keep-alive
X-TraceId
cb556162ec8bed2308d9e6c9e7593f9b
Timing-Allow-Origin
*
Content-Length
14974
eyJpdSI6ImM1OTY2M2JiNmQyZDc4OWZlZWYyMWZlOTc2NTRhMDBjMTk2NTMwMjVmY2EyZGJmMjg4Y2M3NDNhN2ZmYmE0N2MiLCJ3IjoxNzUsImgiOjEzNCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImM1OTY2M2JiNmQyZDc4OWZlZWYyMWZlOTc2NTRhMDBjMTk2NTMwMjVmY2EyZGJmMjg4Y2M3NDNhN2ZmYmE0N2MiLCJ3IjoxNzUsImgiOjEzNCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.226.107 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-226-107.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b0d854c6a1a31221abac5eaf0c0314ac7ca3ca07381d4ef112a9421185b1ae95
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Strict-Transport-Security
max-age=0; includeSubDomains;
Content-Encoding
gzip
Last-Modified
Mon, 04 Nov 2019 15:10:53 GMT
Date
Thu, 21 Nov 2019 16:12:54 GMT
Vary
Accept-Encoding
Content-Type
image/webp
Cache-Control
max-age=990072
Connection
keep-alive
X-TraceId
9fe0d145fa85b0b93bcfb39eb7658f7b
Timing-Allow-Origin
*
Content-Length
14490
eyJpdSI6IjA5MDE3ODA1OTAzNTgzNDYyMjllMzBjOTllMWJjOGI4N2MzYTU3NDRjZWJhZmYyOWU2YjMyYTI3OWExMDFhYTgiLCJ3IjoxNzUsImgiOjEzNCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjA5MDE3ODA1OTAzNTgzNDYyMjllMzBjOTllMWJjOGI4N2MzYTU3NDRjZWJhZmYyOWU2YjMyYTI3OWExMDFhYTgiLCJ3IjoxNzUsImgiOjEzNCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.226.107 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-226-107.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0783ae719787f5c2ddfa6a6da4bf6118bb5eca847da66e9f99a61c31cdf68482
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Strict-Transport-Security
max-age=0; includeSubDomains;
Content-Encoding
gzip
Last-Modified
Fri, 01 Nov 2019 17:34:13 GMT
Date
Thu, 21 Nov 2019 16:12:54 GMT
Vary
Accept-Encoding
Content-Type
image/webp
Cache-Control
max-age=739661
Connection
keep-alive
X-TraceId
85dd643d9468145bb3c8f5a856db4399
Timing-Allow-Origin
*
Content-Length
13826
eyJpdSI6IjQ1MmYyZmJmOWJiNmFkYTNkZGY0NTQ2NTNjYTBhODg0OGMyMjgzMmE3ODBkNGIyOWVlZWM4ODEyZjY0OTMwM2EiLCJ3IjoxNzUsImgiOjEzNCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjQ1MmYyZmJmOWJiNmFkYTNkZGY0NTQ2NTNjYTBhODg0OGMyMjgzMmE3ODBkNGIyOWVlZWM4ODEyZjY0OTMwM2EiLCJ3IjoxNzUsImgiOjEzNCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.226.107 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-226-107.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
23092a418e9b2fc4800f0018543c42cb9bb7392662ebd10ab4980125ecf2f4d4
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Strict-Transport-Security
max-age=0; includeSubDomains;
Content-Encoding
gzip
Last-Modified
Wed, 13 Nov 2019 00:49:53 GMT
Date
Thu, 21 Nov 2019 16:12:54 GMT
Vary
Accept-Encoding
Content-Type
image/webp
Cache-Control
max-age=1735917
Connection
keep-alive
X-TraceId
dc14e0b7478c7079c4549e3ae63f3cac
Timing-Allow-Origin
*
Content-Length
12198
eyJpdSI6IjI4NzBkOTEzNzkyYzNhMDU1OGFjYzhmNjUwMjIwMzBjY2JiNmEyOTY3YWNkMmNlZWU5ZjcxZTBkZjNmNWZhYmMiLCJ3IjoxNzUsImgiOjEzNCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjI4NzBkOTEzNzkyYzNhMDU1OGFjYzhmNjUwMjIwMzBjY2JiNmEyOTY3YWNkMmNlZWU5ZjcxZTBkZjNmNWZhYmMiLCJ3IjoxNzUsImgiOjEzNCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.226.107 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-226-107.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6396254f84fb3d13839ea5a1f8f2037c8a2c1357274bad33d122b05aa488340e
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Strict-Transport-Security
max-age=0; includeSubDomains;
Content-Encoding
gzip
Last-Modified
Wed, 23 Oct 2019 23:09:29 GMT
Date
Thu, 21 Nov 2019 16:12:54 GMT
Vary
Accept-Encoding
Content-Type
image/webp
Cache-Control
max-age=1339689
Connection
keep-alive
X-TraceId
d8f5d1f6756608ee93e8defbde814fc9
Timing-Allow-Origin
*
Content-Length
15094
adcfg
vap5ams1.lijit.com/ Frame 670F 		159 B
569 B 		Script
General
Check archive.org
Download Go to
Full URL
https://vap5ams1.lijit.com/adcfg?zoneid=592013&tid=591d25b9f57747ff98f66813cfa5537e534d28b9&mode=1&dmn=www.express.co.uk
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET - Internap Corporation, US),
Reverse DNS
Software
nginx /
Resource Hash
a9ebf36a71eb899bb588afcacb071e7eef84388b2658a580d92d3257e99ce174

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:39 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
216448
search.spotxchange.com/openrtb/2.3/dados/ 		0
598 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/216448
Requested by
Host: aka.spotxcdn.com
URL: https://aka.spotxcdn.com/integration/directsdk/v1/directsdk.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://www.express.co.uk
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Access-Control-Request-Headers
content-type,x-openrtb-version

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:40 GMT
Last-Modified
Thu, 21 Nov 2019 16:12:40 GMT
Server
nginx
Access-Control-Max-Age
2592000
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://www.express.co.uk
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
content-type,x-openrtb-version
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
messages-count
www.spot.im/api/open-api/v1/ 		57 B
938 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.spot.im/api/open-api/v1/messages-count?spot_id=sp_9LMINbK9&posts_ids=1207000
Requested by
Host: app-cdn.spot.im
URL: https://app-cdn.spot.im/modules/messages-count/3.3.435/0.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.63 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip0x03f.map2.ssl.hwcdn.net
Software
/
Resource Hash
9914c6a28492ebba4139c205c8cd6c748d81d725fb20dd64826f2c2ee6320e70
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk

Response headers

Date
Thu, 21 Nov 2019 16:12:39 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
x-spotim-bid
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, PATCH, HEAD, OPTIONS
Connection
Keep-Alive
x-spotim-rid
x-spotim-vid
Access-Control-Max-Age
86400
X-HW
1574352757.dop132.fr8.t,1574352759.cds142.fr8.shn,1574352759.dop132.fr8.t,1574352759.cds131.fr8.sc,1574352759.cds131.fr8.p
Content-Type
application/json
Access-Control-Allow-Origin
https://www.express.co.uk
Access-Control-Expose-Headers
x-spotim-bid, x-spotim-rid, x-spotim-token, x-spotim-networkid, x-spotim-spotid, x-spotim-vid
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
x-spotim-bid, x-spotim-rid, x-spotim-token, x-spotim-networkid, x-spotim-spotid, x-spotim-vid, Content-Type
css
fonts.googleapis.com/ 		5 KB
717 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600&display=swap
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
fd5a1221feadba7ae4351bb0ae5e1e8ef9d5c29aa70825572de1a09ed45c4ece
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 21 Nov 2019 16:12:39 GMT
server
ESF
access-control-allow-origin
*
date
Thu, 21 Nov 2019 16:12:39 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Thu, 21 Nov 2019 16:12:39 GMT
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ 		4 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=303ffa806ed5d04c90cad689022ca6fb&pvId=303ffa806ed5d04c90cad689022ca6fb&sid=5343407&pid=511&idx=0&wId=186&pad=0&org=4&tm=1149&eT=3&wRV=104086&pVis=0&lsd=8d70a77c-fe37-4c97-83f5-563d77f6ae19&eIdx=0&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.31 , United States, ASN22075 (AS-OUTBRAIN - Outbrain, Inc., US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:42 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
close
X-TraceId
ddb9ffa0e22a6a84b9b77ee6be299ba
Content-Length
4
Expires
0
truncated
/ Frame C6A7 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f1d79f4595498b5e1e9f76fd104f8a0791400619ec6bf3a033ec22f3845b4636

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame F5E6 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10079&campId=970x250&pubId=4635466512&chanId=53774423&placementId=4870761093&pubCreative=138251962774&pubOrder=2435030858&cb=1177432811&custom=top&adsafe_par&impId=
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.166.0.26 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
anycast.pixel.adsafeprotected.com
Software
nginx /
Resource Hash
7bf768d3116e08098b795ad649f3b120d9ec79c48bae971ecee2855e28390277

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:39 GMT
Content-Encoding
gzip
X-Server-Name
app12ami.ami.303net.pvt
Transfer-Encoding
chunked
Content-Type
application/javascript;charset=utf-8
Access-Control-Allow-Origin
pixel.adsafeprotected.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Server
nginx
Expires
Wed, 31 Dec 1969 23:59:59 GMT
truncated
/ Frame DEE6 		207 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9fcdaa1bc0889d027fa2d2efb7cd9030c7fe4f3a9a992003e23c61632009f20f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame 8C2D 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10079&campId=300x600&pubId=4635466512&chanId=53774423&placementId=4870733667&pubCreative=138251963101&pubOrder=2435030858&cb=51464178&custom=right&adsafe_par&impId=
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.166.0.26 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
anycast.pixel.adsafeprotected.com
Software
nginx /
Resource Hash
67c13e041a1b1a64655fbfc6a845bfeea399c4f3dddaacfe8a592101abdb69a0

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:39 GMT
Content-Encoding
gzip
X-Server-Name
app12ami.ami.303net.pvt
Transfer-Encoding
chunked
Content-Type
application/javascript;charset=utf-8
Access-Control-Allow-Origin
pixel.adsafeprotected.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Server
nginx
Expires
Wed, 31 Dec 1969 23:59:59 GMT
truncated
/ Frame B56F 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
efea62bda1daeaef70533f73ee2251e3769123dd7c4ab49c183abda9db6f1dd1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame 4279 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10079&campId=300x250&pubId=4635466512&chanId=53774423&placementId=4871301086&pubCreative=138251964595&pubOrder=2435030858&cb=1670030358&custom=right2&adsafe_par&impId=
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.166.0.26 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
anycast.pixel.adsafeprotected.com
Software
nginx /
Resource Hash
a7fe4145a2e636e1b053b0366027c1755e5b3a9ba7965eab7c160f729bff57a8

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:39 GMT
Content-Encoding
gzip
X-Server-Name
app12ami.ami.303net.pvt
Transfer-Encoding
chunked
Content-Type
application/javascript;charset=utf-8
Access-Control-Allow-Origin
pixel.adsafeprotected.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Server
nginx
Expires
Wed, 31 Dec 1969 23:59:59 GMT
truncated
/ Frame 670F 		220 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
91c32f175c6d7fb7a817de6a8e01ef83edd639012475c954906eb173ae1961f5

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame 9182 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10079&campId=300x250&pubId=4635466512&chanId=53774423&placementId=4870730049&pubCreative=138251763494&pubOrder=2435030858&cb=588977422&custom=right3&adsafe_par&impId=
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.166.0.26 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
anycast.pixel.adsafeprotected.com
Software
nginx /
Resource Hash
2839f324b6f42b0d816cef3cc1614dffd394c4aa7ab250a32c00e2d050184157

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:39 GMT
Content-Encoding
gzip
X-Server-Name
app26ami.ami.303net.pvt
Transfer-Encoding
chunked
Content-Type
application/javascript;charset=utf-8
Access-Control-Allow-Origin
pixel.adsafeprotected.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Server
nginx
Expires
Wed, 31 Dec 1969 23:59:59 GMT
pixel
pix.spot.im/api/v1/ 		16 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pix.spot.im/api/v1/pixel?m=eyJwYWdlX3ZpZXdfaWQiOiI5MGE2OTFhNi0xMjQxLTRiMmMtODAyOC05YmZlYjE4OTFkOTQiLCJyZWZlcnJlciI6Imh0dHA6Ly9zaHIuZ3Mva1dRYnowUiIsInNvdXJjZSI6InBpdGMiLCJzb3VyY2VfdmVyc2lvbiI6MCwic3BvdF9pZCI6InNwXzlMTUlOYks5IiwiY29udmVyc2F0aW9uX2lkIjoic3BfOUxNSU5iSzlfMTIwNzAwMCIsInR5cGUiOiJwYWdlX2luaXRpYWxpemVkIiwidXNlcl9pZCI6MCwiZG9tYWluIjoiIiwiZHVyYXRpb24iOjAsImliX2Jyb3dzZXJfaWQiOiIiLCJsYW5nIjoiIiwidGltZV9kZWx0YSI6MCwidWlkIjoiIiwidXJsIjoiIiwidmlzaXRfaWQiOiIiLCJlbGVtZW50IjoiZmFsc2UifQ%3D%3D&rnd=0.8405484343860603
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.9 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
fasthttp /
Resource Hash
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
x-spotim-device-uuid
undefined
x-spotim-page-view-id
90a691a6-1241-4b2c-8028-9bfeb1891d94
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Origin
https://www.express.co.uk

Response headers

pragma
no-cache
date
Thu, 21 Nov 2019 16:12:39 GMT
server
fasthttp
status
200
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.express.co.uk
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
access-control-allow-headers
content-type, x-spotim-device-uuid, x-spotim-page-view-id, x-spotim-source, x-xsrf-token
content-length
16
expires
Thu, 21 Nov 2019 16:12:39 GMT
56858e43-e4b4-490b-96f7-a74b4673b0b2
https://www.express.co.uk/ 		49 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.express.co.uk/56858e43-e4b4-490b-96f7-a74b4673b0b2
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43bef92a11c181c58a749bb89b09d5635c9290a2652cc3ea8e34f5c588582535

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Content-Length
50581
Content-Type
application/javascript
4870761093
dfp-gateway.s-onetag.com/1/34722903/ 		119 B
587 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dfp-gateway.s-onetag.com/1/34722903/4870761093
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/0db6fc14-cc7e-43d6-aa47-200c36378f86/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:2400:a:52eb:a100:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
/
Resource Hash
11c2a935a5453887aaf8d73e4b82bce853345bca3e240d670ca018693a6319d6

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk

Response headers

date
Thu, 21 Nov 2019 15:52:22 GMT
via
1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront), 1.1 ac0e9b19969df989a920e6d1b834d009.cloudfront.net (CloudFront)
age
846
x-amzn-requestid
116701cd-b455-4111-b5cb-3f974b3e1d2d
status
200
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=3600, public
x-amzn-trace-id
Root=1-5dd6b2b6-d9ddd123ad986238db597dbf;Sampled=0
x-amz-cf-pop
FRA50-C1, FRA2-C2
x-amz-apigw-id
DhDchFwUSK4FXpQ=
content-length
119
x-amz-cf-id
tenzu1x4Xa3wT1XnXoQ0Vr48h2HLh-uD3OeZmRWDFp_HrUtro2oMPg==
4870733667
dfp-gateway.s-onetag.com/1/34722903/ 		119 B
583 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dfp-gateway.s-onetag.com/1/34722903/4870733667
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/0db6fc14-cc7e-43d6-aa47-200c36378f86/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:2400:a:52eb:a100:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
/
Resource Hash
11c2a935a5453887aaf8d73e4b82bce853345bca3e240d670ca018693a6319d6

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk

Response headers

date
Thu, 21 Nov 2019 15:30:52 GMT
via
1.1 44d7d28132a47c2b5760c4ec3dd7aa89.cloudfront.net (CloudFront), 1.1 ac0e9b19969df989a920e6d1b834d009.cloudfront.net (CloudFront)
age
609
x-amzn-requestid
ad370359-0bb2-4dcc-ac45-e159fb8ffa12
status
200
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=3600, public
x-amzn-trace-id
Root=1-5dd6adac-6898bbdcc90feec872797b76;Sampled=0
x-amz-cf-pop
FRA53, FRA2-C2
x-amz-apigw-id
DhATAHttyK4Fkbw=
content-length
119
x-amz-cf-id
PrGF5uvd3-T1G5zVFIsMRKK_fAVU8KMzJq_hg20FL_oicaykCgG7gw==
4871301086
dfp-gateway.s-onetag.com/1/34722903/ 		119 B
585 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dfp-gateway.s-onetag.com/1/34722903/4871301086
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/0db6fc14-cc7e-43d6-aa47-200c36378f86/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:2400:a:52eb:a100:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
/
Resource Hash
11c2a935a5453887aaf8d73e4b82bce853345bca3e240d670ca018693a6319d6

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk

Response headers

date
Thu, 21 Nov 2019 15:50:51 GMT
via
1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront), 1.1 ac0e9b19969df989a920e6d1b834d009.cloudfront.net (CloudFront)
age
1088
x-amzn-requestid
16549e80-d458-4e4e-b83b-92476bdeeff5
status
200
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=3600, public
x-amzn-trace-id
Root=1-5dd6b25b-240c60ff3cbbafc8a0b058fc;Sampled=0
x-amz-cf-pop
FRA2-C1, FRA2-C2
x-amz-apigw-id
DhDOVGkQSK4Fgrg=
content-length
119
x-amz-cf-id
jiTvudDEeaP9y7zOymTRANm-Mr7tust6Cqupf-Fckj5oDlp0kUWhTg==
4870730049
dfp-gateway.s-onetag.com/1/34722903/ 		119 B
588 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dfp-gateway.s-onetag.com/1/34722903/4870730049
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/0db6fc14-cc7e-43d6-aa47-200c36378f86/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:2400:a:52eb:a100:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
/
Resource Hash
11c2a935a5453887aaf8d73e4b82bce853345bca3e240d670ca018693a6319d6

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk

Response headers

date
Thu, 21 Nov 2019 15:50:51 GMT
via
1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront), 1.1 ac0e9b19969df989a920e6d1b834d009.cloudfront.net (CloudFront)
age
1088
x-amzn-requestid
173998a0-dcb0-4155-8c1c-fca2b18e73f9
status
200
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=3600, public
x-amzn-trace-id
Root=1-5dd6b25b-6d6706b448930db0dea988ac;Sampled=0
x-amz-cf-pop
FRA50-C1, FRA2-C2
x-amz-apigw-id
DhDOVFbaSK4FUzA=
content-length
119
x-amz-cf-id
vGhtODLzaFyL2DTpOBaw5xCLoc5gZTuwAMD5KbYq7L52puUokKfdWA==
218007983
dfp-gateway.s-onetag.com/1/34722903/ 		118 B
577 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dfp-gateway.s-onetag.com/1/34722903/218007983
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/0db6fc14-cc7e-43d6-aa47-200c36378f86/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:2400:a:52eb:a100:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
/
Resource Hash
010a899a1d6dfa6e43aa93da9771bbadc7d3e03c57fab8632927dce80ff052a2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk

Response headers

date
Thu, 21 Nov 2019 15:23:51 GMT
via
1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront), 1.1 ac0e9b19969df989a920e6d1b834d009.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1, FRA2-C2
x-amzn-requestid
f092ac82-a216-42cd-bc13-53e6126c2ae4
status
200
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=3600, public
x-amzn-trace-id
Root=1-5dd6ac07-8d7cc200e8d85e4191fb4d0a;Sampled=0
x-amz-apigw-id
Dg_ROFSyyK4FuZg=
content-length
118
x-amz-cf-id
2dmvnHSweHULIW5LUWbvg3JSTnKbCp_a2hKmqFJYUYDSUTnqzpi0Gg==
128001743
dfp-gateway.s-onetag.com/1/34722903/ 		109 B
567 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dfp-gateway.s-onetag.com/1/34722903/128001743
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/0db6fc14-cc7e-43d6-aa47-200c36378f86/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:2400:a:52eb:a100:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
/
Resource Hash
c6784ee63d91a22eefc546183adb67258875523b96fe5bfe1ba1cecb09e657d8

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk

Response headers

date
Thu, 21 Nov 2019 15:27:32 GMT
via
1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront), 1.1 ac0e9b19969df989a920e6d1b834d009.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2, FRA2-C2
x-amzn-requestid
650e1de8-4056-4204-9c2c-3aaa8c3dc283
status
200
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=3600, public
x-amzn-trace-id
Root=1-5dd6ace4-79ab4a8aa784cc73ae274efb;Sampled=0
x-amz-apigw-id
Dg_zpEfLSK4FWTw=
content-length
109
x-amz-cf-id
E8lt3hsxujV5mjHPGLIoij_hSNXL_dkGtiUwW1GYo2l-QPGcOgYQew==
5225067755
dfp-gateway.s-onetag.com/1/34722903/ 		118 B
577 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dfp-gateway.s-onetag.com/1/34722903/5225067755
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/0db6fc14-cc7e-43d6-aa47-200c36378f86/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:2400:a:52eb:a100:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
/
Resource Hash
010a899a1d6dfa6e43aa93da9771bbadc7d3e03c57fab8632927dce80ff052a2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk

Response headers

date
Thu, 21 Nov 2019 15:55:40 GMT
via
1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront), 1.1 ac0e9b19969df989a920e6d1b834d009.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1, FRA2-C2
x-amzn-requestid
6e8c81b8-5be7-4d4d-a2bc-fdc5e6186b5b
status
200
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=3600, public
x-amzn-trace-id
Root=1-5dd6b37c-2474b62acb81224c2c4b91f1;Sampled=0
x-amz-apigw-id
DhD7iG_TSK4FmWg=
content-length
118
x-amz-cf-id
ovIHAVhbwbc2qc4TDIC_Fd4B_xtVCvh_nAxOMQHQjqjR1v9O5Fhejw==
2540076170001_5454040670001_s-1.ts
f1.media.brightcove.com/10/2540076170001/5454040670001/ 		1 MB
1 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://f1.media.brightcove.com/10/2540076170001/5454040670001/2540076170001_5454040670001_s-1.ts?pubId=2540076170001&videoId=5454038390001
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.27 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
e4a18fa5369a0b318aaf72a5bab475c3d4311356a017106d9ae8c3747724f85b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk

Response headers

date
Thu, 21 Nov 2019 16:12:39 GMT
via
1.1 0fbab52df0695e2a561cd26eb7f9484d.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
age
4385529
x-cache
Miss from cloudfront, HIT, HIT
status
200
content-length
1303028
x-served-by
cache-iad2150-IAD, cache-fra19148-FRA
last-modified
Wed, 31 May 2017 06:35:15 GMT
x-timer
S1574352760.600604,VS0,VE1
etag
"7e46c0245b92d7701563a6f8fb21bbdd"
content-type
video/MP2T
access-control-allow-origin
*
cache-control
max-age=0
x-amz-cf-pop
IAD89-C1
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-amz-cf-id
7JIjWEiEvgKoKOkyKxbz6CL2hSYMKQqiQevXjbRJo-nMoROhkMJSqg==
x-cache-hits
2, 1
5454038390001
edge.api.brightcove.com/playback/v1/accounts/2540076170001/videos/ 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://edge.api.brightcove.com/playback/v1/accounts/2540076170001/videos/5454038390001
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.97.127 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-97-127.fra50.r.cloudfront.net
Software
/
Resource Hash
195356f66f29ff1d50d006f6c859de0c3d24bf5c3b8e62f6acd78f6ef84cc820
Security Headers
Name Value
Strict-Transport-Security max-age=77766000; includeSubDomains

Request headers

Accept
application/json;pk=BCpkADawqM3Dmzg7zRlKEmzcSAqR4vFC4MpyD0075pbeW0d779IrRf-anBPDszKFRm29RtjAGKoEpMIaZ77MCa9sg3FEJvjlzLS_lu0eXl3P-dUfQsoJ3LvMbiGkYL0cJNwEvNhrJy8Fh7TG
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:02:05 GMT
Via
1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
BCOV-REQUEST-ID
93223d36-6354-4448-8967-6a6fa56a7c37
Age
3
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
2777
BCOV-instance
i-07e32d5cd2daa19c9, ce8ca2e, 2019-11-21 16:02:05.277Z
Strict-Transport-Security
max-age=77766000; includeSubDomains
X-Originating-URL
https://edge-elb.api.brightcove.com/playback/v1/accounts/2540076170001/videos/5454038390001
access-control-allow-origin
*
access-control-expose-headers
x-cache,via,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id
Cache-Control
max-age=651
X-Amz-Cf-Pop
FRA50-C1
Content-Type
application/json; charset=UTF-8
X-Amz-Cf-Id
uo_SFH2viRHM6ezZ8G0893fFRNWPTvQ4Gdu_7Gvso9Iy_kWHXAk1oA==
ad
www.google.com/adsense/
Redirect Chain
  • https://google.com/adsense/ad
  • https://www.google.com/adsense/ad?hl=en_US
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google.com/adsense/ad?hl=en_US
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

status
403
date
Thu, 21 Nov 2019 16:12:40 GMT
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1103
content-type
text/html; charset=UTF-8

Redirect headers

date
Thu, 21 Nov 2019 16:12:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
status
302
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://www.google.com/adsense/ad?hl=en_US
cache-control
private, max-age=0
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 21 Nov 2019 16:12:40 GMT
pitc
api-gw.spot.im/v1.0.0/feed/spot/sp_9LMINbK9/post/1207000/ 		0
632 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-gw.spot.im/v1.0.0/feed/spot/sp_9LMINbK9/post/1207000/pitc
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/popular-in-the-community/popular-in-the-community-bundle-1c394e7b45d3769f38a5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.224.137.133 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-224-137-133.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://www.express.co.uk
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Access-Control-Request-Headers
content-type,x-post-id,x-spot-id,x-spotim-page-view-id

Response headers

date
Thu, 21 Nov 2019 16:13:01 GMT
server
istio-envoy
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://www.express.co.uk
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-spotim-device-v2, x-spotim-device-uuid
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
Connection
keep-alive
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid
Content-Length
0
v2
spotops.spot.im/spot/sp_9LMINbK9/recirculation/ 		0
566 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spotops.spot.im/spot/sp_9LMINbK9/recirculation/v2?platform=Desktop&infra_version=2&day=thursday&hour=17
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/popular-in-the-community/popular-in-the-community-bundle-1c394e7b45d3769f38a5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.35 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Access-Control-Request-Method
GET
Origin
https://www.express.co.uk
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Access-Control-Request-Headers
x-guid

Response headers

date
Thu, 21 Nov 2019 16:13:01 GMT
x-content-type-options
nosniff
status
200
x-spotim-bid
x-spotim-rid
content-length
0
x-spotim-vid
pragma
no-cache
access-control-max-age
86400
access-control-allow-methods
GET, POST, DELETE, PUT, PATCH, HEAD, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.express.co.uk
access-control-expose-headers
x-spotim-bid, x-spotim-rid, x-spotim-token, x-spotim-networkid, x-spotim-spotid, x-spotim-vid
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
access-control-allow-headers
x-guid, x-spotim-bid, x-spotim-rid, x-spotim-token, x-spotim-networkid, x-spotim-spotid, x-spotim-vid, Content-Type, x-spotim-page-view-id, x-spotim-source, x-spotim-device-uuid
expires
Thu, 21 Nov 2019 16:13:01 GMT
px.gif
publisher-assets.spot.im/eyeo/ 		42 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://publisher-assets.spot.im/eyeo/px.gif?ch=1&rn=8.375557055720662
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.33 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-33.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:12:42 GMT
content-encoding
gzip
last-modified
Tue, 22 Oct 2019 11:38:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"d89746888da2d9510b64a9f031eaecd5"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
max-age=31622400
accept-ranges
bytes
access-control-allow-origin
*
content-length
53
x-amz-cf-id
C4XHachEHnuqHCa4Q75hKECsZKpP59yQVFk1c1RPwOVzM--824cHew==
expires
Sat, 21 Nov 2020 16:12:42 GMT
px.gif
publisher-assets.spot.im/eyeo/ 		42 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://publisher-assets.spot.im/eyeo/px.gif?ch=2&rn=8.375557055720662
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.33 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-33.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:12:42 GMT
content-encoding
gzip
last-modified
Tue, 22 Oct 2019 11:38:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"d89746888da2d9510b64a9f031eaecd5"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
max-age=31622400
accept-ranges
bytes
access-control-allow-origin
*
content-length
53
x-amz-cf-id
J7ur9adRuHa8d3j1aOGOcf44f-5kmOW16tds35Cpybvd_sEuakd4lA==
expires
Sat, 21 Nov 2020 16:12:42 GMT
pixel
pix.spot.im/api/v1/ 		0
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pix.spot.im/api/v1/pixel?m=eyJzb3VyY2UiOiJwaXRjIiwidHlwZSI6ImxvYWRlZCIsImRvbWFpbiI6Ind3dy5leHByZXNzLmNvLnVrIiwidXJsIjoiaHR0cHM6Ly93d3cuZXhwcmVzcy5jby51ay9saWZlLXN0eWxlL3NjaWVuY2UtdGVjaG5vbG9neS8xMjA3MDAwL1dpbmRvd3MtMTAtVXBkYXRlLVJhbnNvbXdhcmUtRG8tTm90LURvd25sb2FkIiwicmVmZXJyZXIiOiJodHRwOi8vc2hyLmdzL2tXUWJ6MFIiLCJsYW5nIjoiZW4tVVMiLCJ0aW1lX2RlbHRhIjoyMzIxLCJ1aWQiOiI2NTZiODI2ZTEwYTVhMDVlYjQ2MmMyNzY5NGRiMmNiNSIsInZpc2l0X2lkIjoiNGI3NjE3Njc4YmY0ZTBkNzAyNTg2NWFiY2NiZGRiNDYiLCJkdXJhdGlvbiI6MCwiaWJfYnJvd3Nlcl9pZCI6ImI5ZGJhNjE2ZDZlMWE2MmQxNDdlYWI1ZmM5ZjgyNzkxIiwicGFnZV92aWV3X2lkIjoiOTBhNjkxYTYtMTI0MS00YjJjLTgwMjgtOWJmZWIxODkxZDk0Iiwic3BvdF9pZCI6InNwXzlMTUlOYks5IiwiY29udmVyc2F0aW9uX2lkIjoic3BfOUxNSU5iSzlfMTIwNzAwMCIsInJvdyI6MX0%3D&rnd=0.3211222786258847
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/popular-in-the-community/popular-in-the-community-bundle-1c394e7b45d3769f38a5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.16 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-16.deploy.static.akamaitechnologies.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
GET
Origin
https://www.express.co.uk
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Access-Control-Request-Headers
x-spotim-device-uuid,x-spotim-page-view-id

Response headers

pragma
no-cache
date
Thu, 21 Nov 2019 16:12:39 GMT
server
fasthttp
access-control-allow-origin
https://www.express.co.uk
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
status
200
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
access-control-allow-headers
content-type, x-spotim-device-uuid, x-spotim-page-view-id, x-spotim-source, x-xsrf-token
content-length
0
expires
Thu, 21 Nov 2019 16:12:39 GMT
6002961541001
edge.api.brightcove.com/playback/v1/accounts/2540076170001/videos/ 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://edge.api.brightcove.com/playback/v1/accounts/2540076170001/videos/6002961541001
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.97.127 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-97-127.fra50.r.cloudfront.net
Software
/
Resource Hash
5af10812b4e416cbf0067a044a1e342dcecf5e0a3170b0d432578b4906757383
Security Headers
Name Value
Strict-Transport-Security max-age=77766000; includeSubDomains

Request headers

Accept
application/json;pk=BCpkADawqM3Dmzg7zRlKEmzcSAqR4vFC4MpyD0075pbeW0d779IrRf-anBPDszKFRm29RtjAGKoEpMIaZ77MCa9sg3FEJvjlzLS_lu0eXl3P-dUfQsoJ3LvMbiGkYL0cJNwEvNhrJy8Fh7TG
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

BCOV-instance
i-0a138477fb65730b0, ce8ca2e, 2019-11-21 16:10:53.466Z
Via
1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
BCOV-REQUEST-ID
25ec0fe3-1e79-4f4d-a451-56ad553b1a6f
X-Amz-Cf-Pop
FRA50-C1
Date
Thu, 21 Nov 2019 16:10:53 GMT
Strict-Transport-Security
max-age=77766000; includeSubDomains
X-Cache
Hit from cloudfront
Content-Type
application/json; charset=UTF-8
access-control-allow-origin
*
X-Originating-URL
https://edge-elb.api.brightcove.com/playback/v1/accounts/2540076170001/videos/6002961541001
access-control-expose-headers
x-cache,via,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id
Cache-Control
max-age=478
Connection
keep-alive
Content-Length
2918
X-Amz-Cf-Id
12Rt0e2LcGCHA4GBE2y4dkqG80UaSmXBf9d6_PsupVGpytQEaFw1cg==
ping
ping.chartbeat.net/ 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=express.co.uk&p=%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&u=BNGg0kDzz3NMHuQVD&d=express.co.uk&g=33715&g0=Life%20%26%20Style%2C%20Tech&g1=Aaron%20Brown&n=1&f=00001&c=0.02&x=0&m=0&y=7410&o=1585&w=1200&j=30&R=1&W=0&I=0&E=1&e=1&r=http%3A%2F%2Fshr.gs%2FkWQbz0R&b=1241&t=DrCnysCf55UXBMPdJ6CMaFK1B0_k6f&V=116&tz=-60&_vi=Here%27s%20what%20you%20should%20do%20after%20a%20Windows%2010%20upgrade&_vp=5454038390001&_vdd=video%40express.co.uk&_vs=s1&_vt=ct&_vap=&_vtn=https%3A%2F%2Fhttpsak-a.akamaihd.net%2F2540076170001%2F2540076170001_5454040540001_5454038390001-th.jpg%3FpubId%3D2540076170001%26videoId%3D5454038390001&_vd=-1&sn=2&sv=eGwBND181MFDU05kh_r5eBB2ijz3&sr=http%3A%2F%2Fshr.gs%2FkWQbz0R&sd=1&im=067b9fff&_
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.86.129.194 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-86-129-194.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

status
200
pragma
no-cache
date
Thu, 21 Nov 2019 16:12:39 GMT
cache-control
no-cache, no-store, must-revalidate
expires
0
content-length
43
content-type
image/gif
main.19.8.29.js
static.adsafeprotected.com/ Frame 173D 		158 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.29.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10079&campId=300x250&pubId=36174863&chanId=53774423&placementId=128001743&pubCreative=67911598703&pubOrder=282217463&cb=656476056&custom=right1&adsafe_par&impId=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.166.0.32 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
anycast.static.adsafeprotected.com
Software
nginx /
Resource Hash
5aefa925c6e7bae2a0adea40573ca5f7c47244a30451566e79cbe650e55d213f

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:40 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Nov 2019 00:20:33 GMT
X-Server-Name
app32ami.ami.303net.pvt
ETag
"5dd486d1-c872"
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
51314
Server
nginx
Expires
Thu, 31 Dec 2037 23:55:55 GMT
main.19.8.29.js
static.adsafeprotected.com/ Frame 2F9A 		158 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.29.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10079&campId=1x1&pubId=113799503&chanId=53774423&placementId=218007983&pubCreative=94254180023&pubOrder=471976343&cb=1012571553&custom=middle&adsafe_par&impId=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.166.0.32 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
anycast.static.adsafeprotected.com
Software
nginx /
Resource Hash
5aefa925c6e7bae2a0adea40573ca5f7c47244a30451566e79cbe650e55d213f

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:40 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Nov 2019 00:20:33 GMT
X-Server-Name
app32ami.ami.303net.pvt
ETag
"5dd486d1-c872"
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
51314
Server
nginx
Expires
Thu, 31 Dec 2037 23:55:55 GMT
obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 2429 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.215 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-225-215.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Host
widgets.outbrain.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Accept-Encoding
gzip, deflate, br
Cookie
obuid=8d70a77c-fe37-4c97-83f5-563d77f6ae19; akacd_widgets_routing=3751805558~rv=7~id=f1b8a7e1d14ce46a2e174e9125259783; recs_b3ba3fd2d24bb96a4531818531d757a2=0B2511542391A2476040462A2472296267A2503199273A2448313276AC1B1925901673A2241805968A2091974558A2259673206A2262793391A2468442038A2493897833A2231897664A2269058408A1848435813A2443705321A2523678243ACD1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download

Response headers

Server
Apache
ETag
"06266b158cc1a0b89268d5a7103a27c4:1503211501"
Last-Modified
Sun, 20 Aug 2017 06:45:01 GMT
Accept-Ranges
bytes
Content-Type
text/html
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
271
Cache-Control
max-age=604800
Date
Thu, 21 Nov 2019 16:12:39 GMT
Connection
keep-alive
Timing-Allow-Origin
*
Access-Control-Allow-Credentials
false
Access-Control-Allow-Methods
GET,POST
Access-Control-Allow-Origin
*
obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 8599 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.215 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-225-215.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Host
widgets.outbrain.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Accept-Encoding
gzip, deflate, br
Cookie
obuid=8d70a77c-fe37-4c97-83f5-563d77f6ae19; akacd_widgets_routing=3751805558~rv=7~id=f1b8a7e1d14ce46a2e174e9125259783; recs_b3ba3fd2d24bb96a4531818531d757a2=0B2511542391A2476040462A2472296267A2503199273A2448313276AC1B1925901673A2241805968A2091974558A2259673206A2262793391A2468442038A2493897833A2231897664A2269058408A1848435813A2443705321A2523678243ACD1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download

Response headers

Server
Apache
ETag
"06266b158cc1a0b89268d5a7103a27c4:1503211501"
Last-Modified
Sun, 20 Aug 2017 06:45:01 GMT
Accept-Ranges
bytes
Content-Type
text/html
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
271
Cache-Control
max-age=604800
Date
Thu, 21 Nov 2019 16:12:39 GMT
Connection
keep-alive
Timing-Allow-Origin
*
Access-Control-Allow-Credentials
false
Access-Control-Allow-Methods
GET,POST
Access-Control-Allow-Origin
*
obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 0496 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.215 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-225-215.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Host
widgets.outbrain.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Accept-Encoding
gzip, deflate, br
Cookie
obuid=8d70a77c-fe37-4c97-83f5-563d77f6ae19; akacd_widgets_routing=3751805558~rv=7~id=f1b8a7e1d14ce46a2e174e9125259783; recs_b3ba3fd2d24bb96a4531818531d757a2=0B2511542391A2476040462A2472296267A2503199273A2448313276AC1B1925901673A2241805968A2091974558A2259673206A2262793391A2468442038A2493897833A2231897664A2269058408A1848435813A2443705321A2523678243ACD1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download

Response headers

Server
Apache
ETag
"06266b158cc1a0b89268d5a7103a27c4:1503211501"
Last-Modified
Sun, 20 Aug 2017 06:45:01 GMT
Accept-Ranges
bytes
Content-Type
text/html
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
271
Cache-Control
max-age=604800
Date
Thu, 21 Nov 2019 16:12:39 GMT
Connection
keep-alive
Timing-Allow-Origin
*
Access-Control-Allow-Credentials
false
Access-Control-Allow-Methods
GET,POST
Access-Control-Allow-Origin
*
obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame D75B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.215 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-225-215.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Host
widgets.outbrain.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Accept-Encoding
gzip, deflate, br
Cookie
obuid=8d70a77c-fe37-4c97-83f5-563d77f6ae19; akacd_widgets_routing=3751805558~rv=7~id=f1b8a7e1d14ce46a2e174e9125259783; recs_b3ba3fd2d24bb96a4531818531d757a2=0B2511542391A2476040462A2472296267A2503199273A2448313276AC1B1925901673A2241805968A2091974558A2259673206A2262793391A2468442038A2493897833A2231897664A2269058408A1848435813A2443705321A2523678243ACD1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download

Response headers

Server
Apache
ETag
"06266b158cc1a0b89268d5a7103a27c4:1503211501"
Last-Modified
Sun, 20 Aug 2017 06:45:01 GMT
Accept-Ranges
bytes
Content-Type
text/html
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
271
Cache-Control
max-age=604800
Date
Thu, 21 Nov 2019 16:12:39 GMT
Connection
keep-alive
Timing-Allow-Origin
*
Access-Control-Allow-Credentials
false
Access-Control-Allow-Methods
GET,POST
Access-Control-Allow-Origin
*
obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame EC9D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.215 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-225-215.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Host
widgets.outbrain.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Accept-Encoding
gzip, deflate, br
Cookie
obuid=8d70a77c-fe37-4c97-83f5-563d77f6ae19; akacd_widgets_routing=3751805558~rv=7~id=f1b8a7e1d14ce46a2e174e9125259783; recs_b3ba3fd2d24bb96a4531818531d757a2=0B2511542391A2476040462A2472296267A2503199273A2448313276AC1B1925901673A2241805968A2091974558A2259673206A2262793391A2468442038A2493897833A2231897664A2269058408A1848435813A2443705321A2523678243ACD1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download

Response headers

Server
Apache
ETag
"06266b158cc1a0b89268d5a7103a27c4:1503211501"
Last-Modified
Sun, 20 Aug 2017 06:45:01 GMT
Accept-Ranges
bytes
Content-Type
text/html
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
271
Cache-Control
max-age=604800
Date
Thu, 21 Nov 2019 16:12:39 GMT
Connection
keep-alive
Timing-Allow-Origin
*
Access-Control-Allow-Credentials
false
Access-Control-Allow-Methods
GET,POST
Access-Control-Allow-Origin
*
disclosure.png
widgets.outbrain.com/external/vendors/ 		476 B
907 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/external/vendors/disclosure.png
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.215 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-225-215.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
53ab1520402c2ade95cfbd4232430e936485c3f0deb70fda33c64d760d98a9a9

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:39 GMT
Last-Modified
Wed, 20 Nov 2019 15:20:04 GMT
Server
Apache
ETag
"4d39e26ad7c27bebbc022d353bf4bbb6:1574263269"
Access-Control-Allow-Methods
GET,POST
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
476
ob_smartFeedLogo.min.svg
widgets.outbrain.com/images/widgetIcons/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_smartFeedLogo.min.svg
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.215 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-225-215.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8050f05c230d74be333b63cef230e786094e9100f55fa19c6c0831e95870768d

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:39 GMT
Last-Modified
Thu, 21 Nov 2019 13:53:45 GMT
Server
Apache
ETag
"f370d19306add072a726e7f4ade8dc57:1574344646"
Access-Control-Allow-Methods
GET,POST
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
7090
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.215 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-225-215.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:39 GMT
Content-Encoding
gzip
Last-Modified
Thu, 21 Nov 2019 13:53:45 GMT
Server
Apache
ETag
"9d26fa4e7238ed94f1d0d92afb453b3e:1574344623"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1368
l
mcdp-chidc2.outbrain.com/ 		4 B
376 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcdp-chidc2.outbrain.com/l?token=405838df7f57a24d70b0a18d00a685b7_511_1574352759593&tm=1539&eT=0&widgetWidth=590&widgetHeight=1044&widgetX=323&widgetY=3776&wRV=104086&pVis=1&lsd=8d70a77c-fe37-4c97-83f5-563d77f6ae19&eIdx=&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.31.142.63 Chicago, United States, ASN22075 (AS-OUTBRAIN - Outbrain, Inc., US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk

Response headers

Date
Thu, 21 Nov 2019 16:12:45 GMT
content-encoding
gzip
Strict-Transport-Security
max-age=0; includeSubDomains;
Content-Type
application/json; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
content-range
Connection
close
X-TraceId
c9f8fbf1dc4a28518d57b26e9b89ae4
Content-Length
30
proxy.js
widgets.outbrain.com/nanoWidget/104086/module/ 		823 B
852 B 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/104086/module/proxy.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.215 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-225-215.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ce0286089b61f671256cc0b11456652b56c1edc11dd4b991370564f4045e91b0

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:39 GMT
Content-Encoding
gzip
Last-Modified
Thu, 21 Nov 2019 13:53:45 GMT
Server
Apache
ETag
"726097199d1d6c0686c5f960692cef5d:1574344675"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=345600
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
359
streamFeed.js
widgets.outbrain.com/nanoWidget/104086/module/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/104086/module/streamFeed.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.215 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-225-215.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ebe826903eb070e69119f78b9e4acee1703a0f6244c32335cc841f552c651e52

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:39 GMT
Content-Encoding
gzip
Last-Modified
Thu, 21 Nov 2019 13:53:45 GMT
Server
Apache
ETag
"14be7a705c6b1f0ab32e754f02a03e0f:1574344686"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=345600
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
13015
get
odb.outbrain.com/utils/ 		56 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&srcUrl=https%3A%2F%2Fwww.express.co.uk%2Fposts%2Frss%2F59%2Ftechnology&settings=true&recs=true&widgetJSId=SB_1&key=NANOWDGT01&idx=2&version=104086&apv=true&sig=BS0FNwdL&format=html&va=true&rand=5382&lsd=8d70a77c-fe37-4c97-83f5-563d77f6ae19&lsdt=1574352759386&pdobuid=0&osLang=en-US&t=MzAzZmZhODA2ZWQ1ZDA0YzkwY2FkNjg5MDIyY2E2ZmI=&winW=1600&winH=1200&scrW=1600&scrH=1200&adblck=false&secured=true&cmpStat=1&ref=http%3A%2F%2Fshr.gs%2FkWQbz0R
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
01c2e9085db5c5a741a6264764dc3c0e0689b9c5a5b955ba09a07ab6358b8f93
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=0; includeSubDomains;
content-encoding
gzip
traffic-path
CHIDC2, MDW, FRA, Europe2
x-cache
MISS, MISS
p3p
policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
status
200
x-traceid
4de09c7ab01b0f55fd85877434a2c80a
content-length
22461
x-served-by
cache-mdw17349-MDW, cache-fra19126-FRA
pragma
no-cache
x-timer
S1574352760.836836,VS0,VE284
date
Thu, 21 Nov 2019 16:12:40 GMT
vary
Accept-Encoding, User-Agent
content-type
text/x-json; charset=UTF-8
via
1.1 varnish, 1.1 varnish
expires
Thu, 01 Jan 1970 00:00:00 GMT
cache-control
no-cache
backend-ip
157.52.75.49
accept-ranges
bytes, bytes
x-cache-hits
0, 0
main.19.8.29.js
static.adsafeprotected.com/ Frame F0C4 		158 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.29.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10079&campId=8x8&pubId=113799503&chanId=33739823&placementId=5225067755&pubCreative=138294843343&pubOrder=471976343&cb=1769595359&custom=&adsafe_par&impId=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.166.0.32 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
anycast.static.adsafeprotected.com
Software
nginx /
Resource Hash
5aefa925c6e7bae2a0adea40573ca5f7c47244a30451566e79cbe650e55d213f

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:40 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Nov 2019 00:20:33 GMT
X-Server-Name
app32ami.ami.303net.pvt
ETag
"5dd486d1-c872"
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
51314
Server
nginx
Expires
Thu, 31 Dec 2037 23:55:55 GMT
main.19.8.29.js
static.adsafeprotected.com/ Frame F5E6 		158 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.29.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10079&campId=970x250&pubId=4635466512&chanId=53774423&placementId=4870761093&pubCreative=138251962774&pubOrder=2435030858&cb=1177432811&custom=top&adsafe_par&impId=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.166.0.32 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
anycast.static.adsafeprotected.com
Software
nginx /
Resource Hash
5aefa925c6e7bae2a0adea40573ca5f7c47244a30451566e79cbe650e55d213f

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:40 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Nov 2019 00:20:33 GMT
X-Server-Name
app32ami.ami.303net.pvt
ETag
"5dd486d1-c872"
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
51314
Server
nginx
Expires
Thu, 31 Dec 2037 23:55:55 GMT
6001565573001
edge.api.brightcove.com/playback/v1/accounts/2540076170001/videos/ 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://edge.api.brightcove.com/playback/v1/accounts/2540076170001/videos/6001565573001
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.97.127 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-97-127.fra50.r.cloudfront.net
Software
/
Resource Hash
4ebfe84c95f49e5111baa764f6ce4f5b78a77af101a28f477bf2544905549e5d
Security Headers
Name Value
Strict-Transport-Security max-age=77766000; includeSubDomains

Request headers

Accept
application/json;pk=BCpkADawqM3Dmzg7zRlKEmzcSAqR4vFC4MpyD0075pbeW0d779IrRf-anBPDszKFRm29RtjAGKoEpMIaZ77MCa9sg3FEJvjlzLS_lu0eXl3P-dUfQsoJ3LvMbiGkYL0cJNwEvNhrJy8Fh7TG
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Strict-Transport-Security
max-age=77766000; includeSubDomains
Via
1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
BCOV-REQUEST-ID
3c5c4ece-8381-42a0-88f3-def4dcb02a27
Age
33
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
BCOV-instance
i-065c261bf97f7fe00, ce8ca2e, 2019-11-21 16:10:53.649Z
Date
Thu, 21 Nov 2019 16:10:53 GMT
X-Originating-URL
https://edge-elb.api.brightcove.com/playback/v1/accounts/2540076170001/videos/6001565573001
access-control-allow-origin
*
access-control-expose-headers
x-cache,via,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id
Cache-Control
max-age=620
X-Amz-Cf-Pop
FRA50-C1
Content-Type
application/json; charset=UTF-8
X-Amz-Cf-Id
SDidS-wFey--oJCSt0BGIwYRC7_as3QcS1-KeFmHDdyW7px_hoxWOQ==
main.19.8.29.js
static.adsafeprotected.com/ Frame 8C2D 		158 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.29.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10079&campId=300x600&pubId=4635466512&chanId=53774423&placementId=4870733667&pubCreative=138251963101&pubOrder=2435030858&cb=51464178&custom=right&adsafe_par&impId=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.166.0.32 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
anycast.static.adsafeprotected.com
Software
nginx /
Resource Hash
5aefa925c6e7bae2a0adea40573ca5f7c47244a30451566e79cbe650e55d213f

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:40 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Nov 2019 00:20:33 GMT
X-Server-Name
app32ami.ami.303net.pvt
ETag
"5dd486d1-c872"
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
51314
Server
nginx
Expires
Thu, 31 Dec 2037 23:55:55 GMT
collect
www.google-analytics.com/r/ 		35 B
132 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/r/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 21 Nov 2019 16:12:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
https://www.express.co.uk
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
112 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 21 Nov 2019 16:12:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
https://www.express.co.uk
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
112 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 21 Nov 2019 16:12:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
https://www.express.co.uk
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
112 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 21 Nov 2019 16:12:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
https://www.express.co.uk
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.19.8.29.js
static.adsafeprotected.com/ Frame 9182 		158 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.29.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10079&campId=300x250&pubId=4635466512&chanId=53774423&placementId=4870730049&pubCreative=138251763494&pubOrder=2435030858&cb=588977422&custom=right3&adsafe_par&impId=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.166.0.32 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
anycast.static.adsafeprotected.com
Software
nginx /
Resource Hash
5aefa925c6e7bae2a0adea40573ca5f7c47244a30451566e79cbe650e55d213f

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:40 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Nov 2019 00:20:33 GMT
X-Server-Name
app32ami.ami.303net.pvt
ETag
"5dd486d1-c872"
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
51314
Server
nginx
Expires
Thu, 31 Dec 2037 23:55:55 GMT
main.19.8.29.js
static.adsafeprotected.com/ Frame 4279 		158 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.29.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10079&campId=300x250&pubId=4635466512&chanId=53774423&placementId=4871301086&pubCreative=138251964595&pubOrder=2435030858&cb=1670030358&custom=right2&adsafe_par&impId=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.166.0.32 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
anycast.static.adsafeprotected.com
Software
nginx /
Resource Hash
5aefa925c6e7bae2a0adea40573ca5f7c47244a30451566e79cbe650e55d213f

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:40 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Nov 2019 00:20:33 GMT
X-Server-Name
app32ami.ami.303net.pvt
ETag
"5dd486d1-c872"
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
51314
Server
nginx
Expires
Thu, 31 Dec 2037 23:55:55 GMT
pixel
pix.spot.im/api/v1/ 		16 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pix.spot.im/api/v1/pixel?m=eyJzb3VyY2UiOiJwaXRjIiwidHlwZSI6ImxvYWRlZCIsImRvbWFpbiI6Ind3dy5leHByZXNzLmNvLnVrIiwidXJsIjoiaHR0cHM6Ly93d3cuZXhwcmVzcy5jby51ay9saWZlLXN0eWxlL3NjaWVuY2UtdGVjaG5vbG9neS8xMjA3MDAwL1dpbmRvd3MtMTAtVXBkYXRlLVJhbnNvbXdhcmUtRG8tTm90LURvd25sb2FkIiwicmVmZXJyZXIiOiJodHRwOi8vc2hyLmdzL2tXUWJ6MFIiLCJsYW5nIjoiZW4tVVMiLCJ0aW1lX2RlbHRhIjoyMzIxLCJ1aWQiOiI2NTZiODI2ZTEwYTVhMDVlYjQ2MmMyNzY5NGRiMmNiNSIsInZpc2l0X2lkIjoiNGI3NjE3Njc4YmY0ZTBkNzAyNTg2NWFiY2NiZGRiNDYiLCJkdXJhdGlvbiI6MCwiaWJfYnJvd3Nlcl9pZCI6ImI5ZGJhNjE2ZDZlMWE2MmQxNDdlYWI1ZmM5ZjgyNzkxIiwicGFnZV92aWV3X2lkIjoiOTBhNjkxYTYtMTI0MS00YjJjLTgwMjgtOWJmZWIxODkxZDk0Iiwic3BvdF9pZCI6InNwXzlMTUlOYks5IiwiY29udmVyc2F0aW9uX2lkIjoic3BfOUxNSU5iSzlfMTIwNzAwMCIsInJvdyI6MX0%3D&rnd=0.3211222786258847
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.9 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
fasthttp /
Resource Hash
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
x-spotim-device-uuid
undefined
x-spotim-page-view-id
90a691a6-1241-4b2c-8028-9bfeb1891d94
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Origin
https://www.express.co.uk

Response headers

pragma
no-cache
date
Thu, 21 Nov 2019 16:12:39 GMT
server
fasthttp
status
200
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.express.co.uk
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
access-control-allow-headers
content-type, x-spotim-device-uuid, x-spotim-page-view-id, x-spotim-source, x-xsrf-token
content-length
16
expires
Thu, 21 Nov 2019 16:12:39 GMT
5840789327001
edge.api.brightcove.com/playback/v1/accounts/2540076170001/videos/ 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://edge.api.brightcove.com/playback/v1/accounts/2540076170001/videos/5840789327001
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.97.127 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-97-127.fra50.r.cloudfront.net
Software
/
Resource Hash
2c8d118499ff0b745a9e661ba50e4383ba10ef4ea71ac38ac89376ae060d5589
Security Headers
Name Value
Strict-Transport-Security max-age=77766000; includeSubDomains

Request headers

Accept
application/json;pk=BCpkADawqM3Dmzg7zRlKEmzcSAqR4vFC4MpyD0075pbeW0d779IrRf-anBPDszKFRm29RtjAGKoEpMIaZ77MCa9sg3FEJvjlzLS_lu0eXl3P-dUfQsoJ3LvMbiGkYL0cJNwEvNhrJy8Fh7TG
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

BCOV-instance
i-08ef4bf62b1710558, ce8ca2e, 2019-11-21 16:10:53.557Z
Via
1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
BCOV-REQUEST-ID
92f98ad7-e509-46fa-b55e-dc2a2fdf6e43
X-Amz-Cf-Pop
FRA50-C1
Date
Thu, 21 Nov 2019 16:10:53 GMT
Strict-Transport-Security
max-age=77766000; includeSubDomains
X-Cache
Hit from cloudfront
Content-Type
application/json; charset=UTF-8
access-control-allow-origin
*
X-Originating-URL
https://edge-elb.api.brightcove.com/playback/v1/accounts/2540076170001/videos/5840789327001
access-control-expose-headers
x-cache,via,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id
Cache-Control
max-age=573
Transfer-Encoding
chunked
Connection
keep-alive
X-Amz-Cf-Id
Af5N4hyCWJYWTR9GEyjFvZJxrHfie_LRWMFfdzzRF_xZwx1IbIDzPg==
vidget.js
libs.outbrain.com/vidget/ 		117 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://libs.outbrain.com/vidget/vidget.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.215 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-225-215.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
620be3054be218c20226bbfc27c42976258d51e31f5f33a12cb7a7f0a91071f5

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:40 GMT
Content-Encoding
gzip
Connection
keep-alive
Content-Length
28943
Pragma
no-cache
Last-Modified
Wed, 20 Nov 2019 11:54:14 GMT
Server
Apache
ETag
"335f05fcf84ee86fddc9be9fa17f8200:1574250854"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Thu, 21 Nov 2019 16:12:40 GMT
obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame D207 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/104086/module/streamFeed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.215 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-225-215.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Host
widgets.outbrain.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Accept-Encoding
gzip, deflate, br
Cookie
obuid=8d70a77c-fe37-4c97-83f5-563d77f6ae19; akacd_widgets_routing=3751805558~rv=7~id=f1b8a7e1d14ce46a2e174e9125259783; recs_b3ba3fd2d24bb96a4531818531d757a2=0B2511542391A2476040462A2472296267A2503199273A2448313276AC1B1925901673A2241805968A2091974558A2259673206A2262793391A2468442038A2493897833A2231897664A2269058408A1848435813A2443705321A2523678243ACD1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download

Response headers

Server
Apache
ETag
"06266b158cc1a0b89268d5a7103a27c4:1503211501"
Last-Modified
Sun, 20 Aug 2017 06:45:01 GMT
Accept-Ranges
bytes
Content-Type
text/html
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
271
Cache-Control
max-age=604800
Date
Thu, 21 Nov 2019 16:12:40 GMT
Connection
keep-alive
Timing-Allow-Origin
*
Access-Control-Allow-Credentials
false
Access-Control-Allow-Methods
GET,POST
Access-Control-Allow-Origin
*
obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame CAAB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/104086/module/streamFeed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.215 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-225-215.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Host
widgets.outbrain.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Accept-Encoding
gzip, deflate, br
Cookie
obuid=8d70a77c-fe37-4c97-83f5-563d77f6ae19; akacd_widgets_routing=3751805558~rv=7~id=f1b8a7e1d14ce46a2e174e9125259783; recs_b3ba3fd2d24bb96a4531818531d757a2=0B2511542391A2476040462A2472296267A2503199273A2448313276AC1B1925901673A2241805968A2091974558A2259673206A2262793391A2468442038A2493897833A2231897664A2269058408A1848435813A2443705321A2523678243ACD1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download

Response headers

Server
Apache
ETag
"06266b158cc1a0b89268d5a7103a27c4:1503211501"
Last-Modified
Sun, 20 Aug 2017 06:45:01 GMT
Accept-Ranges
bytes
Content-Type
text/html
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
271
Cache-Control
max-age=604800
Date
Thu, 21 Nov 2019 16:12:40 GMT
Connection
keep-alive
Timing-Allow-Origin
*
Access-Control-Allow-Credentials
false
Access-Control-Allow-Methods
GET,POST
Access-Control-Allow-Origin
*
obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame B7B5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/104086/module/streamFeed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.215 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-225-215.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Host
widgets.outbrain.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Accept-Encoding
gzip, deflate, br
Cookie
obuid=8d70a77c-fe37-4c97-83f5-563d77f6ae19; akacd_widgets_routing=3751805558~rv=7~id=f1b8a7e1d14ce46a2e174e9125259783; recs_b3ba3fd2d24bb96a4531818531d757a2=0B2511542391A2476040462A2472296267A2503199273A2448313276AC1B1925901673A2241805968A2091974558A2259673206A2262793391A2468442038A2493897833A2231897664A2269058408A1848435813A2443705321A2523678243ACD1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download

Response headers

Server
Apache
ETag
"06266b158cc1a0b89268d5a7103a27c4:1503211501"
Last-Modified
Sun, 20 Aug 2017 06:45:01 GMT
Accept-Ranges
bytes
Content-Type
text/html
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
271
Cache-Control
max-age=604800
Date
Thu, 21 Nov 2019 16:12:40 GMT
Connection
keep-alive
Timing-Allow-Origin
*
Access-Control-Allow-Credentials
false
Access-Control-Allow-Methods
GET,POST
Access-Control-Allow-Origin
*
obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame F452 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/104086/module/streamFeed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.215 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-225-215.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Host
widgets.outbrain.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Accept-Encoding
gzip, deflate, br
Cookie
obuid=8d70a77c-fe37-4c97-83f5-563d77f6ae19; akacd_widgets_routing=3751805558~rv=7~id=f1b8a7e1d14ce46a2e174e9125259783; recs_b3ba3fd2d24bb96a4531818531d757a2=0B2511542391A2476040462A2472296267A2503199273A2448313276AC1B1925901673A2241805968A2091974558A2259673206A2262793391A2468442038A2493897833A2231897664A2269058408A1848435813A2443705321A2523678243ACD1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download

Response headers

Server
Apache
ETag
"06266b158cc1a0b89268d5a7103a27c4:1503211501"
Last-Modified
Sun, 20 Aug 2017 06:45:01 GMT
Accept-Ranges
bytes
Content-Type
text/html
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
271
Cache-Control
max-age=604800
Date
Thu, 21 Nov 2019 16:12:40 GMT
Connection
keep-alive
Timing-Allow-Origin
*
Access-Control-Allow-Credentials
false
Access-Control-Allow-Methods
GET,POST
Access-Control-Allow-Origin
*
obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame D79D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/104086/module/streamFeed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.215 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-225-215.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Host
widgets.outbrain.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Accept-Encoding
gzip, deflate, br
Cookie
obuid=8d70a77c-fe37-4c97-83f5-563d77f6ae19; akacd_widgets_routing=3751805558~rv=7~id=f1b8a7e1d14ce46a2e174e9125259783; recs_b3ba3fd2d24bb96a4531818531d757a2=0B2511542391A2476040462A2472296267A2503199273A2448313276AC1B1925901673A2241805968A2091974558A2259673206A2262793391A2468442038A2493897833A2231897664A2269058408A1848435813A2443705321A2523678243ACD1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download

Response headers

Server
Apache
ETag
"06266b158cc1a0b89268d5a7103a27c4:1503211501"
Last-Modified
Sun, 20 Aug 2017 06:45:01 GMT
Accept-Ranges
bytes
Content-Type
text/html
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
271
Cache-Control
max-age=604800
Date
Thu, 21 Nov 2019 16:12:40 GMT
Connection
keep-alive
Timing-Allow-Origin
*
Access-Control-Allow-Credentials
false
Access-Control-Allow-Methods
GET,POST
Access-Control-Allow-Origin
*
get
mv.outbrain.com/Multivac/api/ 		42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&settings=true&recs=true&widgetJSId=AR_22&key=NANOWDGT01&version=104086&apv=true&sig=BS0FNwdL&format=html&rand=87077&lsd=8d70a77c-fe37-4c97-83f5-563d77f6ae19&lsdt=1574352759386&pdobuid=0&osLang=en-US&va=true&cmpStat=1&srcUrl=https%3A%2F%2Fwww.express.co.uk%2Fposts%2Frss%2F59%2Ftechnology&scrW=1600&scrH=1200&t=MzAzZmZhODA2ZWQ1ZDA0YzkwY2FkNjg5MDIyY2E2ZmI=&winW=1600&winH=1200&adblck=false&secured=true&feedIdx=1&lastIdx=3&lastCardIdx=0&fAB=9549-0&ref=http%3A%2F%2Fshr.gs%2FkWQbz0R
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
e628ca19b4091d41dac5c588e0b09d11c7864ab6d44224a13d7e2aa3fd3adf97

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:12:56 GMT
content-encoding
gzip
traffic-path
CHIDC2, MDW, HHN, Europe2
x-cache
MISS, MISS
p3p
policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
status
200
x-traceid
6918b800ccad22ca027c15de58e41df4
content-length
13206
x-served-by
cache-mdw17354-MDW, cache-hhn4034-HHN
pragma
no-cache
x-timer
S1574352776.798319,VS0,VE475
vary
Accept-Encoding, User-Agent
content-type
application/json; charset=UTF-8
via
1.1 varnish, 1.1 varnish
expires
Thu, 01 Jan 1970 00:00:00 GMT
cache-control
no-cache
backend-ip
157.52.75.54
accept-ranges
bytes, bytes
x-cache-hits
0, 0
ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.215 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-225-215.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:40 GMT
Last-Modified
Thu, 21 Nov 2019 13:53:45 GMT
Server
Apache
ETag
"c52b07e749f7a09fa7b97b7e195e06ce:1574344639"
Access-Control-Allow-Methods
GET,POST
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
2326
l
mcdp-chidc2.outbrain.com/ 		4 B
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcdp-chidc2.outbrain.com/l?token=5231f7503c1236b5e6dc98fc40a842c4_511_1574352760027&tm=1915&eT=0&widgetWidth=330&widgetHeight=1778&widgetX=933&widgetY=2945&wRV=104086&pVis=1&lsd=8d70a77c-fe37-4c97-83f5-563d77f6ae19&eIdx=&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.31.142.63 Chicago, United States, ASN22075 (AS-OUTBRAIN - Outbrain, Inc., US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk

Response headers

Date
Thu, 21 Nov 2019 16:12:47 GMT
content-encoding
gzip
Strict-Transport-Security
max-age=0; includeSubDomains;
Content-Type
application/json; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
content-range
Connection
close
X-TraceId
890664b9c95fec162022adacbdd310a4
Content-Length
30
get
odb.outbrain.com/utils/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&srcUrl=https%3A%2F%2Fwww.express.co.uk%2Fposts%2Frss%2F59%2Ftechnology&settings=true&recs=true&widgetJSId=AR_2&key=NANOWDGT01&idx=3&version=104086&apv=true&sig=BS0FNwdL&format=html&va=true&rand=9479&lsd=8d70a77c-fe37-4c97-83f5-563d77f6ae19&lsdt=1574352759386&pdobuid=0&osLang=en-US&t=MzAzZmZhODA2ZWQ1ZDA0YzkwY2FkNjg5MDIyY2E2ZmI=&winW=1600&winH=1200&scrW=1600&scrH=1200&adblck=false&secured=true&cmpStat=1&ref=http%3A%2F%2Fshr.gs%2FkWQbz0R
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
e0e7ddafebfca83156acdf2858e5b1b191b202d83bbec092c7eff353de4c7d15
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=0; includeSubDomains;
content-encoding
gzip
traffic-path
CHIDC2, MDW, FRA, Europe2
x-cache
MISS, MISS
p3p
policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
status
200
x-traceid
c43abaefed64d32658af74bee92ab939
content-length
5304
x-served-by
cache-mdw17374-MDW, cache-fra19126-FRA
pragma
no-cache
x-timer
S1574352760.212393,VS0,VE320
date
Thu, 21 Nov 2019 16:12:40 GMT
vary
Accept-Encoding, User-Agent
content-type
text/x-json; charset=UTF-8
via
1.1 varnish, 1.1 varnish
expires
Thu, 01 Jan 1970 00:00:00 GMT
cache-control
no-cache
backend-ip
157.52.75.74
accept-ranges
bytes, bytes
x-cache-hits
0, 0
sca.17.4.95.js
static.adsafeprotected.com/ Frame EF1E 		81 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.4.95.js
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.166.0.32 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
anycast.static.adsafeprotected.com
Software
nginx /
Resource Hash
149c8d10677f2f6979fa28c078cf832f575ee53c397d791b739e7c4c687fe7bc

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:40 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Jun 2018 17:20:43 GMT
X-Server-Name
app32ami.ami.303net.pvt
ETag
"5b293b6b-4fda"
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
20442
Server
nginx
Expires
Thu, 31 Dec 2037 23:55:55 GMT
mon
pixel.adsafeprotected.com/ 		43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10079&campId=300x250&pubId=36174863&chanId=53774423&placementId=128001743&pubCreative=67911598703&pubOrder=282217463&cb=656476056&custom=right1&adsafe_par&impId=&adsafe_url=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&adsafe_type=abdfq&adsafe_jsinfo=,id:8bf4dd52-9b12-1d83-10f0-b11d7275e4d3,c:uCGgPW,sl:outOfView,em:true,fr:true,mn:app12ami,pt:1-5-15,wc:0.0.1600.1200,ac:948.2655.300.250,am:i,cc:948.2655.300.250,piv:0,obst:0,th:0,reas:l,br:u,abv:na,an:n,scm:publ1.grpm1,fm:rItxJKn+11|12|13|14|15|16|17|181|191|1a1|1b1|1c1|1c2|1d*.10079|1d1|1e1|1e2|1f|1g|1h|1i|1j|1k|1l,idMap:1d*,pl:,rend:1,renddet:IMG.qs,rmeas:1,es:0,sc:1,ha:1,gm:1,tt:jload,thd:1,et:430,oid:bd660fc8-0c79-11ea-8a19-002590882ece,v:19.8.29,sp:1,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.166.0.26 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
anycast.pixel.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:40 GMT
X-Server-Name
app31ami.ami.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10079&asId=8bf4dd52-9b12-1d83-10f0-b11d7275e4d3&tv={c:uCGgQy,pingTime:-2,time:467,type:a,im:{sf:0,pom:1,prf:{beA:489,beZ:490,mfA:899,cmA:899,inA:900,inZ:904,prA:904,prZ:912,si:918,poA:918,poZ:929,cmZ:929,mfZ:929,loA:940,loZ:943,ltA:954,ltZ:954,mdA:490,mdZ:840}},sca:{dfp:{df:4,sz:300.250,dom:div}},env:{gca:1},clog:[{piv:0,vs:o,r:l,w:300,h:250,t:429}],es:0,sc:1,ha:1,gm:1,slTimes:{i:0,o:468,n:0,pp:0,pm:0},slEvents:[{sl:o,t:429,wc:0.0.1600.1200,ac:948.2655.300.250,am:i,cc:948.2655.300.250,piv:0,obst:0,th:0,reas:l,bkn:{piv:[55~0],as:[55~300.250]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:rItxJKn+11|12|13|14|15|16|17|181|191|1a1|1b1|1c1|1c2|1d*.10079|1d1|1e1|1e2|1f|1g|1h|1i|1j|1k|1l,idMap:1d*,rend:1,renddet:IMG.qs,rmeas:1,slid:[google_ads_iframe_/34722903/Express/Life-Style/Science_Tech_5,google_ads_iframe_/34722903/Express/Life-Style/Science_Tech_5__container__,div-gpt-ad-141273092983474111-3,maincontainer],sinceFw:36,readyFired:true}&br=u
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.37.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
daldt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:42 GMT
X-Server-Name
dt73dal.dal.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
sca.17.4.95.js
static.adsafeprotected.com/ Frame 4A1C 		81 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.4.95.js
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.166.0.32 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
anycast.static.adsafeprotected.com
Software
nginx /
Resource Hash
149c8d10677f2f6979fa28c078cf832f575ee53c397d791b739e7c4c687fe7bc

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:40 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Jun 2018 17:20:43 GMT
X-Server-Name
app32ami.ami.303net.pvt
ETag
"5b293b6b-4fda"
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
20442
Server
nginx
Expires
Thu, 31 Dec 2037 23:55:55 GMT
mon
pixel.adsafeprotected.com/ 		43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10079&campId=1x1&pubId=113799503&chanId=53774423&placementId=218007983&pubCreative=94254180023&pubOrder=471976343&cb=1012571553&custom=middle&adsafe_par&impId=&adsafe_url=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&adsafe_type=abdfq&adsafe_jsinfo=,id:5099ff51-7a67-b3dd-bcde-e81d71a1555f,c:uCGgQT,sl:outOfView,em:true,fr:true,mn:app12ami,pt:1-5-15,wc:0.0.1600.1200,ac:323.5369.1.1,am:i,cc:323.5369.1.1,piv:0,obst:0,th:0,reas:l,br:u,abv:na,an:n,scm:publ1.grpm1,fm:rItxJKr+11|12|13|14|15|16|17|181|191|1a1|1b1|1c*.10079|1c1|1c2|1d1|1d2|1e1|1e2|1f|1g|1h|1i|1j|1k|1l,idMap:1c*,pl:,rend:0,renddet:WINDOW,rmeas:0,es:0,sc:1,ha:1,gm:1,tt:jload,thd:1,et:484,oid:bd6a0749-0c79-11ea-8577-002590882ece,v:19.8.29,sp:1,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.166.0.26 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
anycast.pixel.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:40 GMT
X-Server-Name
app31ami.ami.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
sca.17.4.95.js
static.adsafeprotected.com/ Frame D471 		81 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.4.95.js
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.166.0.32 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
anycast.static.adsafeprotected.com
Software
nginx /
Resource Hash
149c8d10677f2f6979fa28c078cf832f575ee53c397d791b739e7c4c687fe7bc

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:40 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Jun 2018 17:20:43 GMT
X-Server-Name
app32ami.ami.303net.pvt
ETag
"5b293b6b-4fda"
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
20442
Server
nginx
Expires
Thu, 31 Dec 2037 23:55:55 GMT
mon
pixel.adsafeprotected.com/ 		43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10079&campId=8x8&pubId=113799503&chanId=33739823&placementId=5225067755&pubCreative=138294843343&pubOrder=471976343&cb=1769595359&custom=&adsafe_par&impId=&adsafe_url=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&adsafe_type=abdfq&adsafe_jsinfo=,id:6c12ae68-ea65-d35a-7a88-a468e32a6436,c:uCGgRk,sl:inView,em:true,fr:true,mn:app12ami,pt:1-5-15,wc:0.0.1600.1200,ac:0.5.8.8,am:i,cc:0.5.8.8,piv:100,obst:0,th:0,reas:,br:u,abv:na,an:n,scm:publ1.grpm1,fm:rItxJKM+11|12|13|14|15|16|17|181|191|1a1|1b1|1c1|1c2|1c3|1d1|1d2|1e*.10079|1e1|1e2|1f|1g|1h|1i|1j|1k|1l,idMap:1e*,pl:,rend:0,renddet:DIV.us.sn,rmeas:1,es:0,sc:1,ha:1,gm:1,tt:jload,thd:1,et:490,oid:bd6fd3e7-0c79-11ea-8a19-002590882ece,v:19.8.29,sp:1,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.166.0.26 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
anycast.pixel.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:40 GMT
X-Server-Name
app31ami.ami.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
sca.17.4.95.js
static.adsafeprotected.com/ Frame 658C 		81 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.4.95.js
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.166.0.32 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
anycast.static.adsafeprotected.com
Software
nginx /
Resource Hash
149c8d10677f2f6979fa28c078cf832f575ee53c397d791b739e7c4c687fe7bc

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:40 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Jun 2018 17:20:43 GMT
X-Server-Name
app32ami.ami.303net.pvt
ETag
"5b293b6b-4fda"
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
20442
Server
nginx
Expires
Thu, 31 Dec 2037 23:55:55 GMT
mon
pixel.adsafeprotected.com/ 		43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10079&campId=970x250&pubId=4635466512&chanId=53774423&placementId=4870761093&pubCreative=138251962774&pubOrder=2435030858&cb=1177432811&custom=top&adsafe_par&impId=&adsafe_url=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&adsafe_type=abdfq&adsafe_jsinfo=,id:dbfa49f7-57d7-5b9a-c98f-435a2cb1896e,c:uCGgRK,sl:inView,em:true,fr:true,mn:app12ami,pt:1-5-15,wc:0.0.1600.1200,ac:308.13.970.250,am:i,cc:308.13.970.250,piv:100,obst:0,th:0,reas:,br:u,abv:na,an:n,scm:publ1.grpm1,fm:rItxJKO+11|12|13|14|15|16|17|18*.10079|181|191|1a1|1b1|1c1|1c2|1c3|1d1|1d2|1e1|1e2|1e3|1f|1g|1h|1i|1j|1k|1l,idMap:18*,pl:,rend:0,renddet:DIV,rmeas:0,es:0,sc:1,ha:1,gm:1,tt:jload,thd:1,et:514,oid:bd76b1d6-0c79-11ea-8a19-002590882ece,v:19.8.29,sp:1,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.166.0.26 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
anycast.pixel.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:40 GMT
X-Server-Name
app31ami.ami.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10079&asId=dbfa49f7-57d7-5b9a-c98f-435a2cb1896e&tv={c:uCGgRK,pingTime:-8,time:514,type:l,es:0,sc:1,ha:1,gm:1,slTimes:{i:514,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:513,wc:0.0.1600.1200,ac:308.13.970.250,am:i,cc:308.13.970.250,piv:100,obst:0,th:0,reas:,bkn:{piv:[16~100],as:[16~970.250]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:rItxJKO+11|12|13|14|15|16|17|18*.10079|181|191|1a1|1b1|1c1|1c2|1c3|1d1|1d2|1e1|1e2|1e3|1f|1g|1h|1i|1j|1k|1l,idMap:18*,rend:0,renddet:DIV,rmeas:0}&br=u
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.37.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
daldt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:42 GMT
X-Server-Name
dt65dal.dal.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10079&asId=5099ff51-7a67-b3dd-bcde-e81d71a1555f&tv={c:uCGgS3,pingTime:-2,time:556,type:a,im:{sf:0,pom:1,prf:{beA:437,beZ:438,mfA:908,cmA:909,inA:909,inZ:911,prA:911,prZ:918,si:921,poA:921,poZ:927,cmZ:927,mfZ:927,loA:935,loZ:936,ltA:992,ltZ:992,mdA:438,mdZ:811}},sca:{dfp:{df:0}},env:{gca:1},clog:[{piv:0,vs:o,r:l,w:1,h:1,t:484}],es:0,sc:1,ha:1,gm:1,slTimes:{i:0,o:556,n:0,pp:0,pm:0},slEvents:[{sl:o,t:483,wc:0.0.1600.1200,ac:323.5369.1.1,am:i,cc:323.5369.1.1,piv:0,obst:0,th:0,reas:l,bkn:{piv:[83~0],as:[83~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:rItxJKr+11|12|13|14|15|16|17|181|191|1a1|1b1|1c*.10079|1c1|1c2|1d1|1d2|1e.10079|1e1|1e2|1f|1g|1h|1i|1j|1k|1l,idMap:1c*,rend:0,renddet:WINDOW,rmeas:0,slid:[google_ads_iframe_/34722903/Express/Life-Style/Science_Tech_4,google_ads_iframe_/34722903/Express/Life-Style/Science_Tech_4__container__,div-gpt-ad-141273092983474111-6,singleArticle,maincontainer],sinceFw:71,readyFired:true}&br=u
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.37.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
daldt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:42 GMT
X-Server-Name
dt01dal.dal.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10079&asId=6c12ae68-ea65-d35a-7a88-a468e32a6436&tv={c:uCGgS5,pingTime:0,time:537,type:pf,clog:[{piv:100,vs:i,r:,w:8,h:8,t:490}],es:0,sc:1,ha:1,gm:1,slTimes:{i:537,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:490,wc:0.0.1600.1200,ac:0.5.8.8,am:i,cc:0.5.8.8,piv:100,obst:0,th:0,reas:,bkn:{piv:[57~100],as:[57~8.8]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:rItxJKM+11|12|13|14|15|16|17|181|191|1a1|1b1|1c1|1c2|1c3|1d1|1d2|1e*.10079|1e1|1e2|1f|1g|1h|1i|1j|1k|1l,idMap:1e*,rend:0,renddet:DIV.us.sn,rmeas:1}&br=u
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.37.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
daldt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:42 GMT
X-Server-Name
dt73dal.dal.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
sca.17.4.95.js
static.adsafeprotected.com/ Frame 5B7A 		81 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.4.95.js
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.166.0.32 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
anycast.static.adsafeprotected.com
Software
nginx /
Resource Hash
149c8d10677f2f6979fa28c078cf832f575ee53c397d791b739e7c4c687fe7bc

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:42 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Jun 2018 17:20:43 GMT
X-Server-Name
app60ami.ami.303net.pvt
ETag
"5b293b6b-4fda"
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
20442
Server
nginx
Expires
Thu, 31 Dec 2037 23:55:55 GMT
mon
pixel.adsafeprotected.com/ 		43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10079&campId=300x600&pubId=4635466512&chanId=53774423&placementId=4870733667&pubCreative=138251963101&pubOrder=2435030858&cb=51464178&custom=right&adsafe_par&impId=&adsafe_url=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&adsafe_type=abdfq&adsafe_jsinfo=,id:57e1b388-bcb3-34ad-a728-5d851db28235,c:uCGgSk,sl:inView,em:true,fr:true,mn:app12ami,pt:1-5-15,wc:0.0.1600.1200,ac:948.575.300.600,am:i,cc:948.575.300.600,piv:100,obst:0,th:0,reas:,br:u,abv:na,an:n,scm:publ1.grpm1,fm:rItxJL5+11|12|13|14|15|16|17|181|182|19*.10079|191|1a1|1b1|1c1|1c2|1c3|1d1|1d2|1e1|1e2|1e3|1f|1g|1h|1i|1j|1k|1l,idMap:19*,pl:,rend:0,renddet:DIV,rmeas:0,es:0,sc:1,ha:1,gm:1,tt:jload,thd:1,et:534,oid:bd7bbaf8-0c79-11ea-8a19-002590882ece,v:19.8.29,sp:1,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.166.0.26 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
anycast.pixel.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:42 GMT
X-Server-Name
app38ami.ami.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
5772475067001
edge.api.brightcove.com/playback/v1/accounts/2540076170001/videos/ 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://edge.api.brightcove.com/playback/v1/accounts/2540076170001/videos/5772475067001
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.97.127 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-97-127.fra50.r.cloudfront.net
Software
/
Resource Hash
7f4f04aece4a6edee5810ddc886f74fd58acf9bb807db384784e199e221f68ac
Security Headers
Name Value
Strict-Transport-Security max-age=77766000; includeSubDomains

Request headers

Accept
application/json;pk=BCpkADawqM3Dmzg7zRlKEmzcSAqR4vFC4MpyD0075pbeW0d779IrRf-anBPDszKFRm29RtjAGKoEpMIaZ77MCa9sg3FEJvjlzLS_lu0eXl3P-dUfQsoJ3LvMbiGkYL0cJNwEvNhrJy8Fh7TG
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

BCOV-instance
i-06421f58ab43f8b65, ce8ca2e, 2019-11-21 16:10:53.544Z
Via
1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
BCOV-REQUEST-ID
2cb6a5e3-439c-4b4e-976b-bf06068db904
X-Amz-Cf-Pop
FRA50-C1
Date
Thu, 21 Nov 2019 16:10:53 GMT
Strict-Transport-Security
max-age=77766000; includeSubDomains
X-Cache
Hit from cloudfront
Content-Type
application/json; charset=UTF-8
access-control-allow-origin
*
X-Originating-URL
https://edge-elb.api.brightcove.com/playback/v1/accounts/2540076170001/videos/5772475067001
access-control-expose-headers
x-cache,via,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id
Cache-Control
max-age=677
Connection
keep-alive
Content-Length
2963
X-Amz-Cf-Id
ZxYWjhcrIGeRk0Zpq7GkYuBF1t9EhK8MRx5hOOYA-JQbBCPWuzjuog==
dt
dt.adsafeprotected.com/ 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10079&asId=dbfa49f7-57d7-5b9a-c98f-435a2cb1896e&tv={c:uCGgSK,pingTime:0,time:576,type:pf,clog:[{piv:100,vs:i,r:,w:970,h:250,t:514}],es:0,sc:1,ha:1,gm:1,slTimes:{i:576,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:513,wc:0.0.1600.1200,ac:308.13.970.250,am:i,cc:308.13.970.250,piv:100,obst:0,th:0,reas:,bkn:{piv:[79~100],as:[79~970.250]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:rItxJKM+11|12|13|14|15|16|17|18*.10079|181|191|1a1|1b1|1c1|1c2|1c3|1d1|1d2|1e.10079|1e1|1e2|1e3|1f|1g|1h|1i|1j|1k|1l,idMap:18*,rend:0,renddet:DIV,rmeas:0}&br=u
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.37.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
daldt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:42 GMT
X-Server-Name
dt65dal.dal.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10079&asId=6c12ae68-ea65-d35a-7a88-a468e32a6436&tv={c:uCGgT7,pingTime:-2,time:601,type:a,im:{sf:0,pom:1,prf:{beA:448,beZ:449,mfA:927,cmA:927,inA:927,inZ:929,prA:929,prZ:936,si:938,poA:938,poZ:945,cmZ:945,mfZ:945,loA:986,loZ:987,ltA:1049,ltZ:1049,mdA:449,mdZ:833}},sca:{dfp:{df:0}},env:{gca:1},clog:[{piv:100,vs:i,r:,w:8,h:8,t:490}],es:0,sc:1,ha:1,gm:1,slTimes:{i:601,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:490,wc:0.0.1600.1200,ac:0.5.8.8,am:i,cc:0.5.8.8,piv:100,obst:0,th:0,reas:,bkn:{piv:[121~100],as:[121~8.8]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:rItxJKM+11|12|13|14|15|16|17|18.10079|181|19.10079|191|1a1|1b1|1c1|1c2|1c3|1d1|1d2|1e*.10079|1e1|1e2|1f|1g|1h|1i|1j|1k|1l,idMap:1e*,rend:0,renddet:DIV.us.sn,rmeas:1,slid:[google_ads_iframe_/34722903/express_0,google_ads_iframe_/34722903/express_0__container__,div-gpt-ad-vip],sinceFw:111,readyFired:true}&br=u
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.37.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
daldt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:42 GMT
X-Server-Name
dt01dal.dal.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10079&asId=57e1b388-bcb3-34ad-a728-5d851db28235&tv={c:uCGgT8,pingTime:0,time:583,type:pf,clog:[{piv:100,vs:i,r:,w:300,h:600,t:533}],es:0,sc:1,ha:1,gm:1,slTimes:{i:583,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:533,wc:0.0.1600.1200,ac:948.575.300.600,am:i,cc:948.575.300.600,piv:100,obst:0,th:0,reas:,bkn:{piv:[62~100],as:[62~300.600]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:rItxJKO+11|12|13|14|15|16|17|18.10079|181|182|19*.10079|191|1a1|1b1|1c1|1c2|1c3|1d1|1d2|1e1|1e2|1e3|1f|1g|1h|1i|1j|1k|1l,idMap:19*,rend:0,renddet:DIV,rmeas:0}&br=u
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.37.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
daldt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:42 GMT
X-Server-Name
dt73dal.dal.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10079&asId=dbfa49f7-57d7-5b9a-c98f-435a2cb1896e&tv={c:uCGgTd,pingTime:-2,time:605,type:a,im:{sf:0,pom:1,prf:{beA:395,beZ:396,mfA:892,cmA:893,inA:893,inZ:899,prA:899,prZ:906,si:910,poA:911,poZ:917,cmZ:917,mfZ:917,loA:973,loZ:974,ltA:1001,ltZ:1001,mdA:397,mdZ:804}},sca:{dfp:{df:4,sz:970.250,dom:body}},env:{gca:1},clog:[{piv:100,vs:i,r:,w:970,h:250,t:514}],es:0,sc:1,ha:1,gm:1,slTimes:{i:605,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:513,wc:0.0.1600.1200,ac:308.13.970.250,am:i,cc:308.13.970.250,piv:100,obst:0,th:0,reas:,bkn:{piv:[107~100],as:[107~970.250]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:rItxJKM+11|12|13|14|15|16|17|18*.10079|181|19.10079|191|1a1|1b1|1c1|1c2|1c3|1d1|1d2|1e.10079|1e1|1e2|1e3|1f|1g|1h|1i|1j|1k|1l,idMap:18*,rend:0,renddet:DIV,rmeas:0,slid:[google_ads_iframe_/34722903/Express/Life-Style/Science_Tech_0,google_ads_iframe_/34722903/Express/Life-Style/Science_Tech_0__container__,div-gpt-ad-141273092983474111-1,superbanner],sinceFw:90,readyFired:true}&br=u
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.37.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
daldt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:42 GMT
X-Server-Name
dt65dal.dal.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
getDocFeatures
videoclientsservicescalls.outbrain.com/ 		259 B
492 B 		Script
General
Check archive.org
Download Go to
Full URL
https://videoclientsservicescalls.outbrain.com/getDocFeatures?docId=2525443220&pubId=511&callback=OB_VidgetServiceCallBack0
Requested by
Host: libs.outbrain.com
URL: https://libs.outbrain.com/vidget/vidget.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.127 , United States, ASN22075 (AS-OUTBRAIN - Outbrain, Inc., US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
c6bb4e8827254d091a5c7d94892bf2f0f37b84ef9ec2b8a98962cb42f5c2e0cf

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 21 Nov 2019 16:12:42 GMT
Content-Encoding
gzip
Connection
close
ETag
W/"103-Yz2gVjxg5z2rTQgt3KJO8FtaAgo"
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
dt
dt.adsafeprotected.com/ 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10079&asId=57e1b388-bcb3-34ad-a728-5d851db28235&tv={c:uCGgTu,pingTime:-2,time:605,type:a,im:{sf:0,pom:1,prf:{beA:400,beZ:401,mfA:921,cmA:921,inA:921,inZ:923,prA:923,prZ:930,si:934,poA:934,poZ:940,cmZ:940,mfZ:940,loA:984,loZ:985,ltA:1005,ltZ:1005,mdA:401,mdZ:827}},sca:{dfp:{df:4,sz:300.600,dom:body}},env:{gca:1},clog:[{piv:100,vs:i,r:,w:300,h:600,t:533}],es:0,sc:1,ha:1,gm:1,slTimes:{i:605,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:533,wc:0.0.1600.1200,ac:948.575.300.600,am:i,cc:948.575.300.600,piv:100,obst:0,th:0,reas:,bkn:{piv:[84~100],as:[84~300.600]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:rItxJKO+11|12|13|14|15|16|17|18.10079|181|182|19*.10079|191|1a1|1b1|1c1|1c2|1c3|1d1|1d2|1e1|1e2|1e3|1f|1g|1h|1i|1j|1k|1l,idMap:19*,rend:0,renddet:DIV,rmeas:0,slid:[google_ads_iframe_/34722903/Express/Life-Style/Science_Tech_1,google_ads_iframe_/34722903/Express/Life-Style/Science_Tech_1__container__,div-gpt-ad-141273092983474111-2,maincontainer],sinceFw:71,readyFired:true}&br=u
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.37.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
daldt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:42 GMT
X-Server-Name
dt73dal.dal.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
sca.17.4.95.js
static.adsafeprotected.com/ Frame 9A67 		81 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.4.95.js
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.166.0.32 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
anycast.static.adsafeprotected.com
Software
nginx /
Resource Hash
149c8d10677f2f6979fa28c078cf832f575ee53c397d791b739e7c4c687fe7bc

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:42 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Jun 2018 17:20:43 GMT
X-Server-Name
app60ami.ami.303net.pvt
ETag
"5b293b6b-4fda"
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
20442
Server
nginx
Expires
Thu, 31 Dec 2037 23:55:55 GMT
mon
pixel.adsafeprotected.com/ 		43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10079&campId=300x250&pubId=4635466512&chanId=53774423&placementId=4870730049&pubCreative=138251763494&pubOrder=2435030858&cb=588977422&custom=right3&adsafe_par&impId=&adsafe_url=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&adsafe_type=abdfq&adsafe_jsinfo=,id:8726254e-12f5-87d0-fe01-d72e45462304,c:uCGgTF,sl:outOfView,em:true,fr:true,mn:app26ami,pt:1-5-15,wc:0.0.1600.1200,ac:948.7604.300.250,am:i,cc:948.7604.300.250,piv:0,obst:0,th:0,reas:l,br:u,abv:na,an:n,scm:publ1.grpm1,fm:rItxJLh+11|12|13|14|15|16|17|181|182|191|192|1a1|1b*.10079|1b1|1c1|1c2|1c3|1d1|1d2|1e1|1e2|1e3|1f|1g|1h|1i|1j|1k|1l,idMap:1b*,pl:,rend:0,renddet:DIV,rmeas:0,es:0,sc:1,ha:1,gm:1,tt:jload,thd:1,et:604,oid:bd824a37-0c79-11ea-8bec-00259086cc10,v:19.8.29,sp:1,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.166.0.26 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
anycast.pixel.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:42 GMT
X-Server-Name
app21ami.ami.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
sca.17.4.95.js
static.adsafeprotected.com/ Frame C177 		81 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.4.95.js
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.166.0.32 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
anycast.static.adsafeprotected.com
Software
nginx /
Resource Hash
149c8d10677f2f6979fa28c078cf832f575ee53c397d791b739e7c4c687fe7bc

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:42 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Jun 2018 17:20:43 GMT
X-Server-Name
app60ami.ami.303net.pvt
ETag
"5b293b6b-4fda"
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
20442
Server
nginx
Expires
Thu, 31 Dec 2037 23:55:55 GMT
mon
pixel.adsafeprotected.com/ 		43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10079&campId=300x250&pubId=4635466512&chanId=53774423&placementId=4871301086&pubCreative=138251964595&pubOrder=2435030858&cb=1670030358&custom=right2&adsafe_par&impId=&adsafe_url=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&adsafe_type=abdfq&adsafe_jsinfo=,id:c035a1cb-d6d6-7fdd-43da-ecc9a43ae5fd,c:uCGgTU,sl:outOfView,em:true,fr:true,mn:app12ami,pt:1-5-15,wc:0.0.1600.1200,ac:948.4776.300.250,am:i,cc:948.4776.300.250,piv:0,obst:0,th:0,reas:l,br:u,abv:na,an:n,scm:publ1.grpm1,fm:rItxJLj+11|12|13|14|15|16|17|181|182|191|192|1a*.10079|1a1|1b1|1b2|1c1|1c2|1c3|1d1|1d2|1e1|1e2|1e3|1f|1g|1h|1i|1j|1k|1l,idMap:1a*,pl:,rend:0,renddet:DIV,rmeas:0,es:0,sc:1,ha:1,gm:1,tt:jload,thd:1,et:618,oid:bd824a74-0c79-11ea-8577-002590882ece,v:19.8.29,sp:1,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.166.0.26 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
anycast.pixel.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:42 GMT
X-Server-Name
app28ami.ami.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
5731144511001
edge.api.brightcove.com/playback/v1/accounts/2540076170001/videos/ 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://edge.api.brightcove.com/playback/v1/accounts/2540076170001/videos/5731144511001
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.97.127 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-97-127.fra50.r.cloudfront.net
Software
/
Resource Hash
97fd6306f1eff71df1dd22be4c91ee679d4d9fb08f6453e7c691552c88e27c92
Security Headers
Name Value
Strict-Transport-Security max-age=77766000; includeSubDomains

Request headers

Accept
application/json;pk=BCpkADawqM3Dmzg7zRlKEmzcSAqR4vFC4MpyD0075pbeW0d779IrRf-anBPDszKFRm29RtjAGKoEpMIaZ77MCa9sg3FEJvjlzLS_lu0eXl3P-dUfQsoJ3LvMbiGkYL0cJNwEvNhrJy8Fh7TG
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

BCOV-instance
i-0874b6229a6edbaa8, ce8ca2e, 2019-11-21 16:10:53.535Z
Via
1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
BCOV-REQUEST-ID
b707f536-13c1-4d64-9708-9695bd5211a6
X-Amz-Cf-Pop
FRA50-C1
Date
Thu, 21 Nov 2019 16:10:53 GMT
Strict-Transport-Security
max-age=77766000; includeSubDomains
X-Cache
Hit from cloudfront
Content-Type
application/json; charset=UTF-8
access-control-allow-origin
*
X-Originating-URL
https://edge-elb.api.brightcove.com/playback/v1/accounts/2540076170001/videos/5731144511001
access-control-expose-headers
x-cache,via,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id
Cache-Control
max-age=677
Connection
keep-alive
Content-Length
2841
X-Amz-Cf-Id
VjuUz9stVStwR5m6zO0b5-qRCB4vXdt2LFDol-zHVM9SDdldcqVaYg==
native_v1.0.1536-0-ge1c0788.js
video.unrulymedia.com/native/ Frame E360 		56 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.unrulymedia.com/native/native_v1.0.1536-0-ge1c0788.js
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/native-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.192.221 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-224-192-221.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2dd90b626433f5bc2964f77a8466002ada9cfb46a5fca0e394e2b386df7dcdd3

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk

Response headers

date
Mon, 11 Nov 2019 13:35:12 GMT
content-encoding
gzip
age
873449
x-cache
Hit from cloudfront
status
200
access-control-max-age
3000
via
1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
x-amz-expiration
expiry-date="Tue, 10 Nov 2026 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified
Mon, 11 Nov 2019 13:28:19 GMT
server
AmazonS3
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
HEAD, GET
content-type
application/javascript
access-control-allow-origin
https://www.express.co.uk
cache-control
max-age=63072000
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
i2xOQgNBcrE1fG59e24cS5ucHxO4aj7iC9R0A7z7VV2RyYgT5IUauw==
native_v1.0.1536-0-ge1c0788.js
video.unrulymedia.com/native/ Frame B92D 		56 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.unrulymedia.com/native/native_v1.0.1536-0-ge1c0788.js
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/native-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.192.221 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-224-192-221.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2dd90b626433f5bc2964f77a8466002ada9cfb46a5fca0e394e2b386df7dcdd3

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk

Response headers

date
Mon, 11 Nov 2019 13:35:12 GMT
content-encoding
gzip
age
873449
x-cache
Hit from cloudfront
status
200
access-control-max-age
3000
via
1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
x-amz-expiration
expiry-date="Tue, 10 Nov 2026 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified
Mon, 11 Nov 2019 13:28:19 GMT
server
AmazonS3
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
HEAD, GET
content-type
application/javascript
access-control-allow-origin
https://www.express.co.uk
cache-control
max-age=63072000
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
QTqf8MLAo_jQCjKQeMxhFNz-79txs4v0komYShzG9B8wULOOLYRyeg==
dt
dt.adsafeprotected.com/ 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10079&asId=8726254e-12f5-87d0-fe01-d72e45462304&tv={c:uCGgUt,pingTime:-2,time:654,type:a,im:{sf:0,pom:1,prf:{beA:363,beZ:365,mfA:958,cmA:958,inA:958,inZ:960,prA:960,prZ:965,si:968,poA:968,poZ:971,cmZ:971,mfZ:971,loA:997,loZ:998,ltA:1018,ltZ:1018,mdA:365,mdZ:800}},sca:{dfp:{df:4,sz:300.250,dom:body}},env:{gca:1},clog:[{piv:0,vs:o,r:l,w:300,h:250,t:604}],es:0,sc:1,ha:1,gm:1,slTimes:{i:0,o:654,n:0,pp:0,pm:0},slEvents:[{sl:o,t:604,wc:0.0.1600.1200,ac:948.7604.300.250,am:i,cc:948.7604.300.250,piv:0,obst:0,th:0,reas:l,bkn:{piv:[59~0],as:[59~300.250]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:rItxJLh+11|12|13|14|15|16|17|181|182|191|192|1a.10079|1a1|1b*.10079|1b1|1c1|1c2|1c3|1d1|1d2|1e1|1e2|1e3|1f|1g|1h|1i|1j|1k|1l,idMap:1b*,rend:0,renddet:DIV,rmeas:0,slid:[google_ads_iframe_/34722903/Express/Life-Style/Science_Tech_3,google_ads_iframe_/34722903/Express/Life-Style/Science_Tech_3__container__,div-gpt-ad-141273092983474111-5,maincontainer],sinceFw:50,readyFired:true}&br=u
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.37.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
daldt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:43 GMT
X-Server-Name
dt74dal.dal.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10079&asId=c035a1cb-d6d6-7fdd-43da-ecc9a43ae5fd&tv={c:uCGgUv,pingTime:-2,time:654,type:a,im:{sf:0,pom:1,prf:{beA:400,beZ:401,mfA:1006,cmA:1007,inA:1007,inZ:1008,prA:1008,prZ:1015,si:1018,poA:1018,poZ:1022,cmZ:1022,mfZ:1022,loA:1036,loZ:1036,ltA:1054,ltZ:1054,mdA:401,mdZ:856}},sca:{dfp:{df:4,sz:300.250,dom:body}},env:{gca:1},clog:[{piv:0,vs:o,r:l,w:300,h:250,t:617}],es:0,sc:1,ha:1,gm:1,slTimes:{i:0,o:654,n:0,pp:0,pm:0},slEvents:[{sl:o,t:617,wc:0.0.1600.1200,ac:948.4776.300.250,am:i,cc:948.4776.300.250,piv:0,obst:0,th:0,reas:l,bkn:{piv:[47~0],as:[47~300.250]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:rItxJLh+11|12|13|14|15|16|17|181|182|191|192|1a*.10079|1a1|1b.10079|1b1|1b2|1c1|1c2|1c3|1d1|1d2|1e1|1e2|1e3|1f|1g|1h|1i|1j|1k|1l,idMap:1a*,rend:0,renddet:DIV,rmeas:0,slid:[google_ads_iframe_/34722903/Express/Life-Style/Science_Tech_2,google_ads_iframe_/34722903/Express/Life-Style/Science_Tech_2__container__,div-gpt-ad-141273092983474111-4,maincontainer],sinceFw:36,readyFired:true}&br=u
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.37.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
daldt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:43 GMT
X-Server-Name
dt74dal.dal.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
216448
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/216448
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Origin
https://www.express.co.uk
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
x-openrtb-version
2.3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type
application/json

Response headers

Date
Thu, 21 Nov 2019 16:12:41 GMT
X-SpotX-Timing-Transform
0.000711
X-SpotX-Timing-SpotMarket
0.030388
X-SpotX-Timing-Page-Mux
0.000381
X-SpotX-Timing-Page-Require
0.000513
X-fe
057
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000041
X-SpotX-Timing-Page
0.038418
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.003334
Last-Modified
Thu, 21 Nov 2019 16:12:41 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.030388
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.express.co.uk
X-SpotX-Timing-Page-Misc
0.003032
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000017
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 8488 		42 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv3_zYM1U--QH8pkZGfhLHwEoKlQgUq6PA8ATCu0FK6socMtd9GKwU9cpX4dnPqlPpqNCM3vlZLu9jkuzTfts-YjSH9KnGWEu_RyycQU0k&sig=Cg0ArKJSzIBGxaHWQLUKEAE&adk=2965745391&tt=-1&bs=1585%2C1200&mtos=1013,1013,1013,1013,1013&tos=1013,0,0,0,0&p=5,0,13,8&mcvt=1013&rs=0&ht=0&tfs=142&tls=1155&mc=1&lte=1&bas=0&bac=0&met=ce&avms=nio&exg=1&md=2&lm=2&rst=1574352759172&dlt&rpt=238&isd=0&msd=0&ext&imams=1&xdi=0&mxd=1&ps=1585%2C9200&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-4-10-2-9-9-0-0-0&tvt=1154&is=8%2C8&iframe_loc=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&r=v&id=osdim&vs=4&uc=10&upc=1&tgt=DIV&cl=1&cec=1&clc=1&cac=1&cd=0x0&itpl=19&v=20191115
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Nov 2019 16:12:42 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
mcdp-chidc2.outbrain.com/ 		4 B
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcdp-chidc2.outbrain.com/l?token=fcd31c4ef33c8007fd151a2edac37cb1_511_1574352760468&tm=2311&eT=0&widgetWidth=590&widgetHeight=150&widgetX=323&widgetY=1450&wRV=104086&pVis=1&lsd=8d70a77c-fe37-4c97-83f5-563d77f6ae19&eIdx=&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.31.142.63 Chicago, United States, ASN22075 (AS-OUTBRAIN - Outbrain, Inc., US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk

Response headers

Date
Thu, 21 Nov 2019 16:12:55 GMT
content-encoding
gzip
Strict-Transport-Security
max-age=0; includeSubDomains;
Content-Type
application/json; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
content-range
Connection
close
X-TraceId
f00b1afb1c1b61662ab2659018336974
Content-Length
30
eyJpdSI6ImUwM2I5ODU1NTRlYTcyZDg0NmY0Mzc2MzI0MmI2YjE0YmU0NzNhZGIzMDI2MDFmZTI3NWI3YmQzNjQ4ODdjOGEiLCJ3IjoxNzAsImgiOjExMywiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImUwM2I5ODU1NTRlYTcyZDg0NmY0Mzc2MzI0MmI2YjE0YmU0NzNhZGIzMDI2MDFmZTI3NWI3YmQzNjQ4ODdjOGEiLCJ3IjoxNzAsImgiOjExMywiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.226.107 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-226-107.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
246d861f062b7371dbe74ca8f82a70cda272128b37c1c681a72a980aae18e49a
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Strict-Transport-Security
max-age=0; includeSubDomains;
Content-Encoding
gzip
Last-Modified
Fri, 18 Oct 2019 06:42:19 GMT
Date
Thu, 21 Nov 2019 16:12:54 GMT
Vary
Accept-Encoding
Content-Type
image/webp
Cache-Control
max-age=266132
Connection
keep-alive
X-TraceId
e84a157d425a2d2f5857c9abcb1ea633
Timing-Allow-Origin
*
Content-Length
18203
skin-1007979.json
video.unrulymedia.com/native/skins/ Frame E360 		577 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.unrulymedia.com/native/skins/skin-1007979.json
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.192.221 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-224-192-221.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
48522e7229ed1d7a2a00beaa225a86edcbd5c67e3e09ac3600417579fc932451

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:11:44 GMT
via
1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
57
x-cache
Hit from cloudfront
status
200
content-length
577
x-amz-expiration
expiry-date="Fri, 23 Oct 2026 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified
Thu, 24 Oct 2019 17:54:29 GMT
server
AmazonS3
etag
"d7a665c94cc32c2a58d3f56962dad69c"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET
content-type
application/json
access-control-allow-origin
https://www.express.co.uk
cache-control
max-age=3600
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
3zFu26bDHHGJuYRnDyQNsi83weJF25gH3WfbEOW4feBJOHLCGP6XDQ==
skin-1089072.json
video.unrulymedia.com/native/skins/ Frame B92D 		857 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.unrulymedia.com/native/skins/skin-1089072.json
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.192.221 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-224-192-221.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
393f296ee2b386d941e99eefe70a3ad421772bd8e16b01157405ae3d059b8cc4

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:08:04 GMT
via
1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
277
x-cache
Hit from cloudfront
status
200
content-length
857
x-amz-expiration
expiry-date="Tue, 17 Nov 2026 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified
Mon, 18 Nov 2019 10:28:12 GMT
server
AmazonS3
etag
"ae5e40d80f8627ccc3e34317e7106237"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET
content-type
application/json
access-control-allow-origin
https://www.express.co.uk
cache-control
max-age=3600
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
NCP0jEgL-insHDpW6TMXrCgoWjN2mjKgSaWa1Y29ipneNC_kYHKeZg==
third-party-iframes.html
video.unrulymedia.com/iframes/ Frame DD0E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://video.unrulymedia.com/iframes/third-party-iframes.html?h=v1.0.1536-0-ge1c0788&siteId=1007979
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.192.221 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-224-192-221.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

:method
GET
:authority
video.unrulymedia.com
:scheme
https
:path
/iframes/third-party-iframes.html?h=v1.0.1536-0-ge1c0788&siteId=1007979
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download

Response headers

status
200
content-type
text/html
content-length
466
date
Tue, 19 Nov 2019 18:31:17 GMT
last-modified
Tue, 19 Nov 2019 18:22:45 GMT
x-amz-expiration
expiry-date="Wed, 18 Nov 2026 00:00:00 GMT", rule-id="Delete after 7 years"
etag
"087708d5fdfee49a9ee50f404f3137ad"
cache-control
max-age=600
accept-ranges
bytes
server
AmazonS3
x-cache
RefreshHit from cloudfront
via
1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
Csp8xeL33PuytFHx1wEbDDZjo8p_0xPlFqzHPMaeWfYndmxQWd8S-g==
activeview
pagead2.googlesyndication.com/pcs/ Frame C6A7 		42 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvMLYp_1JHimqHN4mR7qbnp3PZr3GmeO7gct370hU_MuRj5UUOJtLn8U7Kl4o6ggzKmnKshl5aH3v_-_iM97Pfws61DXbZugYPSv_0w8Zs&sig=Cg0ArKJSzOSZGjafC3fnEAE&adk=1151462024&tt=-1&bs=1585%2C1200&mtos=1092,1092,1092,1092,1092&tos=1092,0,0,0,0&p=13,308,263,1278&mcvt=1092&rs=0&ht=0&tfs=122&tls=1214&mc=1&lte=1&bas=0&bac=0&met=mue&la=1&avms=nio&exg=1&md=2&lm=2&rst=1574352759102&dlt&rpt=342&isd=0&msd=0&ext&imams=1&xdi=0&mxd=1&ps=1585%2C9200&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-2-10-2-9-9-0-0-0&tvt=1214&is=970%2C250&iframe_loc=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&r=v&id=osdim&vs=4&uc=10&upc=1&tgt=DIV&cl=1&cec=1&clc=1&cac=1&cd=0x0&itpl=19&v=20191115
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Nov 2019 16:12:42 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
chunk-vendors~populatePlacement-465c44968aea1f318a35.js
video.unrulymedia.com/native/chunks/ Frame E360 		111 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.unrulymedia.com/native/chunks/chunk-vendors~populatePlacement-465c44968aea1f318a35.js
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/native_v1.0.1536-0-ge1c0788.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.192.221 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-224-192-221.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37b82ea78d7eb3d814ea0efcaa541be57c0a5334035b24296b70fcd589ce8da1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk

Response headers

date
Thu, 24 Oct 2019 21:44:00 GMT
content-encoding
gzip
age
2399321
x-cache
Hit from cloudfront
status
200
access-control-max-age
3000
via
1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
x-amz-expiration
expiry-date="Fri, 23 Oct 2026 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified
Thu, 24 Oct 2019 15:09:13 GMT
server
AmazonS3
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
HEAD, GET
content-type
application/javascript
access-control-allow-origin
https://www.express.co.uk
cache-control
max-age=63072000
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
mrYDtFxJF9a1girOqgwqxJrCPmhlK1LGXbuHqUHnrXItT9BfINfJsg==
chunk-populatePlacement-d0f7818b6a6b837d256e.js
video.unrulymedia.com/native/chunks/ Frame E360 		80 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.unrulymedia.com/native/chunks/chunk-populatePlacement-d0f7818b6a6b837d256e.js
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/native_v1.0.1536-0-ge1c0788.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.192.221 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-224-192-221.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2a3eb37c92ba5a7c2683e9e188859326a45c87e4cbf73ca3361fa43bdb12c32a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk

Response headers

date
Mon, 11 Nov 2019 13:35:44 GMT
content-encoding
gzip
age
873417
x-cache
Hit from cloudfront
status
200
access-control-max-age
3000
via
1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
x-amz-expiration
expiry-date="Tue, 10 Nov 2026 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified
Mon, 11 Nov 2019 13:28:22 GMT
server
AmazonS3
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
HEAD, GET
content-type
application/javascript
access-control-allow-origin
https://www.express.co.uk
cache-control
max-age=63072000
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
3vyjJJmYbQ2XjGdzdApMAdeVDsEpigc2orIcCL3_g2e86spk_ERmRw==
activeview
pagead2.googlesyndication.com/pcs/ Frame DEE6 		42 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss4v1hMqPYNRQtcZXm9h8Zv8gl2mvldypM-CrSf6nsXX2Ypt8dpGzwqnT-2-BU-6pRIJyevgbblMpPu1emzB5zTz6OxK2l9GzgPABy3LHo&sig=Cg0ArKJSzAEanr8uLq7JEAE&adk=2299454366&tt=-1&bs=1585%2C1200&mtos=1098,1098,1098,1098,1098&tos=1098,0,0,0,0&p=497,948,1097,1248&mcvt=1098&rs=0&ht=0&tfs=112&tls=1210&mc=1&lte=1&bas=0&bac=0&met=mue&avms=nio&exg=1&md=2&lm=2&rst=1574352759106&dlt&rpt=353&isd=0&msd=0&ext&imams=1&xdi=0&mxd=1&ps=1585%2C9200&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-4-10-2-9-9-0-0-0&tvt=1209&is=300%2C600&iframe_loc=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&r=v&id=osdim&vs=4&uc=10&upc=1&tgt=DIV&cl=1&cec=1&clc=1&cac=1&cd=0x0&itpl=19&v=20191115
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Nov 2019 16:12:42 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10079&asId=8bf4dd52-9b12-1d83-10f0-b11d7275e4d3&tv={c:uCGgYw,pingTime:-10,time:961,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.4.95v220002022020220000022002222000022220202020222220222220002222022002222200002220222022222222222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002002202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022222220020222222000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNC45NXYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNC45NXZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8MTZ8fG58fDB8fG58fExpbnV4IHg4Nl82NHx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzYpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS83OC4wLjM5MDQuOTcgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1574352760760||f7ebff11fa07d57fd95fe6e88665768d||97e048a74dc1fffe07e5f0fcd0e165a4||596dd1e5d5890d2248ed621b7528821a||be32f6b6c02b180a9f3d9d4bb1ee75e8||6ef76081663f06af091d955e0008f94d||cc2d6e3c060d51bd69d8058aacc0c139||a09b078c21e13c07816a76b92350fbdc||1529428597}
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.37.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
daldt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:44 GMT
X-Server-Name
dt74dal.dal.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
blank.gif
stats3.unrulymedia.com/ Frame B92D 		43 B
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats3.unrulymedia.com/blank.gif?t=multiple_placements_not_supported&placementName=Express.co.uk%20-%20In-Article%20-%20Mobile%20%5BFormat%201%5D&adf=inarticle&imp%5B0%5D.placement=3&supplyMode=direct&message=multiple_placements_not_supported&app=native&pid=1089072&isMobile=false&pageLoadId=76892143&unr.site.env=html&ts=2019-11-21T16%253A12%253A40.766-%252B01%253A00&perf_consent_start=1574352760621&perf_corejs_start=1574352759370&perf_corejs_end=1574352760622&perf_skin_start=1574352760622&perf_skin_end=1574352760716&id=840739269&d=1574352760767&h=v1.0.1536-0-ge1c0788
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
34.243.121.135 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-243-121-135.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.2 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:44 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.4.2
X-Unruly-Server
stats3n-eu-074.unrulymedia.com
P3P
CP="CUR IVDo OUR IND"
Cache-Control
no-store,no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
blank.gif
stats3.unrulymedia.com/ Frame E360 		43 B
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats3.unrulymedia.com/blank.gif?t=pp_adcall&site.ref=http%3A%2F%2Fshr.gs%2FkWQbz0R&site.page=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&site.domain=www.express.co.uk&placementName=Express.co.uk%20-%20In-Article%20-%20Desktop&adf=inarticle&imp%5B0%5D.placement=3&supplyMode=direct&app=native&pid=1007979&isMobile=false&pageLoadId=76892143&unr.site.env=html&ts=2019-11-21T16%253A12%253A40.855-%252B01%253A00&perf_consent_start=1574352760594&perf_corejs_start=1574352759356&perf_corejs_end=1574352760594&perf_skin_start=1574352760595&perf_skin_end=1574352760643&perf_adAge_start=1574352760854&id=666693881&d=1574352760856&h=v1.0.1536-0-ge1c0788
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
34.243.121.135 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-243-121-135.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.2 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:44 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.4.2
X-Unruly-Server
stats3n-eu-074.unrulymedia.com
P3P
CP="CUR IVDo OUR IND"
Cache-Control
no-store,no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
2.2
targeting.unrulymedia.com/openrtb/ Frame E360 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/openrtb/2.2?uuid=c8cbc087-209b-469c-b63f-d08cbb223799&site.ref=http%3A%2F%2Fshr.gs%2FkWQbz0R&site.page=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&site.domain=www.express.co.uk&video_width=590&video_height=331&allowDisplay=false&imp%5B0%5D.placement=3&unr.site.env=html&h=v1.0.1536-0-ge1c0788
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/chunks/chunk-populatePlacement-d0f7818b6a6b837d256e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.189.67 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-72-189-67.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk

Response headers

status
204
date
Thu, 21 Nov 2019 16:12:41 GMT
access-control-allow-credentials
true
access-control-allow-origin
https://www.express.co.uk
x-unruly-server
c7-unrulyx-eu-d440.unrulymedia.com
p3p
CP="CUR IVDo OUR IND"
6002961541001
edge.api.brightcove.com/playback/v1/accounts/2540076170001/videos/ 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://edge.api.brightcove.com/playback/v1/accounts/2540076170001/videos/6002961541001
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.97.127 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-97-127.fra50.r.cloudfront.net
Software
/
Resource Hash
5af10812b4e416cbf0067a044a1e342dcecf5e0a3170b0d432578b4906757383
Security Headers
Name Value
Strict-Transport-Security max-age=77766000; includeSubDomains

Request headers

Accept
application/json;pk=BCpkADawqM3Dmzg7zRlKEmzcSAqR4vFC4MpyD0075pbeW0d779IrRf-anBPDszKFRm29RtjAGKoEpMIaZ77MCa9sg3FEJvjlzLS_lu0eXl3P-dUfQsoJ3LvMbiGkYL0cJNwEvNhrJy8Fh7TG
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

BCOV-instance
i-0a138477fb65730b0, ce8ca2e, 2019-11-21 16:10:53.466Z
Via
1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
BCOV-REQUEST-ID
25ec0fe3-1e79-4f4d-a451-56ad553b1a6f
X-Amz-Cf-Pop
FRA50-C1
Date
Thu, 21 Nov 2019 16:10:53 GMT
Strict-Transport-Security
max-age=77766000; includeSubDomains
X-Cache
Hit from cloudfront
Content-Type
application/json; charset=UTF-8
access-control-allow-origin
*
X-Originating-URL
https://edge-elb.api.brightcove.com/playback/v1/accounts/2540076170001/videos/6002961541001
access-control-expose-headers
x-cache,via,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id
Cache-Control
max-age=478
Connection
keep-alive
Content-Length
2918
X-Amz-Cf-Id
eRHcImy_G4nhL4iDXIjV19fmCHrXgYpCCCHrygXu6iTunPo4iSJoDA==
pixel.gif
px.moatads.com/ 		43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=34&ud=false&qa=1600&qb=1200&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qi=1600&qj=1200&ql=&qo=0&qm=-60&qn=6OZw%3DoHB%2CEF%3FKC1I%3Cq.bWoCSV2W0Su*TDXlCfX2iR2%25(GyHN%3DI(%2C%3Ba15lK1t!9Zp%5B)1xfq_GUKB%7BJ9AKqD(ao%5DDXx2Tlw4%26ExM_1g%2Bk6lRV%3BO5FN6tRAlTJ%3F_v%3D(tN%23V.xm9%25KMD4YP%60T11K%3E(7b%5DQ%22_KF5%5D5%2F%5BGI%3F4Y5iO%3Dn%3CG.ueM!z!18YCC2J.bq!CASw%5EXm0o(%2FLyhqFBjK7%3DuCbR%7CDoD%3DhOIs11_iCuIE)5.Efn%3Bb%25r%2F%7DMCMYUWx%3DoFj9yG3%3FjGT%22Wf%3CN%5B*XlKat.Y%7BQOuSFeAv1%7CE.fa48FJ%7B%26WQVqDgDd%2C.6m3w_2C6kFU%3BCB%5BpzR2%5E%2Cd%5B(Tr%2C..8WLdA1%3BxTiWiePpw4iqi%3CF%5BZ5*%3FVI2%2F%2B%5BoHBw24IQ%406kSP_1c%2Ceec!6t9B%2CN%3Ey)%2ChXbvU37_*NhSfBghz%5D*vOJ%23_%3DNoUA%5DRgBU_Gr1%3E%3AHuFTn%3ADXqJHZ%3BR%23y%2Ca%3Bio8bYLaXBjA%3AmQ)%3CF!tAbjrzJ%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BW5.NO)WxX*a%24%3D!L2C9WiKjOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7BlTr1W*d%5BOCF%259%3CUYoo813_xB%2CN%7CDoD%3DhA&qp=00000&qq=000000000000&qr=0&gz=0&hh=0&hn=0&qt=0&i=NANDSCONTENT1&hp=1&pl=1&cm=1&kq=1&bq=0&f=0&j=http%3A%2F%2Fshr.gs&o=3&t=1574352758979&de=4526693643&m=0&ar=de60227-clean&q=1&cb=0&cu=1574352758979&ll=2&ln=0&em=0&en=0&d=express.co.uk%3AWindows%2010%20update%20is%20packed%20with%20dangerous%20ransomware%20-%20do%20not%20download!%3A__page__%3A-&qs=1&gw=nandscontent759292113&fd=1&ac=1&it=500&fs=98334&na=1470698868&cs=0
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
72.247.226.64 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-226-64.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:44 GMT
Last-Modified
Fri, 20 May 2016 15:16:00 GMT
Server
AkamaiNetStorage
ETag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Thu, 21 Nov 2019 16:12:44 GMT
6002961541001
edge.api.brightcove.com/playback/v1/accounts/2540076170001/videos/ 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://edge.api.brightcove.com/playback/v1/accounts/2540076170001/videos/6002961541001
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.97.127 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-97-127.fra50.r.cloudfront.net
Software
/
Resource Hash
5af10812b4e416cbf0067a044a1e342dcecf5e0a3170b0d432578b4906757383
Security Headers
Name Value
Strict-Transport-Security max-age=77766000; includeSubDomains

Request headers

Accept
application/json;pk=BCpkADawqM3Dmzg7zRlKEmzcSAqR4vFC4MpyD0075pbeW0d779IrRf-anBPDszKFRm29RtjAGKoEpMIaZ77MCa9sg3FEJvjlzLS_lu0eXl3P-dUfQsoJ3LvMbiGkYL0cJNwEvNhrJy8Fh7TG
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

BCOV-instance
i-0a138477fb65730b0, ce8ca2e, 2019-11-21 16:10:53.466Z
Via
1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
BCOV-REQUEST-ID
25ec0fe3-1e79-4f4d-a451-56ad553b1a6f
X-Amz-Cf-Pop
FRA50-C1
Date
Thu, 21 Nov 2019 16:10:53 GMT
Strict-Transport-Security
max-age=77766000; includeSubDomains
X-Cache
Hit from cloudfront
Content-Type
application/json; charset=UTF-8
access-control-allow-origin
*
X-Originating-URL
https://edge-elb.api.brightcove.com/playback/v1/accounts/2540076170001/videos/6002961541001
access-control-expose-headers
x-cache,via,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id
Cache-Control
max-age=478
Connection
keep-alive
Content-Length
2918
X-Amz-Cf-Id
YkYtklvRkHP_LkdvgjJXWGD8v8pBRQG27NtxQR-ovSOrM5zpv0NRdA==
tracker
metrics.brightcove.com/v2/ 		35 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=8e57aa78cd35e847c21b0502&account=2540076170001&destination=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&platform_version=6.19.2&player=players.brightcove.com%2F2540076170001%2FVLKU4hbDPX_default&player_name=%5BEXPRESS%5D%20-%20v3.3%20Click%20to%20Play%20prebid.js&source=http%3A%2F%2Fshr.gs%2FkWQbz0R&event=catalog_response&url=https%3A%2F%2Fedge.api.brightcove.com%2Fplayback%2Fv1%2Faccounts%2F2540076170001%2Fvideos%2F5454038390001&time=1574352761267&response_time_ms=2009&BCOV-instance=i-07e32d5cd2daa19c9%2C%20ce8ca2e%2C%202019-11-21%2016%3A02%3A05.277Z&X-Cache=Hit%20from%20cloudfront&Via=1.1%20bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net%20(CloudFront)&X-Amz-Cf-Id=uo_SFH2viRHM6ezZ8G0893fFRNWPTvQ4Gdu_7Gvso9Iy_kWHXAk1oA%3D%3D&seq=13
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.244.232.184 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
184.232.244.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
via
1.1 google
date
Thu, 21 Nov 2019 16:12:43 GMT
content-type
image/gif
status
200
cache-control
must-revalidate,no-cache,no-store
alt-svc
clear
content-length
35
tracker
metrics.brightcove.com/v2/ 		35 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=8e57aa78cd35e847c21b0502&account=2540076170001&destination=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&platform_version=6.19.2&player=players.brightcove.com%2F2540076170001%2FVLKU4hbDPX_default&player_name=%5BEXPRESS%5D%20-%20v3.3%20Click%20to%20Play%20prebid.js&source=http%3A%2F%2Fshr.gs%2FkWQbz0R&event=catalog_response&url=https%3A%2F%2Fedge.api.brightcove.com%2Fplayback%2Fv1%2Faccounts%2F2540076170001%2Fvideos%2F6002961541001&time=1574352761385&response_time_ms=2127&BCOV-instance=i-0a138477fb65730b0%2C%20ce8ca2e%2C%202019-11-21%2016%3A10%3A53.466Z&X-Cache=Hit%20from%20cloudfront&Via=1.1%20bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net%20(CloudFront)&X-Amz-Cf-Id=12Rt0e2LcGCHA4GBE2y4dkqG80UaSmXBf9d6_PsupVGpytQEaFw1cg%3D%3D&seq=14
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.244.232.184 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
184.232.244.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
via
1.1 google
date
Thu, 21 Nov 2019 16:12:43 GMT
content-type
image/gif
status
200
cache-control
must-revalidate,no-cache,no-store
alt-svc
clear
content-length
35
dt
dt.adsafeprotected.com/ 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10079&asId=dbfa49f7-57d7-5b9a-c98f-435a2cb1896e&tv={c:uCGh8S,pingTime:1,time:1576,type:p,clog:[{piv:100,vs:i,r:,w:970,h:250,t:514}],es:0,sc:1,ha:1,gm:1,slTimes:{i:1576,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:513,wc:0.0.1600.1200,ac:308.13.970.250,am:i,cc:308.13.970.250,piv:100,obst:0,th:0,reas:,bkn:{piv:[1078~100],as:[1078~970.250]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:rItxJKM+11|12|13|14|15|16|17|18*.10079|181|19.10079|191|1a.10079|1a1|1b.10079|1b1|1c1|1c2|1c3|1d1|1d2|1e.10079|1e1|1e2|1e3|1f|1g|1h|1i|1j|1k|1l,idMap:18*,rend:0,renddet:DIV,rmeas:0}&br=u
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.37.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
daldt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:44 GMT
X-Server-Name
dt74dal.dal.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10079&asId=dbfa49f7-57d7-5b9a-c98f-435a2cb1896e&tv={c:uCGh8T,pingTime:1,time:1577,type:pf,clog:[{piv:100,vs:i,r:,w:970,h:250,t:514}],es:0,sc:1,ha:1,gm:1,slTimes:{i:1577,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:513,wc:0.0.1600.1200,ac:308.13.970.250,am:i,cc:308.13.970.250,piv:100,obst:0,th:0,reas:,bkn:{piv:[1079~100],as:[1079~970.250]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:rItxJKM+11|12|13|14|15|16|17|18*.10079|181|19.10079|191|1a.10079|1a1|1b.10079|1b1|1c1|1c2|1c3|1d1|1d2|1e.10079|1e1|1e2|1e3|1f|1g|1h|1i|1j|1k|1l,idMap:18*,rend:0,renddet:DIV,rmeas:0}&br=u
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.37.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
daldt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:44 GMT
X-Server-Name
dt78dal.dal.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10079&asId=dbfa49f7-57d7-5b9a-c98f-435a2cb1896e&tv={c:uCGh8T,pingTime:1,time:1577,type:c,clog:[{piv:100,vs:i,r:,w:970,h:250,t:514}],es:0,sc:1,ha:1,gm:1,slTimes:{i:1577,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:513,wc:0.0.1600.1200,ac:308.13.970.250,am:i,cc:308.13.970.250,piv:100,obst:0,th:0,reas:,bkn:{piv:[1079~100],as:[1079~970.250]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:rItxJKM+11|12|13|14|15|16|17|18*.10079|181|19.10079|191|1a.10079|1a1|1b.10079|1b1|1c1|1c2|1c3|1d1|1d2|1e.10079|1e1|1e2|1e3|1f|1g|1h|1i|1j|1k|1l,idMap:18*,rend:0,renddet:DIV,rmeas:0,metricId:publ1}&br=u
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.37.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
daldt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:44 GMT
X-Server-Name
dt74dal.dal.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10079&asId=dbfa49f7-57d7-5b9a-c98f-435a2cb1896e&tv={c:uCGh8U,pingTime:1,time:1578,type:c,clog:[{piv:100,vs:i,r:,w:970,h:250,t:514}],es:0,sc:1,ha:1,gm:1,slTimes:{i:1578,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:513,wc:0.0.1600.1200,ac:308.13.970.250,am:i,cc:308.13.970.250,piv:100,obst:0,th:0,reas:,bkn:{piv:[1080~100],as:[1080~970.250]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:rItxJKM+11|12|13|14|15|16|17|18*.10079|181|19.10079|191|1a.10079|1a1|1b.10079|1b1|1c1|1c2|1c3|1d1|1d2|1e.10079|1e1|1e2|1e3|1f|1g|1h|1i|1j|1k|1l,idMap:18*,rend:0,renddet:DIV,rmeas:0,metricId:grpm1}&br=u
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.37.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
daldt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:44 GMT
X-Server-Name
dt78dal.dal.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10079&asId=6c12ae68-ea65-d35a-7a88-a468e32a6436&tv={c:uCGh8Y,pingTime:1,time:1584,type:p,clog:[{piv:100,vs:i,r:,w:8,h:8,t:490}],es:0,sc:1,ha:1,gm:1,slTimes:{i:1584,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:490,wc:0.0.1600.1200,ac:0.5.8.8,am:i,cc:0.5.8.8,piv:100,obst:0,th:0,reas:,bkn:{piv:[1104~100],as:[1104~8.8]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:rItxJKM+11|12|13|14|15|16|17|18.10079|181|19.10079|191|1a.10079|1a1|1b.10079|1b1|1c1|1c2|1c3|1d1|1d2|1e*.10079|1e1|1e2|1f|1g|1h|1i|1j|1k|1l,idMap:1e*,rend:0,renddet:DIV.us.sn,rmeas:1}&br=u
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.37.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
daldt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:44 GMT
X-Server-Name
dt74dal.dal.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10079&asId=6c12ae68-ea65-d35a-7a88-a468e32a6436&tv={c:uCGh8Z,pingTime:1,time:1585,type:pf,clog:[{piv:100,vs:i,r:,w:8,h:8,t:490}],es:0,sc:1,ha:1,gm:1,slTimes:{i:1585,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:490,wc:0.0.1600.1200,ac:0.5.8.8,am:i,cc:0.5.8.8,piv:100,obst:0,th:0,reas:,bkn:{piv:[1105~100],as:[1105~8.8]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:rItxJKM+11|12|13|14|15|16|17|18.10079|181|19.10079|191|1a.10079|1a1|1b.10079|1b1|1c1|1c2|1c3|1d1|1d2|1e*.10079|1e1|1e2|1f|1g|1h|1i|1j|1k|1l,idMap:1e*,rend:0,renddet:DIV.us.sn,rmeas:1}&br=u
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.37.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
daldt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:44 GMT
X-Server-Name
dt68dal.dal.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10079&asId=6c12ae68-ea65-d35a-7a88-a468e32a6436&tv={c:uCGh8Z,pingTime:1,time:1585,type:c,clog:[{piv:100,vs:i,r:,w:8,h:8,t:490}],es:0,sc:1,ha:1,gm:1,slTimes:{i:1585,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:490,wc:0.0.1600.1200,ac:0.5.8.8,am:i,cc:0.5.8.8,piv:100,obst:0,th:0,reas:,bkn:{piv:[1105~100],as:[1105~8.8]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:rItxJKM+11|12|13|14|15|16|17|18.10079|181|19.10079|191|1a.10079|1a1|1b.10079|1b1|1c1|1c2|1c3|1d1|1d2|1e*.10079|1e1|1e2|1f|1g|1h|1i|1j|1k|1l,idMap:1e*,rend:0,renddet:DIV.us.sn,rmeas:1,metricId:publ1}&br=u
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.37.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
daldt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:44 GMT
X-Server-Name
dt78dal.dal.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10079&asId=6c12ae68-ea65-d35a-7a88-a468e32a6436&tv={c:uCGh90,pingTime:1,time:1586,type:c,clog:[{piv:100,vs:i,r:,w:8,h:8,t:490}],es:0,sc:1,ha:1,gm:1,slTimes:{i:1586,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:490,wc:0.0.1600.1200,ac:0.5.8.8,am:i,cc:0.5.8.8,piv:100,obst:0,th:0,reas:,bkn:{piv:[1106~100],as:[1106~8.8]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:rItxJKM+11|12|13|14|15|16|17|18.10079|181|19.10079|191|1a.10079|1a1|1b.10079|1b1|1c1|1c2|1c3|1d1|1d2|1e*.10079|1e1|1e2|1f|1g|1h|1i|1j|1k|1l,idMap:1e*,rend:0,renddet:DIV.us.sn,rmeas:1,metricId:grpm1}&br=u
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.37.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
daldt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:44 GMT
X-Server-Name
dt74dal.dal.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
tracker
metrics.brightcove.com/v2/ 		35 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=8e57aa78cd35e847c21b0502&account=2540076170001&destination=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&platform_version=6.19.2&player=players.brightcove.com%2F2540076170001%2FVLKU4hbDPX_default&player_name=%5BEXPRESS%5D%20-%20v3.3%20Click%20to%20Play%20prebid.js&source=http%3A%2F%2Fshr.gs%2FkWQbz0R&event=catalog_response&url=https%3A%2F%2Fedge.api.brightcove.com%2Fplayback%2Fv1%2Faccounts%2F2540076170001%2Fvideos%2F6001565573001&time=1574352761420&response_time_ms=2162&BCOV-instance=i-065c261bf97f7fe00%2C%20ce8ca2e%2C%202019-11-21%2016%3A10%3A53.649Z&X-Cache=Hit%20from%20cloudfront&Via=1.1%20bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net%20(CloudFront)&X-Amz-Cf-Id=SDidS-wFey--oJCSt0BGIwYRC7_as3QcS1-KeFmHDdyW7px_hoxWOQ%3D%3D&seq=15
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.244.232.184 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
184.232.244.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
via
1.1 google
date
Thu, 21 Nov 2019 16:12:44 GMT
content-type
image/gif
status
200
cache-control
must-revalidate,no-cache,no-store
alt-svc
clear
content-length
35
dt
dt.adsafeprotected.com/ 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10079&asId=57e1b388-bcb3-34ad-a728-5d851db28235&tv={c:uCGh9h,pingTime:1,time:1584,type:p,clog:[{piv:100,vs:i,r:,w:300,h:600,t:533}],es:0,sc:1,ha:1,gm:1,slTimes:{i:1584,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:533,wc:0.0.1600.1200,ac:948.575.300.600,am:i,cc:948.575.300.600,piv:100,obst:0,th:0,reas:,bkn:{piv:[1063~100],as:[1063~300.600]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:rItxJKO+11|12|13|14|15|16|17|18.10079|181|182|19*.10079|191|1a.10079|1a1|1b.10079|1b1|1c1|1c2|1c3|1d1|1d2|1e1|1e2|1e3|1f|1g|1h|1i|1j|1k|1l,idMap:19*,rend:0,renddet:DIV,rmeas:0}&br=u
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.37.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
daldt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:44 GMT
X-Server-Name
dt68dal.dal.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10079&asId=57e1b388-bcb3-34ad-a728-5d851db28235&tv={c:uCGh9i,pingTime:1,time:1585,type:pf,clog:[{piv:100,vs:i,r:,w:300,h:600,t:533}],es:0,sc:1,ha:1,gm:1,slTimes:{i:1585,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:533,wc:0.0.1600.1200,ac:948.575.300.600,am:i,cc:948.575.300.600,piv:100,obst:0,th:0,reas:,bkn:{piv:[1064~100],as:[1064~300.600]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:rItxJKO+11|12|13|14|15|16|17|18.10079|181|182|19*.10079|191|1a.10079|1a1|1b.10079|1b1|1c1|1c2|1c3|1d1|1d2|1e1|1e2|1e3|1f|1g|1h|1i|1j|1k|1l,idMap:19*,rend:0,renddet:DIV,rmeas:0}&br=u
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.37.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
daldt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:44 GMT
X-Server-Name
dt78dal.dal.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10079&asId=57e1b388-bcb3-34ad-a728-5d851db28235&tv={c:uCGh9i,pingTime:1,time:1585,type:c,clog:[{piv:100,vs:i,r:,w:300,h:600,t:533}],es:0,sc:1,ha:1,gm:1,slTimes:{i:1585,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:533,wc:0.0.1600.1200,ac:948.575.300.600,am:i,cc:948.575.300.600,piv:100,obst:0,th:0,reas:,bkn:{piv:[1064~100],as:[1064~300.600]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:rItxJKO+11|12|13|14|15|16|17|18.10079|181|182|19*.10079|191|1a.10079|1a1|1b.10079|1b1|1c1|1c2|1c3|1d1|1d2|1e1|1e2|1e3|1f|1g|1h|1i|1j|1k|1l,idMap:19*,rend:0,renddet:DIV,rmeas:0,metricId:publ1}&br=u
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.37.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
daldt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:44 GMT
X-Server-Name
dt74dal.dal.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10079&asId=57e1b388-bcb3-34ad-a728-5d851db28235&tv={c:uCGh9j,pingTime:1,time:1586,type:c,clog:[{piv:100,vs:i,r:,w:300,h:600,t:533}],es:0,sc:1,ha:1,gm:1,slTimes:{i:1586,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:533,wc:0.0.1600.1200,ac:948.575.300.600,am:i,cc:948.575.300.600,piv:100,obst:0,th:0,reas:,bkn:{piv:[1065~100],as:[1065~300.600]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:rItxJKO+11|12|13|14|15|16|17|18.10079|181|182|19*.10079|191|1a.10079|1a1|1b.10079|1b1|1c1|1c2|1c3|1d1|1d2|1e1|1e2|1e3|1f|1g|1h|1i|1j|1k|1l,idMap:19*,rend:0,renddet:DIV,rmeas:0,metricId:grpm1}&br=u
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.37.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
daldt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:44 GMT
X-Server-Name
dt68dal.dal.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
tracker
metrics.brightcove.com/v2/ 		35 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=8e57aa78cd35e847c21b0502&account=2540076170001&destination=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&platform_version=6.19.2&player=players.brightcove.com%2F2540076170001%2FVLKU4hbDPX_default&player_name=%5BEXPRESS%5D%20-%20v3.3%20Click%20to%20Play%20prebid.js&source=http%3A%2F%2Fshr.gs%2FkWQbz0R&event=catalog_response&url=https%3A%2F%2Fedge.api.brightcove.com%2Fplayback%2Fv1%2Faccounts%2F2540076170001%2Fvideos%2F5840789327001&time=1574352761430&response_time_ms=2172&BCOV-instance=i-08ef4bf62b1710558%2C%20ce8ca2e%2C%202019-11-21%2016%3A10%3A53.557Z&X-Cache=Hit%20from%20cloudfront&Via=1.1%20bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net%20(CloudFront)&X-Amz-Cf-Id=Af5N4hyCWJYWTR9GEyjFvZJxrHfie_LRWMFfdzzRF_xZwx1IbIDzPg%3D%3D&seq=16
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.244.232.184 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
184.232.244.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
via
1.1 google
date
Thu, 21 Nov 2019 16:12:44 GMT
content-type
image/gif
status
200
cache-control
must-revalidate,no-cache,no-store
alt-svc
clear
content-length
35
tracker
metrics.brightcove.com/v2/ 		35 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=8e57aa78cd35e847c21b0502&account=2540076170001&destination=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&platform_version=6.19.2&player=players.brightcove.com%2F2540076170001%2FVLKU4hbDPX_default&player_name=%5BEXPRESS%5D%20-%20v3.3%20Click%20to%20Play%20prebid.js&source=http%3A%2F%2Fshr.gs%2FkWQbz0R&event=catalog_response&url=https%3A%2F%2Fedge.api.brightcove.com%2Fplayback%2Fv1%2Faccounts%2F2540076170001%2Fvideos%2F5772475067001&time=1574352761468&response_time_ms=2210&BCOV-instance=i-06421f58ab43f8b65%2C%20ce8ca2e%2C%202019-11-21%2016%3A10%3A53.544Z&X-Cache=Hit%20from%20cloudfront&Via=1.1%20bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net%20(CloudFront)&X-Amz-Cf-Id=ZxYWjhcrIGeRk0Zpq7GkYuBF1t9EhK8MRx5hOOYA-JQbBCPWuzjuog%3D%3D&seq=17
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.244.232.184 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
184.232.244.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
via
1.1 google
date
Thu, 21 Nov 2019 16:12:44 GMT
content-type
image/gif
status
200
cache-control
must-revalidate,no-cache,no-store
alt-svc
clear
content-length
35
tracker
metrics.brightcove.com/v2/ 		35 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=8e57aa78cd35e847c21b0502&account=2540076170001&destination=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&platform_version=6.19.2&player=players.brightcove.com%2F2540076170001%2FVLKU4hbDPX_default&player_name=%5BEXPRESS%5D%20-%20v3.3%20Click%20to%20Play%20prebid.js&source=http%3A%2F%2Fshr.gs%2FkWQbz0R&event=catalog_response&url=https%3A%2F%2Fedge.api.brightcove.com%2Fplayback%2Fv1%2Faccounts%2F2540076170001%2Fvideos%2F5731144511001&time=1574352761531&response_time_ms=2273&BCOV-instance=i-0874b6229a6edbaa8%2C%20ce8ca2e%2C%202019-11-21%2016%3A10%3A53.535Z&X-Cache=Hit%20from%20cloudfront&Via=1.1%20bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net%20(CloudFront)&X-Amz-Cf-Id=VjuUz9stVStwR5m6zO0b5-qRCB4vXdt2LFDol-zHVM9SDdldcqVaYg%3D%3D&seq=18
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.244.232.184 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
184.232.244.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
via
1.1 google
date
Thu, 21 Nov 2019 16:12:44 GMT
content-type
image/gif
status
200
cache-control
must-revalidate,no-cache,no-store
alt-svc
clear
content-length
35
tracker
metrics.brightcove.com/v2/ 		35 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=8e57aa78cd35e847c21b0502&account=2540076170001&destination=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&platform_version=6.19.2&player=players.brightcove.com%2F2540076170001%2FVLKU4hbDPX_default&player_name=%5BEXPRESS%5D%20-%20v3.3%20Click%20to%20Play%20prebid.js&source=http%3A%2F%2Fshr.gs%2FkWQbz0R&event=catalog_response&url=https%3A%2F%2Fedge.api.brightcove.com%2Fplayback%2Fv1%2Faccounts%2F2540076170001%2Fvideos%2F6002961541001&time=1574352761562&response_time_ms=2304&BCOV-instance=i-0a138477fb65730b0%2C%20ce8ca2e%2C%202019-11-21%2016%3A10%3A53.466Z&X-Cache=Hit%20from%20cloudfront&Via=1.1%20bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net%20(CloudFront)&X-Amz-Cf-Id=eRHcImy_G4nhL4iDXIjV19fmCHrXgYpCCCHrygXu6iTunPo4iSJoDA%3D%3D&seq=19
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.244.232.184 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
184.232.244.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
via
1.1 google
date
Thu, 21 Nov 2019 16:12:44 GMT
content-type
image/gif
status
200
cache-control
must-revalidate,no-cache,no-store
alt-svc
clear
content-length
35
tracker
metrics.brightcove.com/v2/ 		35 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=8e57aa78cd35e847c21b0502&account=2540076170001&destination=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&platform_version=6.19.2&player=players.brightcove.com%2F2540076170001%2FVLKU4hbDPX_default&player_name=%5BEXPRESS%5D%20-%20v3.3%20Click%20to%20Play%20prebid.js&source=http%3A%2F%2Fshr.gs%2FkWQbz0R&event=catalog_response&url=https%3A%2F%2Fedge.api.brightcove.com%2Fplayback%2Fv1%2Faccounts%2F2540076170001%2Fvideos%2F6002961541001&time=1574352761593&response_time_ms=2335&BCOV-instance=i-0a138477fb65730b0%2C%20ce8ca2e%2C%202019-11-21%2016%3A10%3A53.466Z&X-Cache=Hit%20from%20cloudfront&Via=1.1%20bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net%20(CloudFront)&X-Amz-Cf-Id=YkYtklvRkHP_LkdvgjJXWGD8v8pBRQG27NtxQR-ovSOrM5zpv0NRdA%3D%3D&seq=20
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.244.232.184 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
184.232.244.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
via
1.1 google
date
Thu, 21 Nov 2019 16:12:44 GMT
content-type
image/gif
status
200
cache-control
must-revalidate,no-cache,no-store
alt-svc
clear
content-length
35
blank.gif
stats3.unrulymedia.com/ Frame E360 		43 B
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats3.unrulymedia.com/blank.gif?t=no_ads&placementName=Express.co.uk%20-%20In-Article%20-%20Desktop&adf=inarticle&imp%5B0%5D.placement=3&supplyMode=direct&message=Empty%20VAST%20Response&app=native&pid=1007979&isMobile=false&pageLoadId=76892143&unr.site.env=html&ts=2019-11-21T16%253A12%253A42.010-%252B01%253A00&perf_consent_start=1574352760594&perf_corejs_start=1574352759356&perf_corejs_end=1574352760594&perf_skin_start=1574352760595&perf_skin_end=1574352760643&perf_adAge_start=1574352760854&perf_vast_0_start=1574352760857&id=666693881&d=1574352762010&h=v1.0.1536-0-ge1c0788
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
34.243.121.135 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-243-121-135.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.2 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:44 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.4.2
X-Unruly-Server
stats3n-eu-074.unrulymedia.com
P3P
CP="CUR IVDo OUR IND"
Cache-Control
no-store,no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
vpt.js
static.vidazoo.com/basev/ 		38 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.vidazoo.com/basev/vpt.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
70a054db0f1fa8a0b2398f9583f737b84a62f7b5704a1a94722d6e08f745bf3a

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:45 GMT
Last-Modified
Wed, 02 Oct 2019 09:36:14 GMT
ETag
"1570008974"
Access-Control-Allow-Methods
GET, OPTIONS, HEAD
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
Cache-Control
max-age=86400
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
application/javascript
Access-Control-Allow-Headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
Content-Length
39096
X-HW
1574352765.dop022.fr8.t,1574352765.cds146.fr8.shn,1574352765.cds146.fr8.c
pixel.gif
px.moatads.com/ 		43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&kq=1&lo=0&qs=1&ak=https%3A%2F%2Fwww.express.co.uk%2F%2Flife-style%2Fscience-technology%2F1207000%2F-&i=NANDSCONTENT1&ud=false&qm=-60&qn=6OZw%3DoHB%2CEF%3FKC1I%3Cq.bWoCSV2W0Su*TDXlCfX2iR2%25(GyHN%3DI(%2C%3Ba15lK1t!9Zp%5B)1xfq_GUKB%7BJ9AKqD(ao%5DDXx2Tlw4%26ExM_1g%2Bk6lRV%3BO5FN6tRAlTJ%3F_v%3D(tN%23V.xm9%25KMD4YP%60T11K%3E(7b%5DQ%22_KF5%5D5%2F%5BGI%3F4Y5iO%3Dn%3CG.ueM!z!18YCC2J.bq!CASw%5EXm0o(%2FLyhqFBjK7%3DuCbR%7CDoD%3DhOIs11_iCuIE)5.Efn%3Bb%25r%2F%7DMCMYUWx%3DoFj9yG3%3FjGT%22Wf%3CN%5B*XlKat.Y%7BQOuSFeAv1%7CE.fa48FJ%7B%26WQVqDgDd%2C.6m3w_2C6kFU%3BCB%5BpzR2%5E%2Cd%5B(Tr%2C..8WLdA1%3BxTiWiePpw4iqi%3CF%5BZ5*%3FVI2%2F%2B%5BoHBw24IQ%406kSP_1c%2Ceec!6t9B%2CN%3Ey)%2ChXbvU37_*NhSfBghz%5D*vOJ%23_%3DNoUA%5DRgBU_Gr1%3E%3AHuFTn%3ADXqJHZ%3BR%23y%2Ca%3Bio8bYLaXBjA%3AmQ)%3CF!tAbjrzJ%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BW5.NO)WxX*a%24%3D!L2C9WiKjOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7BlTr1W*d%5BOCF%259%3CUYoo813_xB%2CN%7CDoD%3DhA&qp=00000&qq=000000000000&qr=0&gz=0&hh=0&hn=0&qt=0&bq=0&g=0&pl=1&fl=1&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&md=0&mc=0&lb=6754&la=0&ld=0&lc=0&cw=-1&cx=-1&sh=undefined&xa=0&xb=0&xc=0&h=4&w=4&cm=1&f=0&j=http%3A%2F%2Fshr.gs&o=3&t=1574352758979&de=4526693643&cu=1574352758979&m=30&ar=de60227-clean&cb=0&ll=2&ln=0&gh=1&qa=1600&qb=1200&qi=1600&qj=1200&qf=1600&qe=1200&qh=1600&qg=1200&lk=undefined&le=1&gm=1&io=1&ch=0&as=0&ag=0&an=0&gf=0&gg=0&pg=0&pf=0&cc=0&bw=0&bx=0&em=0&en=0&bu=1&cd=0&ah=1&am=0&re=0&wb=1&cl=0&at=0&d=express.co.uk%3AWindows%2010%20update%20is%20packed%20with%20dangerous%20ransomware%20-%20do%20not%20download!%3A__page__%3A-&gw=nandscontent759292113&ab=1&ac=1&fd=1&kt=strict&it=500&fs=98334&na=1580791406&cs=0
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
72.247.226.64 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-226-64.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:44 GMT
Last-Modified
Fri, 20 May 2016 15:16:00 GMT
Server
AkamaiNetStorage
ETag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Thu, 21 Nov 2019 16:12:44 GMT
pixel.gif
px.moatads.com/ 		43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&kq=1&lo=0&qs=1&ak=-&i=NANDSCONTENT1&ud=false&qm=-60&qn=6OZw%3DoHB%2CEF%3FKC1I%3Cq.bWoCSV2W0Su*TDXlCfX2iR2%25(GyHN%3DI(%2C%3Ba15lK1t!9Zp%5B)1xfq_GUKB%7BJ9AKqD(ao%5DDXx2Tlw4%26ExM_1g%2Bk6lRV%3BO5FN6tRAlTJ%3F_v%3D(tN%23V.xm9%25KMD4YP%60T11K%3E(7b%5DQ%22_KF5%5D5%2F%5BGI%3F4Y5iO%3Dn%3CG.ueM!z!18YCC2J.bq!CASw%5EXm0o(%2FLyhqFBjK7%3DuCbR%7CDoD%3DhOIs11_iCuIE)5.Efn%3Bb%25r%2F%7DMCMYUWx%3DoFj9yG3%3FjGT%22Wf%3CN%5B*XlKat.Y%7BQOuSFeAv1%7CE.fa48FJ%7B%26WQVqDgDd%2C.6m3w_2C6kFU%3BCB%5BpzR2%5E%2Cd%5B(Tr%2C..8WLdA1%3BxTiWiePpw4iqi%3CF%5BZ5*%3FVI2%2F%2B%5BoHBw24IQ%406kSP_1c%2Ceec!6t9B%2CN%3Ey)%2ChXbvU37_*NhSfBghz%5D*vOJ%23_%3DNoUA%5DRgBU_Gr1%3E%3AHuFTn%3ADXqJHZ%3BR%23y%2Ca%3Bio8bYLaXBjA%3AmQ)%3CF!tAbjrzJ%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BW5.NO)WxX*a%24%3D!L2C9WiKjOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7BlTr1W*d%5BOCF%259%3CUYoo813_xB%2CN%7CDoD%3DhA&qp=00000&qq=000000000000&qr=0&gz=0&hh=0&hn=0&qt=0&bq=0&g=1&pl=1&fl=1&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&md=0&mc=0&lb=9200&la=0&ld=0&lc=0&cw=-1&cx=-1&sh=undefined&xa=0&xb=0&xc=0&h=4&w=4&cm=1&f=0&j=http%3A%2F%2Fshr.gs&o=3&t=1574352758979&de=4526693643&cu=1574352758979&m=5207&ar=de60227-clean&cb=0&ll=2&ln=0&gh=1&qa=1600&qb=1200&qi=1600&qj=1200&qf=1600&qe=1200&qh=1600&qg=1200&lk=undefined&le=1&gm=1&io=1&ch=0&as=0&ag=0&an=0&gf=0&gg=0&aj=0&pg=0&pf=0&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&cq=0&em=0&en=0&bu=5179&cd=1&ah=5179&am=1&re=0&wb=1&cl=0&at=0&d=express.co.uk%3AWindows%2010%20update%20is%20packed%20with%20dangerous%20ransomware%20-%20do%20not%20download!%3A__page__%3A-&gw=nandscontent759292113&ab=1&ac=1&fd=1&kt=strict&it=500&fs=98334&na=649414429&cs=0
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
72.247.226.64 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-226-64.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:44 GMT
Last-Modified
Fri, 20 May 2016 15:16:00 GMT
Server
AkamaiNetStorage
ETag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Thu, 21 Nov 2019 16:12:44 GMT
blank.gif
stats3.unrulymedia.com/ Frame E360 		43 B
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats3.unrulymedia.com/blank.gif?t=publisher_marker_fallback&placementId=*&app=native&pid=1007979&supplyMode=direct&isMobile=false&pageLoadId=76892143&unr.site.env=html&ts=2019-11-21T16%253A12%253A44.843-%252B01%253A00&perf_consent_start=1574352760594&perf_corejs_start=1574352759356&perf_corejs_end=1574352760594&perf_skin_start=1574352760595&perf_skin_end=1574352760643&perf_adAge_start=1574352760854&perf_vast_0_start=1574352760857&id=666693881&d=1574352764844&h=v1.0.1536-0-ge1c0788
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
34.243.121.135 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-243-121-135.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.2 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:44 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.4.2
X-Unruly-Server
stats3n-eu-074.unrulymedia.com
P3P
CP="CUR IVDo OUR IND"
Cache-Control
no-store,no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
tag
a.teads.tv/page/59853/ Frame 4D94 		2 KB
850 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/59853/tag
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
dfe52d803e957dcd4344eb88d280ec1dac25a7d7c23152c855646e177d293a77

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:12:44 GMT
content-encoding
gzip
access-control-allow-origin
*
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
private, must-revalidate, max-age=3600
access-control-allow-credentials
true
content-length
574
expires
Thu, 21 Nov 2019 17:12:44 GMT
blank.gif
stats3.unrulymedia.com/ Frame 4D94 		43 B
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats3.unrulymedia.com/blank.gif?t=adloader_removed&app=native&pid=1007979&id=666693881&d=1574352759356&in_iframe=true&h=v1.0.1536-0-ge1c0788&compat=BackCompat&pageLoadId=76892143&supplyMode=direct&unr.site.env=html&ts=2019-11-21T16%253A12%253A39.357-%252B01%253A00
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
34.243.121.135 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-243-121-135.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.2 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:44 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.4.2
X-Unruly-Server
stats3n-eu-074.unrulymedia.com
P3P
CP="CUR IVDo OUR IND"
Cache-Control
no-store,no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
teads-format.min.js
a.teads.tv/media/format/v3/ 		711 KB
185 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2934e2624848a8ac02958e538f34197f66bdd9800244a94d2945bba7caadafde

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:12:44 GMT
content-encoding
gzip
last-modified
Thu, 21 Nov 2019 09:57:23 GMT
x-amz-request-id
C59362E1532F1B76
etag
"9902ca96e624e13373ba3a6e68744e67"
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
status
200
cache-control
private, must-revalidate, max-age=600
x-bucket
a
accept-ranges
bytes
content-length
188779
x-amz-id-2
EnyC/dyYy7g2x4PPVbNL7K7bf1eW7pG8KOCIvt1mGkem17loC5Q0BbiPboWIZAEgUMSVSZJhsIA=
expires
Thu, 21 Nov 2019 16:22:44 GMT
index.html
cmp.teads.mgr.consensu.org/ Frame 4CAD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cmp.teads.mgr.consensu.org/index.html
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:39b::2c92 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Host
cmp.teads.mgr.consensu.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download

Response headers

x-amz-id-2
8/wIwYg10wl33r7ILquSdnldpbD4VUsx4qLxljYUUcBbfOLmK94iwExtJLpF1byvqkpp1Goy0Ms=
x-amz-request-id
A8E9E1EED85D6455
Last-Modified
Fri, 14 Sep 2018 07:42:32 GMT
ETag
"e7d6c2974a38b7ff77a560e83789f66a"
Accept-Ranges
bytes
Content-Type
text/html
Content-Length
583
Server
AmazonS3
Cache-Control
max-age=300
Expires
Thu, 21 Nov 2019 16:17:45 GMT
Date
Thu, 21 Nov 2019 16:12:45 GMT
Connection
keep-alive
index.html
cmp.teads.mgr.consensu.org/ Frame D63C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cmp.teads.mgr.consensu.org/index.html
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:39b::2c92 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Host
cmp.teads.mgr.consensu.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download

Response headers

x-amz-id-2
8/wIwYg10wl33r7ILquSdnldpbD4VUsx4qLxljYUUcBbfOLmK94iwExtJLpF1byvqkpp1Goy0Ms=
x-amz-request-id
A8E9E1EED85D6455
Last-Modified
Fri, 14 Sep 2018 07:42:32 GMT
ETag
"e7d6c2974a38b7ff77a560e83789f66a"
Accept-Ranges
bytes
Content-Type
text/html
Content-Length
583
Server
AmazonS3
Cache-Control
max-age=300
Expires
Thu, 21 Nov 2019 16:17:45 GMT
Date
Thu, 21 Nov 2019 16:12:45 GMT
Connection
keep-alive
p2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/p?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1574352765181&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_s...
  • https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1574352765181&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_...
43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1574352765181&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=78453135&cs_ucfr=1
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.124.133.20 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-124-133-20.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:46 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Expires
Mon, 01 Jan 1990 00:00:00 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1574352765181&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=78453135&cs_ucfr=1
Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:46 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
track
t.teads.tv/ 		23 B
157 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=placementCall&ts=1574352765178&pageId=59853&pid=64870&env=js-web&pfid=[pfid]&f=1&fv=168
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.182 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-225-182.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

status
200
pragma
no-cache
date
Thu, 21 Nov 2019 16:12:45 GMT
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
23
expires
Thu, 21 Nov 2019 16:12:45 GMT
track
t.teads.tv/ 		23 B
157 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=slotAvailable&ts=1574352765179&pageId=59853&pid=64870&env=js-web&pfid=[pfid]&f=1&slot=native&fv=168
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.182 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-225-182.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

status
200
pragma
no-cache
date
Thu, 21 Nov 2019 16:12:45 GMT
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
23
expires
Thu, 21 Nov 2019 16:12:45 GMT
p2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/p?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1574352765215&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_s...
  • https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1574352765215&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_...
43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1574352765215&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=36088046&cs_ucfr=1
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.124.133.20 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-124-133-20.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:46 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Expires
Mon, 01 Jan 1990 00:00:00 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1574352765215&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=36088046&cs_ucfr=1
Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:46 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
track
t.teads.tv/ 		23 B
157 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=placementCall&ts=1574352765213&pageId=59853&pid=82411&env=js-web&pfid=[pfid]&f=1&fv=168
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.182 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-225-182.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

status
200
pragma
no-cache
date
Thu, 21 Nov 2019 16:12:45 GMT
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
23
expires
Thu, 21 Nov 2019 16:12:45 GMT
track
t.teads.tv/ 		23 B
157 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=slotAvailable&ts=1574352765213&pageId=59853&pid=82411&env=js-web&pfid=[pfid]&f=1&slot=multislot&fv=168
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.182 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-225-182.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

status
200
pragma
no-cache
date
Thu, 21 Nov 2019 16:12:45 GMT
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
23
expires
Thu, 21 Nov 2019 16:12:45 GMT
dt
dt.adsafeprotected.com/ 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10079&asId=6c12ae68-ea65-d35a-7a88-a468e32a6436&tv={c:uCGiaK,pingTime:5,time:5538,type:p,clog:[{piv:100,vs:i,r:,w:8,h:8,t:490},{w:1,h:1,t:5038}],es:0,sc:1,ha:1,gm:1,slTimes:{i:5538,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:490,wc:0.0.1600.1200,ac:0.12.1.1,am:i,cc:0.12.1.1,piv:100,obst:0,th:0,reas:,bkn:{piv:[5058~100],as:[4558~8.8,500~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:3209,fm:rItxJKM+11|12|13|14|15|16|17|18.10079|181|19.10079|191|1a.10079|1a1|1b.10079|1b1|1c1|1c2|1c3|1d1|1d2|1e*.10079|1e1|1e2|1f|1g|1h|1i|1j|1k|1l,idMap:1e*,rend:0,renddet:WINDOW,rmeas:0}&br=u
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.37.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
daldt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:45 GMT
X-Server-Name
dt03dal.dal.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10079&asId=6c12ae68-ea65-d35a-7a88-a468e32a6436&tv={c:uCGiaK,pingTime:5,time:5538,type:pf,clog:[{piv:100,vs:i,r:,w:8,h:8,t:490},{w:1,h:1,t:5038}],es:0,sc:1,ha:1,gm:1,slTimes:{i:5538,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:490,wc:0.0.1600.1200,ac:0.12.1.1,am:i,cc:0.12.1.1,piv:100,obst:0,th:0,reas:,bkn:{piv:[5058~100],as:[4558~8.8,500~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:3209,fm:rItxJKM+11|12|13|14|15|16|17|18.10079|181|19.10079|191|1a.10079|1a1|1b.10079|1b1|1c1|1c2|1c3|1d1|1d2|1e*.10079|1e1|1e2|1f|1g|1h|1i|1j|1k|1l,idMap:1e*,rend:0,renddet:WINDOW,rmeas:0}&br=u
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.37.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
daldt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:45 GMT
X-Server-Name
dt02dal.dal.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10079&asId=dbfa49f7-57d7-5b9a-c98f-435a2cb1896e&tv={c:uCGibq,pingTime:5,time:5578,type:p,clog:[{piv:100,vs:i,r:,w:970,h:250,t:514}],es:0,sc:1,ha:1,gm:1,slTimes:{i:5578,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:513,wc:0.0.1600.1200,ac:308.13.970.250,am:i,cc:308.13.970.250,piv:100,obst:0,th:0,reas:,bkn:{piv:[5080~100],as:[5080~970.250]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:2987,fm:rItxJKM+11|12|13|14|15|16|17|18*.10079|181|19.10079|191|1a.10079|1a1|1b.10079|1b1|1c1|1c2|1c3|1d1|1d2|1e.10079|1e1|1e2|1e3|1f|1g|1h|1i|1j|1k|1l,idMap:18*,rend:0,renddet:DIV,rmeas:0}&br=u
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.37.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
daldt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:45 GMT
X-Server-Name
dt03dal.dal.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10079&asId=dbfa49f7-57d7-5b9a-c98f-435a2cb1896e&tv={c:uCGibq,pingTime:5,time:5578,type:pf,clog:[{piv:100,vs:i,r:,w:970,h:250,t:514}],es:0,sc:1,ha:1,gm:1,slTimes:{i:5578,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:513,wc:0.0.1600.1200,ac:308.13.970.250,am:i,cc:308.13.970.250,piv:100,obst:0,th:0,reas:,bkn:{piv:[5080~100],as:[5080~970.250]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:2987,fm:rItxJKM+11|12|13|14|15|16|17|18*.10079|181|19.10079|191|1a.10079|1a1|1b.10079|1b1|1c1|1c2|1c3|1d1|1d2|1e.10079|1e1|1e2|1e3|1f|1g|1h|1i|1j|1k|1l,idMap:18*,rend:0,renddet:DIV,rmeas:0}&br=u
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.37.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
daldt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:45 GMT
X-Server-Name
dt02dal.dal.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10079&asId=57e1b388-bcb3-34ad-a728-5d851db28235&tv={c:uCGibN,pingTime:5,time:5584,type:p,clog:[{piv:100,vs:i,r:,w:300,h:600,t:533}],es:0,sc:1,ha:1,gm:1,slTimes:{i:5584,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:533,wc:0.0.1600.1200,ac:948.575.300.600,am:i,cc:948.575.300.600,piv:100,obst:0,th:0,reas:,bkn:{piv:[5063~100],as:[5063~300.600]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:3349,fm:rItxJKO+11|12|13|14|15|16|17|18.10079|181|182|19*.10079|191|1a.10079|1a1|1b.10079|1b1|1c1|1c2|1c3|1d1|1d2|1e1|1e2|1e3|1f|1g|1h|1i|1j|1k|1l,idMap:19*,rend:0,renddet:DIV,rmeas:0}&br=u
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.37.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
daldt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:45 GMT
X-Server-Name
dt03dal.dal.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10079&asId=57e1b388-bcb3-34ad-a728-5d851db28235&tv={c:uCGibO,pingTime:5,time:5585,type:pf,clog:[{piv:100,vs:i,r:,w:300,h:600,t:533}],es:0,sc:1,ha:1,gm:1,slTimes:{i:5585,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:533,wc:0.0.1600.1200,ac:948.575.300.600,am:i,cc:948.575.300.600,piv:100,obst:0,th:0,reas:,bkn:{piv:[5064~100],as:[5064~300.600]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:3349,fm:rItxJKO+11|12|13|14|15|16|17|18.10079|181|182|19*.10079|191|1a.10079|1a1|1b.10079|1b1|1c1|1c2|1c3|1d1|1d2|1e1|1e2|1e3|1f|1g|1h|1i|1j|1k|1l,idMap:19*,rend:0,renddet:DIV,rmeas:0}&br=u
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.37.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
daldt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:45 GMT
X-Server-Name
dt02dal.dal.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
ad
a.teads.tv/page/59853/ 		118 B
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/59853/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&page=%7B%22id%22%3A59853%2C%22placements%22%3A%5B%7B%22id%22%3A64870%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A590%2C%22height%22%3A332%7D%2C%22slotType%22%3A%22native%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22status%22%3A23%2C%22consent%22%3A%22%22%2C%22reason%22%3A230%7D%7D&userId=c1fd6d81-04b0-4d0a-b6ec-13b0135fce33&formatVersion=2.22.61&env=js-web&netBw=9.5&ttfb=119
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f50167bee40cd7fdd6c623efb794e0edddec7de87ef71f48c8b1b1413e1dfc4a

Request headers

Accept
application/json; charset=UTF-8
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Nov 2019 16:12:45 GMT
content-encoding
gzip
status
200
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.express.co.uk
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
129
expires
Thu, 21 Nov 2019 16:12:45 GMT
ad
a.teads.tv/page/59853/ 		118 B
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/59853/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&page=%7B%22id%22%3A59853%2C%22placements%22%3A%5B%7B%22id%22%3A82411%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A590%2C%22height%22%3A332%7D%2C%22slotType%22%3A%22multislot%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22status%22%3A23%2C%22consent%22%3A%22%22%2C%22reason%22%3A230%7D%7D&userId=c1fd6d81-04b0-4d0a-b6ec-13b0135fce33&formatVersion=2.22.61&env=js-web&netBw=9.5&ttfb=119
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f50167bee40cd7fdd6c623efb794e0edddec7de87ef71f48c8b1b1413e1dfc4a

Request headers

Accept
application/json; charset=UTF-8
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Nov 2019 16:12:45 GMT
content-encoding
gzip
status
200
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.express.co.uk
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
129
expires
Thu, 21 Nov 2019 16:12:45 GMT
iframe
sync.teads.tv/ Frame 2385 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.teads.tv/iframe?pid=64870&userId=c1fd6d81-04b0-4d0a-b6ec-13b0135fce33&gdprIab={%22status%22:23,%22consent%22:%22%22,%22reason%22:230}&fromFormat=true&env=js-web&1574352765516
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.182 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-225-182.deploy.static.akamaitechnologies.com
Software
akka-http/10.1.5 /
Resource Hash

Request headers

:method
GET
:authority
sync.teads.tv
:scheme
https
:path
/iframe?pid=64870&userId=c1fd6d81-04b0-4d0a-b6ec-13b0135fce33&gdprIab={%22status%22:23,%22consent%22:%22%22,%22reason%22:230}&fromFormat=true&env=js-web&1574352765516
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
accept-encoding
gzip, deflate, br
cookie
tt_viewer=ad70b5e3-1624-49ce-9392-d01d57c172bf
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download

Response headers

status
200
content-type
text/html; charset=UTF-8
server
akka-http/10.1.5
content-length
1694
expires
Thu, 21 Nov 2019 16:12:45 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Thu, 21 Nov 2019 16:12:45 GMT
set-cookie
tt_exelate=; Expires=Fri, 22 Nov 2019 16:12:45 GMT; Domain=.teads.tv; SameSite=None tt_bluekai=; Expires=Fri, 22 Nov 2019 16:12:45 GMT; Domain=.teads.tv; SameSite=None tt_emetriq=; Expires=Fri, 22 Nov 2019 16:12:45 GMT; Domain=.teads.tv; SameSite=None tt_liveramp=; Expires=Fri, 22 Nov 2019 16:12:45 GMT; Domain=.teads.tv; SameSite=None tt_neustar=; Expires=Fri, 22 Nov 2019 16:12:45 GMT; Domain=.teads.tv; SameSite=None tt_salesforce=; Expires=Fri, 22 Nov 2019 16:12:45 GMT; Domain=.teads.tv; SameSite=None tt_dar=; Expires=Fri, 22 Nov 2019 16:12:45 GMT; Domain=.teads.tv; SameSite=None tt_skp=; Expires=Fri, 22 Nov 2019 16:12:45 GMT; Domain=.teads.tv; SameSite=None
native-loader.js
video.unrulymedia.com/native/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.unrulymedia.com/native/native-loader.js
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/page/59853/tag
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.192.221 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-224-192-221.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
12943be72bc8364363630060423b7717d7fe4a0c1de5fcaaa67ed1a624417be4

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:04:04 GMT
content-encoding
gzip
x-amz-expiration
expiry-date="Wed, 18 Nov 2026 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified
Tue, 19 Nov 2019 18:22:43 GMT
server
AmazonS3
age
524
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=600
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
gOc-zXjk7s7wwfubP9TWKkJg4O_FeAu8IyHnA7RUDOiXEA65x7L95Q==
via
1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
track
t.teads.tv/ 		23 B
157 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=passback-noAd&ts=1574352765178&pageId=59853&pid=64870&env=js-web&pfid=[pfid]&f=1&slot=native&fv=168
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.182 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-225-182.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

status
200
pragma
no-cache
date
Thu, 21 Nov 2019 16:12:45 GMT
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
23
expires
Thu, 21 Nov 2019 16:12:45 GMT
track
t.teads.tv/ 		23 B
157 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=passback-noAd&ts=1574352765213&pageId=59853&pid=82411&env=js-web&pfid=[pfid]&f=1&slot=multislot&fv=168
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.182 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-225-182.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

status
200
pragma
no-cache
date
Thu, 21 Nov 2019 16:12:45 GMT
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
23
expires
Thu, 21 Nov 2019 16:12:45 GMT
extend
bis.vidazoo.com/event/ 		0
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bis.vidazoo.com/event/extend
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/vpt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.42.51 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-165-42-51.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://www.express.co.uk
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

Date
Thu, 21 Nov 2019 16:12:50 GMT
Via
1.1 vegur
Server
Cowboy
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Origin, DNT, X-Requested-With, Keep-Alive, Content-Type, Accept, Cache-Control, Pragma, Authorization, Content-Length, Accept-Encoding, Accept-Language
Content-Length
0
json
server.vidazoo.com/campaigns/5a9ea5a0225f7d0004c70045/5ae0a5c0da5fdd00042f78f5/ 		0
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://server.vidazoo.com/campaigns/5a9ea5a0225f7d0004c70045/5ae0a5c0da5fdd00042f78f5/json
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/vpt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.27.247 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-236-27-247.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://www.express.co.uk
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

Date
Thu, 21 Nov 2019 16:12:46 GMT
Via
1.1 vegur
Server
Cowboy
Access-Control-Allow-Origin
https://www.express.co.uk
Cache-Control
max-age=0, no-cache, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
Content-Length
0
extend
bis.vidazoo.com/event/ 		0
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bis.vidazoo.com/event/extend
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/vpt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.42.51 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-165-42-51.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://www.express.co.uk
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

Date
Thu, 21 Nov 2019 16:12:50 GMT
Via
1.1 vegur
Server
Cowboy
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Origin, DNT, X-Requested-With, Keep-Alive, Content-Type, Accept, Cache-Control, Pragma, Authorization, Content-Length, Accept-Encoding, Accept-Language
Content-Length
0
json
server.vidazoo.com/campaigns/5a9ea5a0225f7d0004c70045/5ae0a5c0da5fdd00042f78f5/ 		0
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://server.vidazoo.com/campaigns/5a9ea5a0225f7d0004c70045/5ae0a5c0da5fdd00042f78f5/json
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/vpt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.27.247 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-236-27-247.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://www.express.co.uk
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

Date
Thu, 21 Nov 2019 16:12:46 GMT
Via
1.1 vegur
Server
Cowboy
Access-Control-Allow-Origin
https://www.express.co.uk
Cache-Control
max-age=0, no-cache, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
Content-Length
0
et_v1.0.1536-0-ge1c0788.js
video.unrulymedia.com/native/ Frame E621 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.unrulymedia.com/native/et_v1.0.1536-0-ge1c0788.js
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/native-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.192.221 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-224-192-221.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7cbbcb3bd888776b93da7e45c406322c6b133ada80f53b8143bc785171c14485

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk

Response headers

date
Mon, 11 Nov 2019 13:35:04 GMT
content-encoding
gzip
age
873462
x-cache
Hit from cloudfront
status
200
access-control-max-age
3000
via
1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
x-amz-expiration
expiry-date="Tue, 10 Nov 2026 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified
Mon, 11 Nov 2019 13:28:19 GMT
server
AmazonS3
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
HEAD, GET
content-type
application/javascript
access-control-allow-origin
https://www.express.co.uk
cache-control
max-age=63072000
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
EjkyElUHBZfx4BkFze_vQHQRyCDWWuzAZdeh-nnpES0n3ftd7YEnvQ==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ Frame E621 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/native-loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk

Response headers

date
Fri, 01 Nov 2019 09:14:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1753085
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
30244
x-xss-protection
0
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 31 Oct 2020 09:14:40 GMT
blank.gif
stats3.unrulymedia.com/ 		43 B
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats3.unrulymedia.com/blank.gif?t=pp_tag_imp&app=native&pid=1089071&id=102361551&d=1574352765845&in_iframe=false&h=v1.0.1536-0-ge1c0788&compat=CSS1Compat&pageLoadId=76892143&supplyMode=direct&unr.site.env=html&ts=2019-11-21T16%253A12%253A45.845-%252B01%253A00
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
34.243.121.135 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-243-121-135.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.2 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:46 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.4.2
X-Unruly-Server
stats3n-eu-074.unrulymedia.com
P3P
CP="CUR IVDo OUR IND"
Cache-Control
no-store,no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
et_v1.0.1536-0-ge1c0788.js
video.unrulymedia.com/native/ Frame A93B 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.unrulymedia.com/native/et_v1.0.1536-0-ge1c0788.js
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/native-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.192.221 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-224-192-221.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7cbbcb3bd888776b93da7e45c406322c6b133ada80f53b8143bc785171c14485

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk

Response headers

date
Mon, 11 Nov 2019 13:35:04 GMT
content-encoding
gzip
age
873462
x-cache
Hit from cloudfront
status
200
access-control-max-age
3000
via
1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
x-amz-expiration
expiry-date="Tue, 10 Nov 2026 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified
Mon, 11 Nov 2019 13:28:19 GMT
server
AmazonS3
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
HEAD, GET
content-type
application/javascript
access-control-allow-origin
https://www.express.co.uk
cache-control
max-age=63072000
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
GUFTm-7EAxzWYaBanZVvBz0dkYY62xaACoeANAmBDGk1V2LGbnkM0A==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ Frame A93B 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/native-loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk

Response headers

date
Fri, 01 Nov 2019 09:14:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1753085
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
30244
x-xss-protection
0
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 31 Oct 2020 09:14:40 GMT
blank.gif
stats3.unrulymedia.com/ 		43 B
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats3.unrulymedia.com/blank.gif?t=pp_tag_imp&app=native&pid=1089071&id=183546578&d=1574352765849&in_iframe=false&h=v1.0.1536-0-ge1c0788&compat=CSS1Compat&pageLoadId=76892143&supplyMode=direct&unr.site.env=html&ts=2019-11-21T16%253A12%253A45.849-%252B01%253A00
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
34.243.121.135 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-243-121-135.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.2 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:46 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.4.2
X-Unruly-Server
stats3n-eu-074.unrulymedia.com
P3P
CP="CUR IVDo OUR IND"
Cache-Control
no-store,no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
native_v1.0.1536-0-ge1c0788.js
video.unrulymedia.com/native/ Frame E621 		56 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.unrulymedia.com/native/native_v1.0.1536-0-ge1c0788.js
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/native-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.192.221 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-224-192-221.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2dd90b626433f5bc2964f77a8466002ada9cfb46a5fca0e394e2b386df7dcdd3

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk

Response headers

date
Mon, 11 Nov 2019 13:35:12 GMT
content-encoding
gzip
age
873454
x-cache
Hit from cloudfront
status
200
access-control-max-age
3000
via
1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
x-amz-expiration
expiry-date="Tue, 10 Nov 2026 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified
Mon, 11 Nov 2019 13:28:19 GMT
server
AmazonS3
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
HEAD, GET
content-type
application/javascript
access-control-allow-origin
https://www.express.co.uk
cache-control
max-age=63072000
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
eECbIbQVFboBAJ8K8CCz-0ItqTULztKPrph7DtU5JT4Z8X07ppi1Xw==
native_v1.0.1536-0-ge1c0788.js
video.unrulymedia.com/native/ Frame A93B 		56 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.unrulymedia.com/native/native_v1.0.1536-0-ge1c0788.js
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/native-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.192.221 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-224-192-221.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2dd90b626433f5bc2964f77a8466002ada9cfb46a5fca0e394e2b386df7dcdd3

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk

Response headers

date
Mon, 11 Nov 2019 13:35:12 GMT
content-encoding
gzip
age
873454
x-cache
Hit from cloudfront
status
200
access-control-max-age
3000
via
1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
x-amz-expiration
expiry-date="Tue, 10 Nov 2026 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified
Mon, 11 Nov 2019 13:28:19 GMT
server
AmazonS3
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
HEAD, GET
content-type
application/javascript
access-control-allow-origin
https://www.express.co.uk
cache-control
max-age=63072000
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
1rISvOx_-fXdb0pXDnFF4IN5vp399d9I5HLpaC5eZ8qj6YYpU4r70g==
skin-1089071.json
video.unrulymedia.com/native/skins/ Frame E621 		594 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.unrulymedia.com/native/skins/skin-1089071.json
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.192.221 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-224-192-221.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8f0f1121fb3c207a48c2e8ec7576cb847da48f7c9c5d3ae27b6aaf4794d10dee

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:10:29 GMT
via
1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
137
x-cache
Hit from cloudfront
status
200
content-length
594
x-amz-expiration
expiry-date="Fri, 23 Oct 2026 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified
Thu, 24 Oct 2019 17:55:04 GMT
server
AmazonS3
etag
"4d77cbd68536a7696b24e563c3dcea8a"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET
content-type
application/json
access-control-allow-origin
https://www.express.co.uk
cache-control
max-age=3600
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
TkIDXcatI6ABk6aKw4_iNbU_CcxM7XNWRcpv1HObID8pnfDDCcMZlQ==
blank.gif
stats3.unrulymedia.com/ Frame E621 		43 B
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats3.unrulymedia.com/blank.gif?t=multiple_placements_not_supported&placementName=Express.co.uk%20-%20In-Article%20-%20Desktop%20-%20Visible&adf=inarticle&imp%5B0%5D.placement=3&supplyMode=direct&message=multiple_placements_not_supported&app=native&pid=1089071&isMobile=false&pageLoadId=76892143&unr.site.env=html&ts=2019-11-21T16%253A12%253A45.992-%252B01%253A00&perf_consent_start=1574352765953&perf_corejs_start=1574352765845&perf_corejs_end=1574352765954&perf_skin_start=1574352765954&perf_skin_end=1574352765987&id=102361551&d=1574352765993&h=v1.0.1536-0-ge1c0788
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
34.243.121.135 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-243-121-135.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.2 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:46 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.4.2
X-Unruly-Server
stats3n-eu-074.unrulymedia.com
P3P
CP="CUR IVDo OUR IND"
Cache-Control
no-store,no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
skin-1089071.json
video.unrulymedia.com/native/skins/ Frame A93B 		594 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.unrulymedia.com/native/skins/skin-1089071.json
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.192.221 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-224-192-221.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8f0f1121fb3c207a48c2e8ec7576cb847da48f7c9c5d3ae27b6aaf4794d10dee

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:10:29 GMT
via
1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
138
x-cache
Hit from cloudfront
status
200
content-length
594
x-amz-expiration
expiry-date="Fri, 23 Oct 2026 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified
Thu, 24 Oct 2019 17:55:04 GMT
server
AmazonS3
etag
"4d77cbd68536a7696b24e563c3dcea8a"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET
content-type
application/json
access-control-allow-origin
https://www.express.co.uk
cache-control
max-age=3600
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
LSY73Wn5Glm9TbuFgO4rMHg05IUpblKDKx3L1LJApz43vK2qGCcCzQ==
blank.gif
stats3.unrulymedia.com/ Frame A93B 		43 B
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats3.unrulymedia.com/blank.gif?t=multiple_placements_not_supported&placementName=Express.co.uk%20-%20In-Article%20-%20Desktop%20-%20Visible&adf=inarticle&imp%5B0%5D.placement=3&supplyMode=direct&message=multiple_placements_not_supported&app=native&pid=1089071&isMobile=false&pageLoadId=76892143&unr.site.env=html&ts=2019-11-21T16%253A12%253A46.072-%252B01%253A00&perf_consent_start=1574352766034&perf_corejs_start=1574352765849&perf_corejs_end=1574352766034&perf_skin_start=1574352766034&perf_skin_end=1574352766068&id=183546578&d=1574352766073&h=v1.0.1536-0-ge1c0788
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
34.243.121.135 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-243-121-135.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.2 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:46 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.4.2
X-Unruly-Server
stats3n-eu-074.unrulymedia.com
P3P
CP="CUR IVDo OUR IND"
Cache-Control
no-store,no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
json
server.vidazoo.com/campaigns/5a9ea5a0225f7d0004c70045/5ae0a5c0da5fdd00042f78f5/ 		26 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://server.vidazoo.com/campaigns/5a9ea5a0225f7d0004c70045/5ae0a5c0da5fdd00042f78f5/json
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.27.247 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-236-27-247.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
a551d4418e9015f2a068cc7c3e55461a8dc111fd5965fbe8414e022e976add28

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

Date
Thu, 21 Nov 2019 16:12:46 GMT
Content-Encoding
gzip
Server
Cowboy
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.express.co.uk
Cache-Control
max-age=0, no-cache, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
Content-Length
13544
Via
1.1 vegur
json
server.vidazoo.com/campaigns/5a9ea5a0225f7d0004c70045/5ae0a5c0da5fdd00042f78f5/ 		26 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://server.vidazoo.com/campaigns/5a9ea5a0225f7d0004c70045/5ae0a5c0da5fdd00042f78f5/json
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.27.247 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-236-27-247.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
db6dd835dfe1b180d4a8198024f72b611832d3a8ca72d2517e48b79b5e6698eb

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

Date
Thu, 21 Nov 2019 16:12:46 GMT
Content-Encoding
gzip
Server
Cowboy
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.express.co.uk
Cache-Control
max-age=0, no-cache, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
Content-Length
11386
Via
1.1 vegur
sbt.js
static.vidazoo.com/basev/1.0.320/ 		521 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.vidazoo.com/basev/1.0.320/sbt.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
15457c88927f058b379d16b3a3d1200cfb4bdbc61cea108c76ac66aef0334e39

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:53 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Nov 2019 12:16:56 GMT
ETag
"1573129016"
Access-Control-Allow-Methods
GET, OPTIONS, HEAD
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
Cache-Control
max-age=55367
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
application/javascript
Access-Control-Allow-Headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
Content-Length
118854
X-HW
1574352773.dop132.fr8.shc,1574352773.dop132.fr8.t,1574352773.cds087.fr8.c
/
tt.onthe.io/ 		0
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tt.onthe.io/?k[]=41764:time[url:%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download,cdn_version:97]&s=632ae8d6a623792c016809f53c694b47&1574352768109
Requested by
Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/1eWNpP6x0acZ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.99.5.37 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-99-5-37.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:48 GMT
Server
nginx
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
/
onetag-geo.s-onetag.com/ 		23 B
436 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: beacon.s-onetag.com
URL: https://beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:a000:5:ae3a:ba00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
/
Resource Hash
ad16e1b37490fca28df99d039d6373d2fee4d894fcd279d95b90ae872f4d860f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk

Response headers

date
Thu, 21 Nov 2019 15:34:45 GMT
via
1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront), 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
age
2262
x-amzn-requestid
ffdcd3cb-0c4e-4783-8105-2f833a9fc5be
status
200
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
FRA50-C1, FRA50-C1
x-amz-apigw-id
DhA3YFr4yK4FlSA=
content-length
23
x-amz-cf-id
9wfqRh_QITd8fLNQE8c1wqjJ6kQKJvPWyHtCJqLUQUNBPpDCqyVXSg==
EU
onetag-geo-grouping.s-onetag.com/regionalbloc/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-geo-grouping.s-onetag.com/regionalbloc/EU
Requested by
Host: beacon.s-onetag.com
URL: https://beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:ac00:7:8699:e840:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
/
Resource Hash
6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk

Response headers

date
Mon, 18 Nov 2019 00:05:49 GMT
via
1.1 7ff3248f5aef149847858a974cf62b00.cloudfront.net (CloudFront), 1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
1128
age
317125
x-amzn-requestid
190a764d-5d7e-44ee-aa23-0e6993e717fe
x-cache
Hit from cloudfront
status
200
x-amzn-remapped-content-md5
V3bqcw6aFQKp3T52xvqaow==
request-id
0607467e-f390-40a1-87b5-ad45d69344cd
content-encoding
gzip
x-amz-apigw-id
DU_-sENYyK4FobQ=
x-amz-cf-id
Zkgfwe5CRv3n16xb4o45noBL5f3YW-oAGOserYE4D2RpBWYZpMq75g==
access-control-allow-headers
Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, Api-Version, Response-Time
x-amzn-remapped-server
restify
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
https://www.express.co.uk
access-control-expose-headers
api-version, content-length, content-md5, content-type, date, request-id, response-time
cache-control
max-age=3600
x-amz-cf-pop
FRA56, FRA2-C2
response-time
20
x-amzn-remapped-date
Mon, 18 Nov 2019 00:12:04 GMT
x-amzn-remapped-connection
Keep-Alive
extend
bis.vidazoo.com/event/ 		0
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bis.vidazoo.com/event/extend
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.42.51 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-165-42-51.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

Date
Thu, 21 Nov 2019 16:12:50 GMT
Via
1.1 vegur
Server
Cowboy
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Origin, DNT, X-Requested-With, Keep-Alive, Content-Type, Accept, Cache-Control, Pragma, Authorization, Content-Length, Accept-Encoding, Accept-Language
Content-Length
0
extend
bis.vidazoo.com/event/ 		0
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bis.vidazoo.com/event/extend
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.42.51 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-165-42-51.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

Date
Thu, 21 Nov 2019 16:12:51 GMT
Via
1.1 vegur
Server
Cowboy
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Origin, DNT, X-Requested-With, Keep-Alive, Content-Type, Accept, Cache-Control, Pragma, Authorization, Content-Length, Accept-Encoding, Accept-Language
Content-Length
0
metrics
metrics-collector.s-onetag.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://metrics-collector.s-onetag.com/metrics
Requested by
Host: beacon.s-onetag.com
URL: https://beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.136.134 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ab1c511d4246f7da1.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.express.co.uk
access-control-expose-headers
api-version, content-length, content-md5, content-type, date, request-id, response-time
ping
ping.chartbeat.net/ 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=express.co.uk&p=%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&u=BNGg0kDzz3NMHuQVD&d=express.co.uk&g=33715&g0=Life%20%26%20Style%2C%20Tech&g1=Aaron%20Brown&n=1&f=00001&c=0.25&x=0&m=0&y=9200&o=1585&w=1200&j=30&R=1&W=0&I=0&E=5&e=4&r=http%3A%2F%2Fshr.gs%2FkWQbz0R&b=1241&t=DrCnysCf55UXBMPdJ6CMaFK1B0_k6f&V=116&tz=-60&_vi=Here%27s%20what%20you%20should%20do%20after%20a%20Windows%2010%20upgrade&_vp=5454038390001&_vdd=video%40express.co.uk&_vs=s1&_vt=ct&_vap=&_vtn=https%3A%2F%2Fhttpsak-a.akamaihd.net%2F2540076170001%2F2540076170001_5454040540001_5454038390001-th.jpg%3FpubId%3D2540076170001%26videoId%3D5454038390001&_vd=-1&sn=3&sv=eGwBND181MFDU05kh_r5eBB2ijz3&sr=http%3A%2F%2Fshr.gs%2FkWQbz0R&sd=1&im=067b9fff&_
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.86.129.194 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-86-129-194.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

status
200
pragma
no-cache
date
Thu, 21 Nov 2019 16:12:53 GMT
cache-control
no-cache, no-store, must-revalidate
expires
0
content-length
43
content-type
image/gif
3b12ddf5-e540-41ae-9b8a-e6fdf590c9ef
https://www.express.co.uk/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.express.co.uk/3b12ddf5-e540-41ae-9b8a-e6fdf590c9ef
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.320/sbt.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee441245ef85f538030acf5e534d1cf2664c18289cec8cc0d84656ffb0e0a95d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Content-Length
1205
affef1c5-2bcc-4cac-84de-9936f08f527c
https://www.express.co.uk/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.express.co.uk/affef1c5-2bcc-4cac-84de-9936f08f527c
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.320/sbt.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8e920612ce29a3290fc2edbaab7647470f21dda35cc1a350f9b8b362fc4d3ebe

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Content-Length
1515
outbrain.js
static.vidazoo.com/basev/skins/outbrain/ 		65 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.vidazoo.com/basev/skins/outbrain/outbrain.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
fed94ed7a6761a28c636099bc32eb47cc0ac48bae44f7cf99604b839c1ff1fab

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:54 GMT
Content-Encoding
gzip
Last-Modified
Wed, 04 Sep 2019 17:00:59 GMT
ETag
"1567616459"
Access-Control-Allow-Methods
GET, OPTIONS, HEAD
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
Cache-Control
max-age=78066
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
application/javascript
Access-Control-Allow-Headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
Content-Length
18975
X-HW
1574352773.dop132.fr8.shc,1574352773.dop132.fr8.t,1574352774.cds087.fr8.c
70a43d59-4582-42f8-9408-6f439e9c7f5d
https://www.express.co.uk/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.express.co.uk/70a43d59-4582-42f8-9408-6f439e9c7f5d
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.320/sbt.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee441245ef85f538030acf5e534d1cf2664c18289cec8cc0d84656ffb0e0a95d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Content-Length
1205
b9cb68e6-c54a-4826-bed1-497f1fe0b4b5
https://www.express.co.uk/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.express.co.uk/b9cb68e6-c54a-4826-bed1-497f1fe0b4b5
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.320/sbt.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8e920612ce29a3290fc2edbaab7647470f21dda35cc1a350f9b8b362fc4d3ebe

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Content-Length
1515
pixel.gif
px.moatads.com/ 		43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&kq=1&lo=0&qs=1&ak=-&i=NANDSCONTENT1&ud=false&qm=-60&qn=6OZw%3DoHB%2CEF%3FKC1I%3Cq.bWoCSV2W0Su*TDXlCfX2iR2%25(GyHN%3DI(%2C%3Ba15lK1t!9Zp%5B)1xfq_GUKB%7BJ9AKqD(ao%5DDXx2Tlw4%26ExM_1g%2Bk6lRV%3BO5FN6tRAlTJ%3F_v%3D(tN%23V.xm9%25KMD4YP%60T11K%3E(7b%5DQ%22_KF5%5D5%2F%5BGI%3F4Y5iO%3Dn%3CG.ueM!z!18YCC2J.bq!CASw%5EXm0o(%2FLyhqFBjK7%3DuCbR%7CDoD%3DhOIs11_iCuIE)5.Efn%3Bb%25r%2F%7DMCMYUWx%3DoFj9yG3%3FjGT%22Wf%3CN%5B*XlKat.Y%7BQOuSFeAv1%7CE.fa48FJ%7B%26WQVqDgDd%2C.6m3w_2C6kFU%3BCB%5BpzR2%5E%2Cd%5B(Tr%2C..8WLdA1%3BxTiWiePpw4iqi%3CF%5BZ5*%3FVI2%2F%2B%5BoHBw24IQ%406kSP_1c%2Ceec!6t9B%2CN%3Ey)%2ChXbvU37_*NhSfBghz%5D*vOJ%23_%3DNoUA%5DRgBU_Gr1%3E%3AHuFTn%3ADXqJHZ%3BR%23y%2Ca%3Bio8bYLaXBjA%3AmQ)%3CF!tAbjrzJ%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BW5.NO)WxX*a%24%3D!L2C9WiKjOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7BlTr1W*d%5BOCF%259%3CUYoo813_xB%2CN%7CDoD%3DhA&qp=00000&qq=000000000000&qr=0&gz=0&hh=0&hn=0&qt=0&bq=0&g=2&pl=1&fl=1&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&md=0&mc=0&lb=9200&la=0&ld=0&lc=0&cw=-1&cx=-1&sh=undefined&xa=0&xb=0&xc=0&h=4&w=4&cm=1&f=0&j=http%3A%2F%2Fshr.gs&o=3&t=1574352758979&de=4526693643&cu=1574352758979&m=15288&ar=de60227-clean&cb=0&ll=2&ln=0&gh=1&qa=1600&qb=1200&qi=1600&qj=1200&qf=1600&qe=1200&qh=1600&qg=1200&lk=undefined&le=1&gm=1&io=1&ch=0&as=0&ag=0&an=0&gf=0&gg=0&aj=0&pg=0&pf=0&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&cq=0&em=0&en=0&bu=15260&cd=5179&ah=15260&am=5179&re=0&wb=1&cl=0&at=0&d=express.co.uk%3AWindows%2010%20update%20is%20packed%20with%20dangerous%20ransomware%20-%20do%20not%20download!%3A__page__%3A-&gw=nandscontent759292113&ab=1&ac=1&fd=1&kt=strict&it=500&fs=98334&na=94788135&cs=0
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
72.247.226.64 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-226-64.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:54 GMT
Last-Modified
Fri, 20 May 2016 15:16:00 GMT
Server
AkamaiNetStorage
ETag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Thu, 21 Nov 2019 16:12:54 GMT
truncated
/ 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c27b11a4844614f6d6e987fa8f18ff24e12f59abe2972869509f57f92bdac135

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Origin
https://www.express.co.uk

Response headers

Content-Type
application/x-font-ttf;charset=utf-8
prebid.js
static.vidazoo.com/basev/prebid/ Frame 62FE 		251 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.vidazoo.com/basev/prebid/prebid.js
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.320/sbt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
d17e3d8102a8180bed346a08cc4a7106c8c0e2788c95a2f8f4cd189e380a52a1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:54 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Nov 2019 16:30:16 GMT
ETag
"1573749016"
Access-Control-Allow-Methods
GET, OPTIONS, HEAD
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
Cache-Control
max-age=1048
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
application/javascript
Access-Control-Allow-Headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
Content-Length
81156
X-HW
1574352773.dop132.fr8.shc,1574352773.dop132.fr8.t,1574352774.cds087.fr8.c
prebid.js
static.vidazoo.com/basev/prebid/ Frame 8653 		251 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.vidazoo.com/basev/prebid/prebid.js
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.320/sbt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
d17e3d8102a8180bed346a08cc4a7106c8c0e2788c95a2f8f4cd189e380a52a1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:54 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Nov 2019 16:30:16 GMT
ETag
"1573749016"
Access-Control-Allow-Methods
GET, OPTIONS, HEAD
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
Cache-Control
max-age=1048
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
application/javascript
Access-Control-Allow-Headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
Content-Length
81156
X-HW
1574352773.dop132.fr8.shc,1574352773.dop132.fr8.t,1574352774.cds087.fr8.c
prebid.js
static.vidazoo.com/basev/prebid/ Frame ABB8 		251 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.vidazoo.com/basev/prebid/prebid.js
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.320/sbt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
d17e3d8102a8180bed346a08cc4a7106c8c0e2788c95a2f8f4cd189e380a52a1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:54 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Nov 2019 16:30:16 GMT
ETag
"1573749016"
Access-Control-Allow-Methods
GET, OPTIONS, HEAD
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
Cache-Control
max-age=1049
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
application/javascript
Access-Control-Allow-Headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
Content-Length
81156
X-HW
1574352774.dop022.fr8.shc,1574352774.dop022.fr8.t,1574352774.cds096.fr8.c
prebid.js
static.vidazoo.com/basev/prebid/ Frame BF48 		251 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.vidazoo.com/basev/prebid/prebid.js
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.320/sbt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
d17e3d8102a8180bed346a08cc4a7106c8c0e2788c95a2f8f4cd189e380a52a1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:54 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Nov 2019 16:30:16 GMT
ETag
"1573749016"
Access-Control-Allow-Methods
GET, OPTIONS, HEAD
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
Cache-Control
max-age=1049
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
application/javascript
Access-Control-Allow-Headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
Content-Length
81156
X-HW
1574352774.dop022.fr8.shc,1574352774.dop022.fr8.t,1574352774.cds096.fr8.c
prebid.js
static.vidazoo.com/basev/prebid/ Frame 5089 		251 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.vidazoo.com/basev/prebid/prebid.js
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.320/sbt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
d17e3d8102a8180bed346a08cc4a7106c8c0e2788c95a2f8f4cd189e380a52a1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:54 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Nov 2019 16:30:16 GMT
ETag
"1573749016"
Access-Control-Allow-Methods
GET, OPTIONS, HEAD
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
Cache-Control
max-age=1048
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
application/javascript
Access-Control-Allow-Headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
Content-Length
81156
X-HW
1574352773.dop132.fr8.shc,1574352773.dop132.fr8.t,1574352774.cds087.fr8.c
prebid.js
static.vidazoo.com/basev/prebid/ Frame 9E4D 		251 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.vidazoo.com/basev/prebid/prebid.js
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.320/sbt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
d17e3d8102a8180bed346a08cc4a7106c8c0e2788c95a2f8f4cd189e380a52a1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:54 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Nov 2019 16:30:16 GMT
ETag
"1573749016"
Access-Control-Allow-Methods
GET, OPTIONS, HEAD
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
Cache-Control
max-age=1049
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
application/javascript
Access-Control-Allow-Headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
Content-Length
81156
X-HW
1574352774.dop022.fr8.shc,1574352774.dop022.fr8.t,1574352774.cds096.fr8.c
5a9fcd5bfe8d0f00047aaceb.mp4
inventory.vidazoo.com/5a9ea5a0225f7d0004c70045/5a9fcd5bfe8d0f00047aaceb/ 		6 KB
7 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://inventory.vidazoo.com/5a9ea5a0225f7d0004c70045/5a9fcd5bfe8d0f00047aaceb/5a9fcd5bfe8d0f00047aaceb.mp4
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
dbeb404d326e6051a0182a90d654ea370f8c1ed0684f523c1f722447787d56d6

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Range
bytes=0-

Response headers

Date
Thu, 21 Nov 2019 16:12:54 GMT
Last-Modified
Wed, 07 Mar 2018 11:30:44 GMT
Access-Control-Allow-Origin
*
ETag
"1520422244"
X-HW
1574352774.dop124.fr8.t,1574352774.cds086.fr8.shn,1574352774.cds086.fr8.c
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Range
bytes 0-5955/5956
Access-Control-Expose-Headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
Cache-Control
public, max-age=86400
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
video/mp4
Access-Control-Allow-Headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
Content-Length
5956
5a9fcd5bfe8d0f00047aaceb.mp4
inventory.vidazoo.com/5a9ea5a0225f7d0004c70045/5a9fcd5bfe8d0f00047aaceb/ 		6 KB
7 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://inventory.vidazoo.com/5a9ea5a0225f7d0004c70045/5a9fcd5bfe8d0f00047aaceb/5a9fcd5bfe8d0f00047aaceb.mp4
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
dbeb404d326e6051a0182a90d654ea370f8c1ed0684f523c1f722447787d56d6

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Range
bytes=0-

Response headers

Date
Thu, 21 Nov 2019 16:12:54 GMT
Last-Modified
Wed, 07 Mar 2018 11:30:44 GMT
Access-Control-Allow-Origin
*
ETag
"1520422244"
X-HW
1574352774.dop124.fr8.t,1574352774.cds086.fr8.shn,1574352774.cds086.fr8.c
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Range
bytes 0-5955/5956
Access-Control-Expose-Headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
Cache-Control
public, max-age=86400
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
video/mp4
Access-Control-Allow-Headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
Content-Length
5956
dt
dt.adsafeprotected.com/ 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10079&asId=6c12ae68-ea65-d35a-7a88-a468e32a6436&tv={c:uCGkMo,pingTime:15,time:15560,type:p,clog:[{piv:100,vs:i,r:,w:8,h:8,t:490},{w:1,h:1,t:5038}],es:0,sc:1,ha:1,gm:1,slTimes:{i:15560,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:490,wc:0.0.1600.1200,ac:0.12.1.1,am:i,cc:0.12.1.1,piv:100,obst:0,th:0,reas:,bkn:{piv:[15080~100],as:[4558~8.8,10522~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:428,fm:rItxJKM+11|12|13|14|15|16|17|18.10079|181|19.10079|191|1a.10079|1a1|1b.10079|1b1|1c1|1c2|1c3|1d1|1d2|1e*.10079|1e1|1e2|1f|1g|1h|1i|1j|1k|1l,idMap:1e*,rend:0,renddet:WINDOW,rmeas:0}&br=u
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.37.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
daldt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:55 GMT
X-Server-Name
dt80dal.dal.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10079&asId=6c12ae68-ea65-d35a-7a88-a468e32a6436&tv={c:uCGkMp,pingTime:15,time:15561,type:pf,clog:[{piv:100,vs:i,r:,w:8,h:8,t:490},{w:1,h:1,t:5038}],es:0,sc:1,ha:1,gm:1,slTimes:{i:15561,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:490,wc:0.0.1600.1200,ac:0.12.1.1,am:i,cc:0.12.1.1,piv:100,obst:0,th:0,reas:,bkn:{piv:[15081~100],as:[4558~8.8,10523~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:428,fm:rItxJKM+11|12|13|14|15|16|17|18.10079|181|19.10079|191|1a.10079|1a1|1b.10079|1b1|1c1|1c2|1c3|1d1|1d2|1e*.10079|1e1|1e2|1f|1g|1h|1i|1j|1k|1l,idMap:1e*,rend:0,renddet:WINDOW,rmeas:0}&br=u
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.37.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
daldt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:55 GMT
X-Server-Name
dt84dal.dal.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10079&asId=dbfa49f7-57d7-5b9a-c98f-435a2cb1896e&tv={c:uCGkMX,pingTime:15,time:15593,type:p,clog:[{piv:100,vs:i,r:,w:970,h:250,t:514}],es:0,sc:1,ha:1,gm:1,slTimes:{i:15593,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:513,wc:0.0.1600.1200,ac:308.13.970.250,am:i,cc:308.13.970.250,piv:100,obst:0,th:0,reas:,bkn:{piv:[15095~100],as:[15095~970.250]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:515,fm:rItxJKM+11|12|13|14|15|16|17|18*.10079|181|19.10079|191|1a.10079|1a1|1b.10079|1b1|1c1|1c2|1c3|1d1|1d2|1e.10079|1e1|1e2|1e3|1f|1g|1h|1i|1j|1k|1l,idMap:18*,rend:0,renddet:DIV,rmeas:0}&br=u
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.37.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
daldt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:55 GMT
X-Server-Name
dt61dal.dal.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10079&asId=dbfa49f7-57d7-5b9a-c98f-435a2cb1896e&tv={c:uCGkMX,pingTime:15,time:15593,type:pf,clog:[{piv:100,vs:i,r:,w:970,h:250,t:514}],es:0,sc:1,ha:1,gm:1,slTimes:{i:15594,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:513,wc:0.0.1600.1200,ac:308.13.970.250,am:i,cc:308.13.970.250,piv:100,obst:0,th:0,reas:,bkn:{piv:[15096~100],as:[15096~970.250]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:515,fm:rItxJKM+11|12|13|14|15|16|17|18*.10079|181|19.10079|191|1a.10079|1a1|1b.10079|1b1|1c1|1c2|1c3|1d1|1d2|1e.10079|1e1|1e2|1e3|1f|1g|1h|1i|1j|1k|1l,idMap:18*,rend:0,renddet:DIV,rmeas:0}&br=u
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.37.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
daldt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:55 GMT
X-Server-Name
dt80dal.dal.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10079&asId=57e1b388-bcb3-34ad-a728-5d851db28235&tv={c:uCGkNu,pingTime:15,time:15609,type:p,clog:[{piv:100,vs:i,r:,w:300,h:600,t:533},{piv:81,t:15008}],es:0,sc:1,ha:1,gm:1,slTimes:{i:15609,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:533,wc:0.0.1600.1200,ac:948.712.300.600,am:i,cc:948.712.300.600,piv:81,obst:0,th:0,reas:,bkn:{piv:[14487~100,601~75],as:[15088~300.600]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:619,fm:rItxJKO+11|12|13|14|15|16|17|18.10079|181|182|19*.10079|191|1a.10079|1a1|1b.10079|1b1|1c1|1c2|1c3|1d1|1d2|1e1|1e2|1e3|1f|1g|1h|1i|1j|1k|1l,idMap:19*,rend:0,renddet:DIV,rmeas:0}&br=u
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.37.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
daldt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:55 GMT
X-Server-Name
dt84dal.dal.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
Cookie set obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame EF20 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.215 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-225-215.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Host
widgets.outbrain.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Accept-Encoding
gzip, deflate, br
Cookie
obuid=8d70a77c-fe37-4c97-83f5-563d77f6ae19; recs_b3ba3fd2d24bb96a4531818531d757a2=0B2511542391A2476040462A2472296267A2503199273A2448313276AC1B1925901673A2241805968A2091974558A2259673206A2262793391A2468442038A2493897833A2231897664A2269058408A1848435813A2443705321A2523678243AC2B2361454795A2247340961A2452877848A2491246006A1956936647A2158537959A2316481209A2292686762A2218461765A2434433863A2115091720A2253901874A2449409964A2380630721AC6B2119761835A2109338635ACD1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download

Response headers

Server
Apache
ETag
"06266b158cc1a0b89268d5a7103a27c4:1503211501"
Last-Modified
Sun, 20 Aug 2017 06:45:01 GMT
Accept-Ranges
bytes
Content-Type
text/html
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
271
Cache-Control
max-age=604800
Date
Thu, 21 Nov 2019 16:12:56 GMT
Connection
keep-alive
Timing-Allow-Origin
*
Access-Control-Allow-Credentials
false
Access-Control-Allow-Methods
GET,POST
Access-Control-Allow-Origin
*
Set-Cookie
akacd_widgets_routing=3751805575~rv=50~id=fae2cd78118fe49a1b6ce8da8f691d52; path=/;
Cookie set obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 7E96 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.215 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-225-215.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Host
widgets.outbrain.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Accept-Encoding
gzip, deflate, br
Cookie
obuid=8d70a77c-fe37-4c97-83f5-563d77f6ae19; recs_b3ba3fd2d24bb96a4531818531d757a2=0B2511542391A2476040462A2472296267A2503199273A2448313276AC1B1925901673A2241805968A2091974558A2259673206A2262793391A2468442038A2493897833A2231897664A2269058408A1848435813A2443705321A2523678243AC2B2361454795A2247340961A2452877848A2491246006A1956936647A2158537959A2316481209A2292686762A2218461765A2434433863A2115091720A2253901874A2449409964A2380630721AC6B2119761835A2109338635ACD1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download

Response headers

Server
Apache
ETag
"06266b158cc1a0b89268d5a7103a27c4:1503211501"
Last-Modified
Sun, 20 Aug 2017 06:45:01 GMT
Accept-Ranges
bytes
Content-Type
text/html
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
271
Cache-Control
max-age=604800
Date
Thu, 21 Nov 2019 16:12:56 GMT
Connection
keep-alive
Timing-Allow-Origin
*
Access-Control-Allow-Credentials
false
Access-Control-Allow-Methods
GET,POST
Access-Control-Allow-Origin
*
Set-Cookie
akacd_widgets_routing=3751805575~rv=96~id=244213f3f5261ff85cd4df81ab60c405; path=/;
Cookie set obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 7B2B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.215 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-225-215.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Host
widgets.outbrain.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Accept-Encoding
gzip, deflate, br
Cookie
obuid=8d70a77c-fe37-4c97-83f5-563d77f6ae19; recs_b3ba3fd2d24bb96a4531818531d757a2=0B2511542391A2476040462A2472296267A2503199273A2448313276AC1B1925901673A2241805968A2091974558A2259673206A2262793391A2468442038A2493897833A2231897664A2269058408A1848435813A2443705321A2523678243AC2B2361454795A2247340961A2452877848A2491246006A1956936647A2158537959A2316481209A2292686762A2218461765A2434433863A2115091720A2253901874A2449409964A2380630721AC6B2119761835A2109338635ACD1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download

Response headers

Server
Apache
ETag
"06266b158cc1a0b89268d5a7103a27c4:1503211501"
Last-Modified
Sun, 20 Aug 2017 06:45:01 GMT
Accept-Ranges
bytes
Content-Type
text/html
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
271
Cache-Control
max-age=604800
Date
Thu, 21 Nov 2019 16:12:56 GMT
Connection
keep-alive
Timing-Allow-Origin
*
Access-Control-Allow-Credentials
false
Access-Control-Allow-Methods
GET,POST
Access-Control-Allow-Origin
*
Set-Cookie
akacd_widgets_routing=3751805575~rv=71~id=624a549e5f8ebb8d239866f703985a15; path=/;
Cookie set obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame B38F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.215 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-225-215.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Host
widgets.outbrain.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Accept-Encoding
gzip, deflate, br
Cookie
obuid=8d70a77c-fe37-4c97-83f5-563d77f6ae19; recs_b3ba3fd2d24bb96a4531818531d757a2=0B2511542391A2476040462A2472296267A2503199273A2448313276AC1B1925901673A2241805968A2091974558A2259673206A2262793391A2468442038A2493897833A2231897664A2269058408A1848435813A2443705321A2523678243AC2B2361454795A2247340961A2452877848A2491246006A1956936647A2158537959A2316481209A2292686762A2218461765A2434433863A2115091720A2253901874A2449409964A2380630721AC6B2119761835A2109338635ACD1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download

Response headers

Server
Apache
ETag
"06266b158cc1a0b89268d5a7103a27c4:1503211501"
Last-Modified
Sun, 20 Aug 2017 06:45:01 GMT
Accept-Ranges
bytes
Content-Type
text/html
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
271
Cache-Control
max-age=604800
Date
Thu, 21 Nov 2019 16:12:56 GMT
Connection
keep-alive
Timing-Allow-Origin
*
Access-Control-Allow-Credentials
false
Access-Control-Allow-Methods
GET,POST
Access-Control-Allow-Origin
*
Set-Cookie
akacd_widgets_routing=3751805575~rv=50~id=fae2cd78118fe49a1b6ce8da8f691d52; path=/;
l
mcdp-chidc2.outbrain.com/ 		4 B
376 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcdp-chidc2.outbrain.com/l?token=2edba73094774c4f29bf8e908c5a8ea7_511_1574352776015&tm=18044&eT=0&widgetWidth=590&widgetHeight=907&widgetX=323&widgetY=5160&wRV=104086&pVis=1&lsd=8d70a77c-fe37-4c97-83f5-563d77f6ae19&eIdx=&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.31.142.63 Chicago, United States, ASN22075 (AS-OUTBRAIN - Outbrain, Inc., US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk

Response headers

Date
Thu, 21 Nov 2019 16:12:56 GMT
content-encoding
gzip
Strict-Transport-Security
max-age=0; includeSubDomains;
Content-Type
application/json; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
content-range
Connection
close
X-TraceId
542512afc3a75a1a76e53c5eec13bef
Content-Length
30
l
mcdp-chidc2.outbrain.com/ 		4 B
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcdp-chidc2.outbrain.com/l?token=0abd0d83306e39f1f2a01f4dedfaf0d8_511_1574352776212&tm=18047&eT=0&widgetWidth=590&widgetHeight=298&widgetX=323&widgetY=6086&wRV=104086&pVis=1&lsd=8d70a77c-fe37-4c97-83f5-563d77f6ae19&eIdx=&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.31.142.63 Chicago, United States, ASN22075 (AS-OUTBRAIN - Outbrain, Inc., US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk

Response headers

Date
Thu, 21 Nov 2019 16:12:56 GMT
content-encoding
gzip
Strict-Transport-Security
max-age=0; includeSubDomains;
Content-Type
application/json; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
content-range
Connection
close
X-TraceId
c54539de3e54c31f0803bd868aab172f
Content-Length
30
extend
bis.vidazoo.com/event/ 		0
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bis.vidazoo.com/event/extend
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/vpt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.42.51 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-165-42-51.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://www.express.co.uk
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

Date
Thu, 21 Nov 2019 16:12:57 GMT
Via
1.1 vegur
Server
Cowboy
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Origin, DNT, X-Requested-With, Keep-Alive, Content-Type, Accept, Cache-Control, Pragma, Authorization, Content-Length, Accept-Encoding, Accept-Language
Content-Length
0
json
server.vidazoo.com/campaigns/5a9ea5a0225f7d0004c70045/5ae0a5c0da5fdd00042f78f5/ 		0
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://server.vidazoo.com/campaigns/5a9ea5a0225f7d0004c70045/5ae0a5c0da5fdd00042f78f5/json
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/vpt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.27.247 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-236-27-247.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://www.express.co.uk
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

Date
Thu, 21 Nov 2019 16:12:56 GMT
Via
1.1 vegur
Server
Cowboy
Access-Control-Allow-Origin
https://www.express.co.uk
Cache-Control
max-age=0, no-cache, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
Content-Length
0
json
server.vidazoo.com/campaigns/5a9ea5a0225f7d0004c70045/5ae0a5c0da5fdd00042f78f5/ 		26 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://server.vidazoo.com/campaigns/5a9ea5a0225f7d0004c70045/5ae0a5c0da5fdd00042f78f5/json
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.27.247 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-236-27-247.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
fc10b14ea69671f25f11ef1eadd874f3efa7dbfc109a5600f682a91614c9aee2

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

Date
Thu, 21 Nov 2019 16:12:57 GMT
Content-Encoding
gzip
Server
Cowboy
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.express.co.uk
Cache-Control
max-age=0, no-cache, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
Content-Length
13825
Via
1.1 vegur
extend
bis.vidazoo.com/event/ 		0
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bis.vidazoo.com/event/extend
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.42.51 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-165-42-51.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

Date
Thu, 21 Nov 2019 16:12:57 GMT
Via
1.1 vegur
Server
Cowboy
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Origin, DNT, X-Requested-With, Keep-Alive, Content-Type, Accept, Cache-Control, Pragma, Authorization, Content-Length, Accept-Encoding, Accept-Language
Content-Length
0
0d8370c4-06dc-4d98-b327-1475df0e60fe
https://www.express.co.uk/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.express.co.uk/0d8370c4-06dc-4d98-b327-1475df0e60fe
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.320/sbt.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee441245ef85f538030acf5e534d1cf2664c18289cec8cc0d84656ffb0e0a95d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Content-Length
1205
8b468cf2-83ed-4ab4-a813-56583bb1f219
https://www.express.co.uk/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.express.co.uk/8b468cf2-83ed-4ab4-a813-56583bb1f219
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.320/sbt.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8e920612ce29a3290fc2edbaab7647470f21dda35cc1a350f9b8b362fc4d3ebe

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Content-Length
1515
prebid.js
static.vidazoo.com/basev/prebid/ Frame EFAD 		251 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.vidazoo.com/basev/prebid/prebid.js
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.320/sbt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
d17e3d8102a8180bed346a08cc4a7106c8c0e2788c95a2f8f4cd189e380a52a1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:58 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Nov 2019 16:30:16 GMT
ETag
"1573749016"
Access-Control-Allow-Methods
GET, OPTIONS, HEAD
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
Cache-Control
max-age=1045
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
application/javascript
Access-Control-Allow-Headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
Content-Length
81156
X-HW
1574352774.dop022.fr8.shc,1574352774.dop022.fr8.t,1574352778.cds096.fr8.c
prebid.js
static.vidazoo.com/basev/prebid/ Frame 15CD 		251 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.vidazoo.com/basev/prebid/prebid.js
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.320/sbt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
d17e3d8102a8180bed346a08cc4a7106c8c0e2788c95a2f8f4cd189e380a52a1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:58 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Nov 2019 16:30:16 GMT
ETag
"1573749016"
Access-Control-Allow-Methods
GET, OPTIONS, HEAD
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
Cache-Control
max-age=1045
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
application/javascript
Access-Control-Allow-Headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
Content-Length
81156
X-HW
1574352774.dop022.fr8.shc,1574352774.dop022.fr8.t,1574352778.cds096.fr8.c
prebid.js
static.vidazoo.com/basev/prebid/ Frame 4161 		251 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.vidazoo.com/basev/prebid/prebid.js
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.320/sbt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
d17e3d8102a8180bed346a08cc4a7106c8c0e2788c95a2f8f4cd189e380a52a1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:58 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Nov 2019 16:30:16 GMT
ETag
"1573749016"
Access-Control-Allow-Methods
GET, OPTIONS, HEAD
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
Cache-Control
max-age=1045
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
application/javascript
Access-Control-Allow-Headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
Content-Length
81156
X-HW
1574352774.dop022.fr8.shc,1574352774.dop022.fr8.t,1574352778.cds096.fr8.c
/
tt.onthe.io/ 		0
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tt.onthe.io/?k[]=41764:time[url:%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download,cdn_version:97]&s=632ae8d6a623792c016809f53c694b47&1574352778197
Requested by
Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/1eWNpP6x0acZ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.99.5.37 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-99-5-37.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:12:58 GMT
Server
nginx
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
/
graph.facebook.com/ 		428 B
689 B 		Script
General
Check archive.org
Download Go to
Full URL
https://graph.facebook.com/?ids=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&fields=og_object{engagement{count}}&callback=gig_pc_facebook_1574352759002_7274930915779079
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:800e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
225e2a41aded3958785bad8a90877272246e1e78f672019cfa2f1ffd95e514f2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-app-usage
{"call_count":0,"total_cputime":0,"total_time":0}
status
200
date
Thu, 21 Nov 2019 16:12:59 GMT
x-fb-rev
1001459919
alt-svc
h3-23=":443"; ma=3600
content-length
217
pragma
no-cache
x-fb-debug
nwHNwmMIo2+I3ciWctF3W9SSVVHrTT8Qeuq5WDDNTc/mEDJ1o2lCQeBfosb7UK+uDBDSEFd1wq2fm0vQlFm4NA==
x-fb-trace-id
F9IQyKTBvkt
etag
"cbf5ba225528bf861907c6637ab3a07539ebf019"
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-fb-request-id
AGTPwc3Eurk9kBnKjdRFnzn
cache-control
private, no-cache, no-store, must-revalidate
facebook-api-version
v2.11
expires
Sat, 01 Jan 2000 00:00:00 GMT
share
www.linkedin.com/countserv/count/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.linkedin.com/countserv/count/share?format=jsonp&url=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&callback=gig_pc_linkedin_1574352759002_14330921381759998
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:f500:10:101::b93f:9101 , Ireland, ASN14413 (LINKEDIN - LinkedIn Corporation, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers
extend
bis.vidazoo.com/event/ 		0
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bis.vidazoo.com/event/extend
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/vpt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.42.51 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-165-42-51.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://www.express.co.uk
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

Date
Thu, 21 Nov 2019 16:12:59 GMT
Via
1.1 vegur
Server
Cowboy
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Origin, DNT, X-Requested-With, Keep-Alive, Content-Type, Accept, Cache-Control, Pragma, Authorization, Content-Length, Accept-Encoding, Accept-Language
Content-Length
0
json
server.vidazoo.com/campaigns/5a9ea5a0225f7d0004c70045/5ae0a5c0da5fdd00042f78f5/ 		0
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://server.vidazoo.com/campaigns/5a9ea5a0225f7d0004c70045/5ae0a5c0da5fdd00042f78f5/json
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/vpt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.27.247 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-236-27-247.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://www.express.co.uk
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

Date
Thu, 21 Nov 2019 16:12:59 GMT
Via
1.1 vegur
Server
Cowboy
Access-Control-Allow-Origin
https://www.express.co.uk
Cache-Control
max-age=0, no-cache, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
Content-Length
0
json
server.vidazoo.com/campaigns/5a9ea5a0225f7d0004c70045/5ae0a5c0da5fdd00042f78f5/ 		26 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://server.vidazoo.com/campaigns/5a9ea5a0225f7d0004c70045/5ae0a5c0da5fdd00042f78f5/json
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.27.247 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-236-27-247.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e9193268bf8d9580bb3b8b728ea5f8b3c8380ca8640c485098209f0fd1ecca83

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

Date
Thu, 21 Nov 2019 16:12:59 GMT
Content-Encoding
gzip
Server
Cowboy
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.express.co.uk
Cache-Control
max-age=0, no-cache, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
Content-Length
11462
Via
1.1 vegur
62042c90-1626-4f92-bdf2-3dc0be875f08
https://www.express.co.uk/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.express.co.uk/62042c90-1626-4f92-bdf2-3dc0be875f08
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.320/sbt.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee441245ef85f538030acf5e534d1cf2664c18289cec8cc0d84656ffb0e0a95d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Content-Length
1205
795cb0be-1eec-44db-8bab-0cf66eb2b38a
https://www.express.co.uk/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.express.co.uk/795cb0be-1eec-44db-8bab-0cf66eb2b38a
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.320/sbt.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8e920612ce29a3290fc2edbaab7647470f21dda35cc1a350f9b8b362fc4d3ebe

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Content-Length
1515
extend
bis.vidazoo.com/event/ 		0
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bis.vidazoo.com/event/extend
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.42.51 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-165-42-51.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

Date
Thu, 21 Nov 2019 16:12:59 GMT
Via
1.1 vegur
Server
Cowboy
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Origin, DNT, X-Requested-With, Keep-Alive, Content-Type, Accept, Cache-Control, Pragma, Authorization, Content-Length, Accept-Encoding, Accept-Language
Content-Length
0
prebid.js
static.vidazoo.com/basev/prebid/ Frame D50F 		251 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.vidazoo.com/basev/prebid/prebid.js
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.320/sbt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
d17e3d8102a8180bed346a08cc4a7106c8c0e2788c95a2f8f4cd189e380a52a1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:59 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Nov 2019 16:30:16 GMT
ETag
"1573749016"
Access-Control-Allow-Methods
GET, OPTIONS, HEAD
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
Cache-Control
max-age=1044
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
application/javascript
Access-Control-Allow-Headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
Content-Length
81156
X-HW
1574352774.dop022.fr8.shc,1574352774.dop022.fr8.t,1574352779.cds096.fr8.c
prebid.js
static.vidazoo.com/basev/prebid/ Frame DFC1 		251 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.vidazoo.com/basev/prebid/prebid.js
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.320/sbt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
d17e3d8102a8180bed346a08cc4a7106c8c0e2788c95a2f8f4cd189e380a52a1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:59 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Nov 2019 16:30:16 GMT
ETag
"1573749016"
Access-Control-Allow-Methods
GET, OPTIONS, HEAD
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
Cache-Control
max-age=1044
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
application/javascript
Access-Control-Allow-Headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
Content-Length
81156
X-HW
1574352774.dop022.fr8.shc,1574352774.dop022.fr8.t,1574352779.cds096.fr8.c
prebid.js
static.vidazoo.com/basev/prebid/ Frame 04E1 		251 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.vidazoo.com/basev/prebid/prebid.js
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.320/sbt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
d17e3d8102a8180bed346a08cc4a7106c8c0e2788c95a2f8f4cd189e380a52a1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:12:59 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Nov 2019 16:30:16 GMT
ETag
"1573749016"
Access-Control-Allow-Methods
GET, OPTIONS, HEAD
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
Cache-Control
max-age=1044
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
application/javascript
Access-Control-Allow-Headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
Content-Length
81156
X-HW
1574352774.dop022.fr8.shc,1574352774.dop022.fr8.t,1574352779.cds096.fr8.c
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1733279525&t=event&_s=7&dl=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-545303-1&cid=155027759.1574352758&jid=2029692550&_gid=2104700690.1574352758&gjid=891373905&_v=j79&z=1728406355
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-545303-1&cid=155027759.1574352758&jid=2029692550&_v=j79&z=1728406355
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-545303-1&cid=155027759.1574352758&jid=2029692550&_v=j79&z=1728406355&slf_rd=1&random=1537033697
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-545303-1&cid=155027759.1574352758&jid=2029692550&_v=j79&z=1728406355&slf_rd=1&random=1537033697
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Nov 2019 16:13:00 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Nov 2019 16:13:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-545303-1&cid=155027759.1574352758&jid=2029692550&_v=j79&z=1728406355&slf_rd=1&random=1537033697
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v2
spotops.spot.im/spot/sp_9LMINbK9/recirculation/ 		9 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://spotops.spot.im/spot/sp_9LMINbK9/recirculation/v2?platform=Desktop&infra_version=2&day=thursday&hour=17
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.35 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ef36c3adb71500a0da0e62b4df4829cdb33f766f80b94394aca9afaddacd48b3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk
x-guid
null
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:13:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
x-spotim-bid
x-spotim-rid
vary
Accept-Encoding
content-length
2055
x-spotim-vid
pragma
no-cache
access-control-max-age
86400
access-control-allow-methods
GET, POST, DELETE, PUT, PATCH, HEAD, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.express.co.uk
access-control-expose-headers
x-spotim-bid, x-spotim-rid, x-spotim-token, x-spotim-networkid, x-spotim-spotid, x-spotim-vid
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
access-control-allow-headers
x-spotim-bid, x-spotim-rid, x-spotim-token, x-spotim-networkid, x-spotim-spotid, x-spotim-vid, Content-Type, x-spotim-page-view-id, x-spotim-source, x-spotim-device-uuid
expires
Thu, 21 Nov 2019 16:13:01 GMT
pitc
api-gw.spot.im/v1.0.0/feed/spot/sp_9LMINbK9/post/1207000/ 		61 KB
16 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-gw.spot.im/v1.0.0/feed/spot/sp_9LMINbK9/post/1207000/pitc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.224.137.133 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-224-137-133.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
6b24e003006d3d34590fc878133e800757de97630081cf4366a22cad498d0505

Request headers

Origin
https://www.express.co.uk
x-post-id
1207000
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type
application/json
Accept
application/json
x-spot-id
sp_9LMINbK9
x-spotim-page-view-id
90a691a6-1241-4b2c-8028-9bfeb1891d94
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download

Response headers

date
Thu, 21 Nov 2019 16:13:01 GMT
content-encoding
gzip
x-spotim-device-uuid
d7636a5d-f034-4d3b-8808-bdc3004029cb
x-envoy-upstream-service-time
119
Connection
keep-alive
x-access-token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6IiIsInVzZXJfaWQiOiJ1XzN4OUk5bGpoQjNadiIsImRpc3BsYXlfbmFtZSI6Ikd1ZXN0Njg4MjkwIiwidXNlcl9uYW1lIjoiR3Vlc3Q2ODgyOTAiLCJyZWdpc3RlcmVkIjpmYWxzZSwiaW1hZ2VfaWQiOiIvdXNlcnMvYXZhdGFycy9EZWZhdWx0Iiwicm9sZXMiOltdLCJzcG90X2lkIjoic3BfOUxNSU5iSzkiLCJsYXN0X2NoZWNrIjoxNTc0MzUyNzgxLCJ2ZXJzaW9uIjoyLCJ4LXNwb3RpbS10b2tlbiI6IjAxMTkxMTIxR2pyRFlyIiwicGVybWlzc2lvbnMiOm51bGwsInNwb3RpbS1kZXZpY2UtdjIiOiJkXzVFME5jaEQzM3JzeDFuaDRFNkU2IiwibmV0d29yayI6eyJuZXR3b3JrX2lkIjoibmV0X2V4cHJlc3MiLCJuZXR3b3JrX25hbWUiOiJFWFBSRVNTIiwibmV0d29ya19pbWFnZV9pZCI6IkV4cHJlc3NfR3JvdXAtMl90aXNyanYiLCJuZXR3b3JrX2NvbG9yIjoiI2JiMWEwMCJ9LCJzcG90X25hbWUiOiIiLCJkb21haW4iOiIiLCJyb2xlc19udW1iZXIiOjAsImV4cCI6MTYwMjc3NDc4MSwic3ViIjoidV8zeDlJOWxqaEIzWnYifQ.CxUVo7SISr46krp4cYWXiW5H6rHqWpD2-u3hG9cUBvQ
Content-Length
13493
x-spotim-token
01191121GjrDYr
x-request-id
317d70d2-8324-46de-9c63-69f25241b863
x-guid
d7636a5d-f034-4d3b-8808-bdc3004029cb
server
istio-envoy
x-spotim-networkid
net_express
x-spotim-device-v2
d_5E0NchD33rsx1nh4E6E6
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.express.co.uk
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-spotim-device-v2, x-spotim-device-uuid
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 22AE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.32 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-225-32.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download

Response headers

Last-Modified
Tue, 12 Nov 2019 06:59:14 GMT
ETag
"1300708-22d9-59720c93e311c"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
3492
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=139913
Expires
Sat, 23 Nov 2019 07:04:54 GMT
Date
Thu, 21 Nov 2019 16:13:01 GMT
Connection
keep-alive
Vary
Accept-Encoding
Cookie set usermatch
ssum.casalemedia.com/ Frame E20D
Redirect Chain
  • https://ssum.casalemedia.com/usermatch?s=190532&cb=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D301804%26extuid%3D
  • https://ssum.casalemedia.com/usermatch?s=190532&cb=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D301804%26extuid%3D&C=1
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190532&cb=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D301804%26extuid%3D&C=1
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.98 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-225-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Host
ssum.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Accept-Encoding
gzip, deflate, br
Cookie
CMID=Xda3jVVbLHQAADloBKsAAABh; CMPS=3184
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download

Response headers

Server
Apache
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html
Expires
Thu, 21 Nov 2019 16:13:01 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Thu, 21 Nov 2019 16:13:01 GMT
Content-Length
1338
Connection
keep-alive
Set-Cookie
CMID=Xda3jVVbLHQAADloBKsAAABh;domain=casalemedia.com;path=/;expires=Fri, 20 Nov 2020 16:13:01 GMT CMPS=3184;domain=casalemedia.com;path=/;expires=Wed, 19 Feb 2020 16:13:01 GMT CMPRO=1115;domain=casalemedia.com;path=/;expires=Wed, 19 Feb 2020 16:13:01 GMT CMST=Xda3jV3Wt40A;domain=casalemedia.com;path=/;expires=Fri, 22 Nov 2019 16:13:01 GMT CMRUM3=515dd6b78d05a0&045dd6b78d05a0&275dd6b78d0b40&285dd6b78d05a00&395dd6b78d05a0&495dd6b78d05a00&335dd6b78d05a0&295dd6b78d05a00;domain=casalemedia.com;path=/;expires=Fri, 20 Nov 2020 16:13:01 GMT

Redirect headers

Server
Apache
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://ssum.casalemedia.com/usermatch?s=190532&cb=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D301804%26extuid%3D&C=1
Content-Length
321
Content-Type
text/html; charset=iso-8859-1
Expires
Thu, 21 Nov 2019 16:13:01 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Thu, 21 Nov 2019 16:13:01 GMT
Connection
keep-alive
Set-Cookie
CMID=Xda3jVVbLHQAADloBKsAAABh;domain=casalemedia.com;path=/;expires=Fri, 20 Nov 2020 16:13:01 GMT CMPS=3184;domain=casalemedia.com;path=/;expires=Wed, 19 Feb 2020 16:13:01 GMT
index.v2.html
dynamic-cdn.spot.im/yad/ Frame 0B70 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://dynamic-cdn.spot.im/yad/index.v2.html
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.32 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-32.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash

Request headers

:method
GET
:authority
dynamic-cdn.spot.im
:scheme
https
:path
/yad/index.v2.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download

Response headers

status
200
content-type
text/html
last-modified
Mon, 25 Jun 2018 15:09:28 GMT
x-amz-version-id
YnGh6QYQ2LhhP2fm4NwaoqcMm4wJ3om_
server
AmazonS3
content-encoding
gzip
vary
Accept-Encoding
x-amz-cf-pop
FRA56
x-amz-cf-id
Qdvjq2gNi1rvkqFDQUZNsiigE1mej99LB4ISayBcmKycp_G3xSjNDw==
cache-control
max-age=282
expires
Thu, 21 Nov 2019 16:17:43 GMT
date
Thu, 21 Nov 2019 16:13:01 GMT
content-length
1784
csync
sync.spotim.market/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D271858%26extuid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.spotim.market%252Fcsync%253Ft%253Da%2526ep%253D271858%2526extuid%253D%2524UID
  • https://sync.spotim.market/csync?t=a&ep=271858&extuid=2277675776462304903
86 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=271858&extuid=2277675776462304903
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.adtelligent3-tmp.cc.colocall.com
Software
Adtelligent 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:13:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
Adtelligent 1.0
Content-Length
86
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:13:03 GMT
AN-X-Request-Uuid
6ce407f6-e3f5-4aee-9d48-03c319df418d
Content-Type
text/html; charset=utf-8
Server
nginx/1.13.4
Location
https://sync.spotim.market/csync?t=a&ep=271858&extuid=2277675776462304903
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
89.38.96.190; 89.38.96.190; 311.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.135:80
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
partner
sync.search.spotxchange.com/
Redirect Chain
  • https://sync.search.spotxchange.com/partner?source=211945
  • https://sync.search.spotxchange.com/partner?source=211945&__user_check__=1&sync_id=ca6104f2-0c79-11ea-a743-180e33a52006
0
562 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?source=211945&__user_check__=1&sync_id=ca6104f2-0c79-11ea-a743-180e33a52006
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.94.180.125 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

x-spotx-halt-type
Audience Dsp sync Priority Sync endpoint Source ID is not on enabled source whitelist
Date
Thu, 21 Nov 2019 16:13:01 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
91
Connection
keep-alive
Content-Length
0

Redirect headers

Date
Thu, 21 Nov 2019 16:13:01 GMT
Server
nginx
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, OPTIONS
Location
/partner?source=211945&__user_check__=1&sync_id=ca6104f2-0c79-11ea-a743-180e33a52006
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
59
Connection
keep-alive
Content-Length
0
sync
pixel.advertising.com/ups/58196/ 		0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.advertising.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.60.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-158-60-52.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

status
204
date
Thu, 21 Nov 2019 16:13:01 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
sync.spotim.market/csync/
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%2F%3Ft%3Da%26ep%3D301276%26extuid%3D%24SPOTX_USER_ID%20
  • https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%2F%3Ft%3Da%26ep%3D301276%26extuid%3D%24SPOTX_USER_ID%20&__user_check__=1&sync_id=ca613413-0c79...
  • https://sync.spotim.market/csync/?t=a&ep=301276&extuid=ca6133b7-0c79-11ea-84c8-1a27ea401506
86 B
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync/?t=a&ep=301276&extuid=ca6133b7-0c79-11ea-84c8-1a27ea401506
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.adtelligent3-tmp.cc.colocall.com
Software
Adtelligent 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:13:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
Adtelligent 1.0
Content-Length
86
Content-Type
image/gif

Redirect headers

Date
Thu, 21 Nov 2019 16:13:01 GMT
Server
nginx
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, OPTIONS
Location
https://sync.spotim.market/csync/?t=a&ep=301276&extuid=ca6133b7-0c79-11ea-84c8-1a27ea401506
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
46
Connection
keep-alive
Content-Length
0
pixel
pix.spot.im/api/v1/ 		0
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pix.spot.im/api/v1/pixel?m=eyJzb3VyY2UiOiJwaXRjIiwidHlwZSI6ImVuZ2luZV9zdGF0dXMiLCJkb21haW4iOiJ3d3cuZXhwcmVzcy5jby51ayIsInVybCI6Imh0dHBzOi8vd3d3LmV4cHJlc3MuY28udWsvbGlmZS1zdHlsZS9zY2llbmNlLXRlY2hub2xvZ3kvMTIwNzAwMC9XaW5kb3dzLTEwLVVwZGF0ZS1SYW5zb213YXJlLURvLU5vdC1Eb3dubG9hZCIsInJlZmVycmVyIjoiaHR0cDovL3Noci5ncy9rV1FiejBSIiwibGFuZyI6ImVuLVVTIiwidGltZV9kZWx0YSI6MjM5MzksInVpZCI6ImZjNjliMDJiYzllNDM0ZmFkMGE5YzMyODU5NmFiNmQzIiwidmlzaXRfaWQiOiJjYWQwNTZhNTMzNGU0ZGJkYTVhNTRlMjg1NzAwODc1ZiIsImR1cmF0aW9uIjowLCJpYl9icm93c2VyX2lkIjoiMzRjYjE0MmNiY2I5ODE4M2E4ZjdhOTc4MzQ1MmIxNGYiLCJwYWdlX3ZpZXdfaWQiOiI5MGE2OTFhNi0xMjQxLTRiMmMtODAyOC05YmZlYjE4OTFkOTQiLCJzcG90X2lkIjoic3BfOUxNSU5iSzkiLCJjb252ZXJzYXRpb25faWQiOiJzcF85TE1JTmJLOV8xMjA3MDAwIiwicm93IjoxLCJlbmdpbmVfc3RhdHVzIjoiZW5naW5lLW1vbmV0aXphdGlvbi1sb2FkIiwidGFyZ2V0X2lkIjoiSnJkMXQyQjNzVzlRdmpnSDBmUjJ2dz09In0%3D&rnd=0.24041768562379584
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/popular-in-the-community/popular-in-the-community-bundle-1c394e7b45d3769f38a5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.16 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-16.deploy.static.akamaitechnologies.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
GET
Origin
https://www.express.co.uk
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Access-Control-Request-Headers
x-spotim-device-uuid,x-spotim-page-view-id

Response headers

pragma
no-cache
date
Thu, 21 Nov 2019 16:13:01 GMT
server
fasthttp
access-control-allow-origin
https://www.express.co.uk
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
status
200
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
access-control-allow-headers
content-type, x-spotim-device-uuid, x-spotim-page-view-id, x-spotim-source, x-xsrf-token
content-length
0
expires
Thu, 21 Nov 2019 16:13:01 GMT
pixel
pix.spot.im/api/v1/ 		16 B
429 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pix.spot.im/api/v1/pixel?m=eyJzb3VyY2UiOiJwaXRjIiwidHlwZSI6ImVuZ2luZV9zdGF0dXMiLCJkb21haW4iOiJ3d3cuZXhwcmVzcy5jby51ayIsInVybCI6Imh0dHBzOi8vd3d3LmV4cHJlc3MuY28udWsvbGlmZS1zdHlsZS9zY2llbmNlLXRlY2hub2xvZ3kvMTIwNzAwMC9XaW5kb3dzLTEwLVVwZGF0ZS1SYW5zb213YXJlLURvLU5vdC1Eb3dubG9hZCIsInJlZmVycmVyIjoiaHR0cDovL3Noci5ncy9rV1FiejBSIiwibGFuZyI6ImVuLVVTIiwidGltZV9kZWx0YSI6MjM5MzksInVpZCI6ImZjNjliMDJiYzllNDM0ZmFkMGE5YzMyODU5NmFiNmQzIiwidmlzaXRfaWQiOiJjYWQwNTZhNTMzNGU0ZGJkYTVhNTRlMjg1NzAwODc1ZiIsImR1cmF0aW9uIjowLCJpYl9icm93c2VyX2lkIjoiMzRjYjE0MmNiY2I5ODE4M2E4ZjdhOTc4MzQ1MmIxNGYiLCJwYWdlX3ZpZXdfaWQiOiI5MGE2OTFhNi0xMjQxLTRiMmMtODAyOC05YmZlYjE4OTFkOTQiLCJzcG90X2lkIjoic3BfOUxNSU5iSzkiLCJjb252ZXJzYXRpb25faWQiOiJzcF85TE1JTmJLOV8xMjA3MDAwIiwicm93IjoxLCJlbmdpbmVfc3RhdHVzIjoiZW5naW5lLW1vbmV0aXphdGlvbi1sb2FkIiwidGFyZ2V0X2lkIjoiSnJkMXQyQjNzVzlRdmpnSDBmUjJ2dz09In0%3D&rnd=0.24041768562379584
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.9 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
fasthttp /
Resource Hash
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
x-spotim-device-uuid
undefined
x-spotim-page-view-id
90a691a6-1241-4b2c-8028-9bfeb1891d94
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Origin
https://www.express.co.uk

Response headers

pragma
no-cache
date
Thu, 21 Nov 2019 16:13:01 GMT
server
fasthttp
status
200
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.express.co.uk
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
access-control-allow-headers
content-type, x-spotim-device-uuid, x-spotim-page-view-id, x-spotim-source, x-xsrf-token
content-length
16
expires
Thu, 21 Nov 2019 16:13:01 GMT
Default
images.spot.im/image/upload/f_png,w_60,h_60//users/avatars/ 		689 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.spot.im/image/upload/f_png,w_60,h_60//users/avatars/Default
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.9 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
bd803162e3584688ff56ca8d92c35e45afa73365e6686dd94aa21120f0a3da05

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:13:02 GMT
content-encoding
gzip
status
200, 200 OK
server-timing
akam;dur=36;start=2019-09-26T15:03:31.894Z;total=2114;desc=miss,rtt;dur=1
content-length
712
x-request-id
b3b1f0d86afd5384
surrogate-key
268046594891881248488411371492607257864 107492541232960178544593525054382233393 5dae0ce85ee661e931f6926af99c713d
last-modified
Thu, 26 Sep 2019 15:03:34 GMT
server
cloudinary
etag
"65b39b303777d31ec59b6264aae23195"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
expires
Fri, 20 Nov 2020 16:13:02 GMT
vviaywiynvu0qr8owfdd
images.spot.im/image/upload/f_png,w_60,h_60/p/u/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.spot.im/image/upload/f_png,w_60,h_60/p/u/vviaywiynvu0qr8owfdd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.9 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
Cloudinary /
Resource Hash
b6a4269284836ba08337a9cc5b21b0b7e87669c1f781700afab0a19bdf258093
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
status
200
date
Thu, 21 Nov 2019 16:13:02 GMT
server-timing
akam;dur=57;start=2019-11-18T18:43:48.192Z;total=766;desc=miss,rtt;dur=2,cloudinary;dur=634;start=2019-11-18T18:43:48.251Z,cld-id;desc=f26c9740900a5653bce040686b1be8a7
content-length
5775
x-request-id
f26c9740900a5653bce040686b1be8a7
last-modified
Mon, 18 Nov 2019 18:43:49 GMT
server
Cloudinary
etag
"454810667f5e53c850dd07d0c1233be6"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range,Server-Timing,Vary,X-Cld-Error
cache-control
public, no-transform, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 20 Nov 2020 16:13:02 GMT
zfuj02ifh7zejcryynuc
images.spot.im/image/upload/f_png,w_60,h_60/p/u/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.spot.im/image/upload/f_png,w_60,h_60/p/u/zfuj02ifh7zejcryynuc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.9 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
5ef1553e8a4417202af95d6d9336d6112ccf87f466eebff01313369cd20ca72d

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:13:02 GMT
content-encoding
gzip
status
200
server-timing
akam;dur=34;start=2019-11-11T17:45:03.936Z;total=193;desc=miss,rtt;dur=1
content-length
8515
surrogate-key
244939858096942527953039634488885182277 107492541232960178544593525054382233393 5dae0ce85ee661e931f6926af99c713d
last-modified
Tue, 29 Oct 2019 10:23:37 GMT
server
cloudinary
etag
"173a76ad09b32dbba1bcdb33718d58c4"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
expires
Fri, 20 Nov 2020 16:13:02 GMT
rfmvwqs9fh1qmd2dmtk8
images.spot.im/image/upload/f_png,w_60,h_60/p/u/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.spot.im/image/upload/f_png,w_60,h_60/p/u/rfmvwqs9fh1qmd2dmtk8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.9 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
Cloudinary /
Resource Hash
2f37e0581124ddb9831784e56dd61bf654f59c92f42868492147346eba3f3809
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
status
200
date
Thu, 21 Nov 2019 16:13:02 GMT
server-timing
akam;dur=74;start=2019-11-21T16:08:14.493Z;total=175;desc=miss,rtt;dur=0,cloudinary;dur=76;start=2019-11-21T16:08:14.564Z
content-length
9273
last-modified
Wed, 30 Oct 2019 22:54:01 GMT
server
Cloudinary
etag
"79ac9889b9c530f8f9ac4ba91a33b8b1"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range,Server-Timing,Vary,X-Cld-Error
cache-control
public, no-transform, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 20 Nov 2020 16:13:02 GMT
qs3o0zdlj5k3psujbd86
images.spot.im/image/upload/f_png,w_60,h_60/p/u/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.spot.im/image/upload/f_png,w_60,h_60/p/u/qs3o0zdlj5k3psujbd86
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.9 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
50c9da7657e618d11781a8e9d692626776623bcc6aa816cb4f4f70796e16b99f

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:13:02 GMT
content-encoding
gzip
status
200
server-timing
akam;dur=36;start=2019-11-02T14:14:24.931Z;total=117;desc=miss,rtt;dur=0
content-length
8118
surrogate-key
313259284025191224603482659968987200307 107492541232960178544593525054382233393 5dae0ce85ee661e931f6926af99c713d
last-modified
Mon, 28 Oct 2019 13:08:52 GMT
server
cloudinary
etag
"1f519067ddad01d901f0aa9cbab988a0"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
expires
Fri, 20 Nov 2020 16:13:02 GMT
npy3nm49ndpabrjclive
images.spot.im/image/upload/f_png,w_60,h_60/p/u/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.spot.im/image/upload/f_png,w_60,h_60/p/u/npy3nm49ndpabrjclive
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.9 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
ca78fc981b19edd10d4bddf32c98d6df48e269009ae7384b3f02854bae780fb9

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:13:02 GMT
content-encoding
gzip
status
200, 200 OK
server-timing
akam;dur=33;start=2019-11-06T13:39:23.807Z;total=333;desc=miss,rtt;dur=0
content-length
6979
x-request-id
bb2cde6e21514d35d4b4b88892c6dd89
surrogate-key
63794514525904368589503939364944145233 107492541232960178544593525054382233393 5dae0ce85ee661e931f6926af99c713d
last-modified
Wed, 06 Nov 2019 13:39:25 GMT
server
cloudinary
etag
"53f211dc38fb37e56640eca896ba07b7"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
expires
Fri, 20 Nov 2020 16:13:02 GMT
fjlfxatjtnpwfrmolnyc
images.spot.im/image/upload/f_png,w_60,h_60/p/u/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.spot.im/image/upload/f_png,w_60,h_60/p/u/fjlfxatjtnpwfrmolnyc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.9 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
525d9a774c9ad29cc72d901904dd05cab5ea6c7ca8c06f46b91195ef5127e864

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:13:02 GMT
content-encoding
gzip
status
200
server-timing
akam;dur=32;start=2019-11-02T20:14:32.225Z;total=84;desc=miss,rtt;dur=0
content-length
8702
surrogate-key
205846896913616907455180831863675589812 107492541232960178544593525054382233393 5dae0ce85ee661e931f6926af99c713d
last-modified
Sat, 02 Nov 2019 19:43:42 GMT
server
cloudinary
etag
"9585deaccfd5cb10b800f14f10944327"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
expires
Fri, 20 Nov 2020 16:13:02 GMT
figtjzl1p70iymqicyod
images.spot.im/h_400,f_png,q_100,fl_png8/v1/production/ 		113 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.spot.im/h_400,f_png,q_100,fl_png8/v1/production/figtjzl1p70iymqicyod
Requested by
Host: cdn.images.express.co.uk
URL: https://cdn.images.express.co.uk/theme/Responsive/js/dist/vendor-header20190523.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.9 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
Cloudinary /
Resource Hash
9dbbf8b2d9f124b2a859f570263bcf06f57af42de4abc47ce5577d1878b6fb3a
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
status
200
date
Thu, 21 Nov 2019 16:13:02 GMT
server-timing
akam;dur=318;start=2019-11-21T16:08:14.892Z;total=461;desc=hit,rtt;dur=0,cloudinary;dur=752;start=2019-11-21T16:08:14.572Z,cld-id;desc=7bc76d699b63fc63b5cd92fef4c74788
content-length
116148
x-request-id
7bc76d699b63fc63b5cd92fef4c74788
last-modified
Thu, 21 Nov 2019 16:08:16 GMT
server
Cloudinary
etag
"48275d94293ef8a3f37aade2fc6e4c75"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range,Server-Timing,Vary,X-Cld-Error
cache-control
public, no-transform, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 20 Nov 2020 16:13:02 GMT
a8aceokpkh7bifq2gv5q
images.spot.im/h_400,f_png,q_100,fl_png8/v1/production/ 		104 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.spot.im/h_400,f_png,q_100,fl_png8/v1/production/a8aceokpkh7bifq2gv5q
Requested by
Host: cdn.images.express.co.uk
URL: https://cdn.images.express.co.uk/theme/Responsive/js/dist/vendor-header20190523.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.9 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
Cloudinary /
Resource Hash
7909c48029292a928e993e588fb9f466ebd8aefe25a0f6aa13d9f3fe92c385c2
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
status
200
date
Thu, 21 Nov 2019 16:13:02 GMT
server-timing
akam;dur=1177;start=2019-11-21T14:28:15.964Z;total=23;desc=miss,rtt;dur=0,cloudinary;dur=1173;start=2019-11-21T14:28:14.752Z,cld-id;desc=f6de450da7277af64c104cd387155528
content-length
106733
x-request-id
f6de450da7277af64c104cd387155528
last-modified
Thu, 21 Nov 2019 14:28:16 GMT
server
Cloudinary
etag
"c4e4aca69ce4d4da87dad21f1b3e71f0"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range,Server-Timing,Vary,X-Cld-Error
cache-control
public, no-transform, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 20 Nov 2020 16:13:02 GMT
yawylsgy4lbkpmktkxwz
images.spot.im/h_400,f_png,q_100,fl_png8/v1/production/ 		153 KB
153 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.spot.im/h_400,f_png,q_100,fl_png8/v1/production/yawylsgy4lbkpmktkxwz
Requested by
Host: cdn.images.express.co.uk
URL: https://cdn.images.express.co.uk/theme/Responsive/js/dist/vendor-header20190523.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.9 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
Cloudinary /
Resource Hash
5066f06db75f2b7aee03cc901283f143e4bb1bc9e82c3c80a93e6be77d08a556
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
status
200
date
Thu, 21 Nov 2019 16:13:02 GMT
server-timing
akam;dur=81;start=2019-11-21T15:18:19.876Z;total=106;desc=miss,rtt;dur=0,cloudinary;dur=16;start=2019-11-21T15:18:19.966Z
content-length
156310
last-modified
Thu, 21 Nov 2019 15:18:20 GMT
server
Cloudinary
etag
"2db61a3a3f97fa3d68900f15f7ffb8e7"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range,Server-Timing,Vary,X-Cld-Error
cache-control
public, no-transform, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 20 Nov 2020 16:13:02 GMT
icgyrmknnbhmiohtad2w
images.spot.im/h_400,f_png,q_100,fl_png8/v1/production/ 		133 KB
133 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.spot.im/h_400,f_png,q_100,fl_png8/v1/production/icgyrmknnbhmiohtad2w
Requested by
Host: cdn.images.express.co.uk
URL: https://cdn.images.express.co.uk/theme/Responsive/js/dist/vendor-header20190523.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.9 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
Cloudinary /
Resource Hash
b4287ee9cf9012ea24966f8fa5945aa1053bda91a91ba9b273b043967553eee6
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
status
200
date
Thu, 21 Nov 2019 16:13:02 GMT
server-timing
akam;dur=575;start=2019-11-21T16:08:15.053Z;total=575;desc=hit,rtt;dur=0,cloudinary;dur=1029;start=2019-11-21T16:08:14.576Z,cld-id;desc=8d652dce252f62a69bca82d963104a86
content-length
135785
x-request-id
8d652dce252f62a69bca82d963104a86
last-modified
Thu, 21 Nov 2019 16:08:16 GMT
server
Cloudinary
etag
"a7c1b9cc77b7fb3f6fa6d6dd7cf3ed91"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range,Server-Timing,Vary,X-Cld-Error
cache-control
public, no-transform, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 20 Nov 2020 16:13:02 GMT
ar79jvqrabk1gks8wunj
images.spot.im/h_400,f_png,q_100,fl_png8/v1/production/ 		159 KB
160 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.spot.im/h_400,f_png,q_100,fl_png8/v1/production/ar79jvqrabk1gks8wunj
Requested by
Host: cdn.images.express.co.uk
URL: https://cdn.images.express.co.uk/theme/Responsive/js/dist/vendor-header20190523.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.9 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
Cloudinary /
Resource Hash
3d8ae5f39bb06a36e9e68c73275fa25087417f05128f3db72782c6122e5c930f
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
status
200
date
Thu, 21 Nov 2019 16:13:02 GMT
server-timing
akam;dur=64;start=2019-11-21T03:48:14.733Z;total=2153;desc=miss,rtt;dur=0,cloudinary;dur=2080;start=2019-11-21T03:48:14.798Z,cld-id;desc=a269cbc4a0a9ca14c2860ffd8c047459
content-length
162788
x-request-id
a269cbc4a0a9ca14c2860ffd8c047459
last-modified
Thu, 21 Nov 2019 03:48:17 GMT
server
Cloudinary
etag
"3b2feff30b960cbccc39b3bc316061de"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range,Server-Timing,Vary,X-Cld-Error
cache-control
public, no-transform, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 20 Nov 2020 16:13:02 GMT
beubhnmwnj68wi2cbsop
images.spot.im/h_400,f_png,q_100,fl_png8/v1/production/ 		132 KB
133 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.spot.im/h_400,f_png,q_100,fl_png8/v1/production/beubhnmwnj68wi2cbsop
Requested by
Host: cdn.images.express.co.uk
URL: https://cdn.images.express.co.uk/theme/Responsive/js/dist/vendor-header20190523.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.9 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
Cloudinary /
Resource Hash
f7592b793a924a03a1f5e468020421e2a1e10dc1914e94cdac73cc17d44a0122
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
status
200
date
Thu, 21 Nov 2019 16:13:02 GMT
server-timing
akam;dur=1105;start=2019-11-21T16:08:15.050Z;total=1105;desc=hit,rtt;dur=2,cloudinary;dur=1528;start=2019-11-21T16:08:14.570Z,cld-id;desc=f5bd96a415c0e4488492f0032ceccc22
content-length
134959
x-request-id
f5bd96a415c0e4488492f0032ceccc22
last-modified
Thu, 21 Nov 2019 16:08:17 GMT
server
Cloudinary
etag
"07ffad0ba217baf5807cd9934dd11fda"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range,Server-Timing,Vary,X-Cld-Error
cache-control
public, no-transform, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 20 Nov 2020 16:13:02 GMT
vdootodkofec0dce3tuu
images.spot.im/h_400,f_png,q_100,fl_png8/v1/production/ 		132 KB
133 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.spot.im/h_400,f_png,q_100,fl_png8/v1/production/vdootodkofec0dce3tuu
Requested by
Host: cdn.images.express.co.uk
URL: https://cdn.images.express.co.uk/theme/Responsive/js/dist/vendor-header20190523.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.9 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
Cloudinary /
Resource Hash
39453acf38633fef6a20f92762ff85bb57eadd4c95ec44b3aa032748f88f1275
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
status
200
date
Thu, 21 Nov 2019 16:13:02 GMT
server-timing
akam;dur=4;start=2019-11-21T06:28:16.155Z;total=24;desc=miss,rtt;dur=0,cloudinary;dur=20;start=2019-11-21T06:28:16.064Z
content-length
135041
last-modified
Thu, 21 Nov 2019 06:28:16 GMT
server
Cloudinary
etag
"f09319cfac9b4f3740b7cfa380d82b16"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range,Server-Timing,Vary,X-Cld-Error
cache-control
public, no-transform, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 20 Nov 2020 16:13:02 GMT
mwkbuxjxekivoxlxfbbw
images.spot.im/h_400,f_png,q_100,fl_png8/v1/production/ 		128 KB
129 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.spot.im/h_400,f_png,q_100,fl_png8/v1/production/mwkbuxjxekivoxlxfbbw
Requested by
Host: cdn.images.express.co.uk
URL: https://cdn.images.express.co.uk/theme/Responsive/js/dist/vendor-header20190523.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.9 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
Cloudinary /
Resource Hash
166d02f7ebbcb4180ed07fdbd62bf7591409acd77882eba24b18026f2a3404ba
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
status
200
date
Thu, 21 Nov 2019 16:13:02 GMT
server-timing
akam;dur=55;start=2019-11-20T21:37:43.259Z;total=88;desc=miss,rtt;dur=5,cloudinary;dur=25;start=2019-11-20T21:37:43.315Z
content-length
131017
last-modified
Wed, 20 Nov 2019 21:32:23 GMT
server
Cloudinary
etag
"8534c6d0fa3ad1b4d0692cf0dc7e58f8"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range,Server-Timing,Vary,X-Cld-Error
cache-control
public, no-transform, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 20 Nov 2020 16:13:02 GMT
sirz2ehqdrnmjnbfgqqy
images.spot.im/h_400,f_png,q_100,fl_png8/v1/production/ 		132 KB
132 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.spot.im/h_400,f_png,q_100,fl_png8/v1/production/sirz2ehqdrnmjnbfgqqy
Requested by
Host: cdn.images.express.co.uk
URL: https://cdn.images.express.co.uk/theme/Responsive/js/dist/vendor-header20190523.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.9 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
399e323389749e64d11e95c7c6838826479430ea88acfe28ce6ee7b9947143a8

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:13:02 GMT
content-encoding
gzip
status
200
server-timing
akam;dur=33;start=2019-11-08T21:08:15.331Z;total=82;desc=miss,rtt;dur=0
content-length
134744
surrogate-key
131440268138655892111547858134882574009 205021692924661876158409687097991646654 5dae0ce85ee661e931f6926af99c713d
last-modified
Fri, 08 Nov 2019 18:30:29 GMT
server
cloudinary
etag
"72141f70214d55066077787f55692e9f"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
expires
Fri, 20 Nov 2020 16:13:02 GMT
sr.bladex.js
sdk.streamrail.com/blade/ 		423 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.streamrail.com/blade/sr.bladex.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/popular-in-the-community/popular-in-the-community-bundle-1c394e7b45d3769f38a5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:800:c:492d:cd80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d6496a87b4643aebb5ac8356ec6e9d2a28cafb578de76cc7b7ac2f1737380b97

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:10:37 GMT
content-encoding
gzip
last-modified
Mon, 11 Nov 2019 15:13:43 GMT
server
AmazonS3
age
146
etag
"10511f6aa98c1c495450f16e9b643f37"
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=1200, public
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
113674
via
1.1 71dbd5706c5b0c7b733248e1171f2d4f.cloudfront.net (CloudFront)
x-amz-cf-id
8tSPwgI0JnHb_NIACA02jKRKVfg03JsnDwlU_gaHHEs3EL-yQ4R6iA==
Default
images.spot.im/image/upload/f_png,w_60,h_60//users/avatars/ 		689 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.spot.im/image/upload/f_png,w_60,h_60//users/avatars/Default
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v2.9.4/vendor/vendor-bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.9 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
bd803162e3584688ff56ca8d92c35e45afa73365e6686dd94aa21120f0a3da05

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:13:02 GMT
content-encoding
gzip
status
200, 200 OK
server-timing
akam;dur=36;start=2019-09-26T15:03:31.894Z;total=2114;desc=miss,rtt;dur=1
content-length
712
x-request-id
b3b1f0d86afd5384
surrogate-key
268046594891881248488411371492607257864 107492541232960178544593525054382233393 5dae0ce85ee661e931f6926af99c713d
last-modified
Thu, 26 Sep 2019 15:03:34 GMT
server
cloudinary
etag
"65b39b303777d31ec59b6264aae23195"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
expires
Fri, 20 Nov 2020 16:13:02 GMT
vviaywiynvu0qr8owfdd
images.spot.im/image/upload/f_png,w_60,h_60/p/u/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.spot.im/image/upload/f_png,w_60,h_60/p/u/vviaywiynvu0qr8owfdd
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v2.9.4/vendor/vendor-bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.9 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
Cloudinary /
Resource Hash
b6a4269284836ba08337a9cc5b21b0b7e87669c1f781700afab0a19bdf258093
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
status
200
date
Thu, 21 Nov 2019 16:13:02 GMT
server-timing
akam;dur=57;start=2019-11-18T18:43:48.192Z;total=766;desc=miss,rtt;dur=2,cloudinary;dur=634;start=2019-11-18T18:43:48.251Z,cld-id;desc=f26c9740900a5653bce040686b1be8a7
content-length
5775
x-request-id
f26c9740900a5653bce040686b1be8a7
last-modified
Mon, 18 Nov 2019 18:43:49 GMT
server
Cloudinary
etag
"454810667f5e53c850dd07d0c1233be6"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range,Server-Timing,Vary,X-Cld-Error
cache-control
public, no-transform, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 20 Nov 2020 16:13:02 GMT
zfuj02ifh7zejcryynuc
images.spot.im/image/upload/f_png,w_60,h_60/p/u/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.spot.im/image/upload/f_png,w_60,h_60/p/u/zfuj02ifh7zejcryynuc
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v2.9.4/vendor/vendor-bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.9 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
5ef1553e8a4417202af95d6d9336d6112ccf87f466eebff01313369cd20ca72d

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:13:02 GMT
content-encoding
gzip
status
200
server-timing
akam;dur=34;start=2019-11-11T17:45:03.936Z;total=193;desc=miss,rtt;dur=1
content-length
8515
surrogate-key
244939858096942527953039634488885182277 107492541232960178544593525054382233393 5dae0ce85ee661e931f6926af99c713d
last-modified
Tue, 29 Oct 2019 10:23:37 GMT
server
cloudinary
etag
"173a76ad09b32dbba1bcdb33718d58c4"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
expires
Fri, 20 Nov 2020 16:13:02 GMT
rfmvwqs9fh1qmd2dmtk8
images.spot.im/image/upload/f_png,w_60,h_60/p/u/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.spot.im/image/upload/f_png,w_60,h_60/p/u/rfmvwqs9fh1qmd2dmtk8
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v2.9.4/vendor/vendor-bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.9 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
Cloudinary /
Resource Hash
2f37e0581124ddb9831784e56dd61bf654f59c92f42868492147346eba3f3809
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
status
200
date
Thu, 21 Nov 2019 16:13:02 GMT
server-timing
akam;dur=74;start=2019-11-21T16:08:14.493Z;total=175;desc=miss,rtt;dur=0,cloudinary;dur=76;start=2019-11-21T16:08:14.564Z
content-length
9273
last-modified
Wed, 30 Oct 2019 22:54:01 GMT
server
Cloudinary
etag
"79ac9889b9c530f8f9ac4ba91a33b8b1"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range,Server-Timing,Vary,X-Cld-Error
cache-control
public, no-transform, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 20 Nov 2020 16:13:02 GMT
qs3o0zdlj5k3psujbd86
images.spot.im/image/upload/f_png,w_60,h_60/p/u/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.spot.im/image/upload/f_png,w_60,h_60/p/u/qs3o0zdlj5k3psujbd86
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v2.9.4/vendor/vendor-bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.9 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
50c9da7657e618d11781a8e9d692626776623bcc6aa816cb4f4f70796e16b99f

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:13:02 GMT
content-encoding
gzip
status
200
server-timing
akam;dur=36;start=2019-11-02T14:14:24.931Z;total=117;desc=miss,rtt;dur=0
content-length
8118
surrogate-key
313259284025191224603482659968987200307 107492541232960178544593525054382233393 5dae0ce85ee661e931f6926af99c713d
last-modified
Mon, 28 Oct 2019 13:08:52 GMT
server
cloudinary
etag
"1f519067ddad01d901f0aa9cbab988a0"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
expires
Fri, 20 Nov 2020 16:13:02 GMT
npy3nm49ndpabrjclive
images.spot.im/image/upload/f_png,w_60,h_60/p/u/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.spot.im/image/upload/f_png,w_60,h_60/p/u/npy3nm49ndpabrjclive
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v2.9.4/vendor/vendor-bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.9 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
ca78fc981b19edd10d4bddf32c98d6df48e269009ae7384b3f02854bae780fb9

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:13:02 GMT
content-encoding
gzip
status
200, 200 OK
server-timing
akam;dur=33;start=2019-11-06T13:39:23.807Z;total=333;desc=miss,rtt;dur=0
content-length
6979
x-request-id
bb2cde6e21514d35d4b4b88892c6dd89
surrogate-key
63794514525904368589503939364944145233 107492541232960178544593525054382233393 5dae0ce85ee661e931f6926af99c713d
last-modified
Wed, 06 Nov 2019 13:39:25 GMT
server
cloudinary
etag
"53f211dc38fb37e56640eca896ba07b7"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
expires
Fri, 20 Nov 2020 16:13:02 GMT
fjlfxatjtnpwfrmolnyc
images.spot.im/image/upload/f_png,w_60,h_60/p/u/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.spot.im/image/upload/f_png,w_60,h_60/p/u/fjlfxatjtnpwfrmolnyc
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v2.9.4/vendor/vendor-bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.9 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
525d9a774c9ad29cc72d901904dd05cab5ea6c7ca8c06f46b91195ef5127e864

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:13:02 GMT
content-encoding
gzip
status
200
server-timing
akam;dur=32;start=2019-11-02T20:14:32.225Z;total=84;desc=miss,rtt;dur=0
content-length
8702
surrogate-key
205846896913616907455180831863675589812 107492541232960178544593525054382233393 5dae0ce85ee661e931f6926af99c713d
last-modified
Sat, 02 Nov 2019 19:43:42 GMT
server
cloudinary
etag
"9585deaccfd5cb10b800f14f10944327"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
expires
Fri, 20 Nov 2020 16:13:02 GMT
figtjzl1p70iymqicyod
images.spot.im/h_400,f_png,q_100,fl_png8/v1/production/ 		113 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.spot.im/h_400,f_png,q_100,fl_png8/v1/production/figtjzl1p70iymqicyod
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.9 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
Cloudinary /
Resource Hash
9dbbf8b2d9f124b2a859f570263bcf06f57af42de4abc47ce5577d1878b6fb3a
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
status
200
date
Thu, 21 Nov 2019 16:13:02 GMT
server-timing
akam;dur=318;start=2019-11-21T16:08:14.892Z;total=461;desc=hit,rtt;dur=0,cloudinary;dur=752;start=2019-11-21T16:08:14.572Z,cld-id;desc=7bc76d699b63fc63b5cd92fef4c74788
content-length
116148
x-request-id
7bc76d699b63fc63b5cd92fef4c74788
last-modified
Thu, 21 Nov 2019 16:08:16 GMT
server
Cloudinary
etag
"48275d94293ef8a3f37aade2fc6e4c75"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range,Server-Timing,Vary,X-Cld-Error
cache-control
public, no-transform, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 20 Nov 2020 16:13:02 GMT
a8aceokpkh7bifq2gv5q
images.spot.im/h_400,f_png,q_100,fl_png8/v1/production/ 		104 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.spot.im/h_400,f_png,q_100,fl_png8/v1/production/a8aceokpkh7bifq2gv5q
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.9 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
Cloudinary /
Resource Hash
7909c48029292a928e993e588fb9f466ebd8aefe25a0f6aa13d9f3fe92c385c2
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
status
200
date
Thu, 21 Nov 2019 16:13:02 GMT
server-timing
akam;dur=1177;start=2019-11-21T14:28:15.964Z;total=23;desc=miss,rtt;dur=0,cloudinary;dur=1173;start=2019-11-21T14:28:14.752Z,cld-id;desc=f6de450da7277af64c104cd387155528
content-length
106733
x-request-id
f6de450da7277af64c104cd387155528
last-modified
Thu, 21 Nov 2019 14:28:16 GMT
server
Cloudinary
etag
"c4e4aca69ce4d4da87dad21f1b3e71f0"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range,Server-Timing,Vary,X-Cld-Error
cache-control
public, no-transform, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 20 Nov 2020 16:13:02 GMT
yawylsgy4lbkpmktkxwz
images.spot.im/h_400,f_png,q_100,fl_png8/v1/production/ 		153 KB
153 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.spot.im/h_400,f_png,q_100,fl_png8/v1/production/yawylsgy4lbkpmktkxwz
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.9 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
Cloudinary /
Resource Hash
5066f06db75f2b7aee03cc901283f143e4bb1bc9e82c3c80a93e6be77d08a556
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
status
200
date
Thu, 21 Nov 2019 16:13:02 GMT
server-timing
akam;dur=81;start=2019-11-21T15:18:19.876Z;total=106;desc=miss,rtt;dur=0,cloudinary;dur=16;start=2019-11-21T15:18:19.966Z
content-length
156310
last-modified
Thu, 21 Nov 2019 15:18:20 GMT
server
Cloudinary
etag
"2db61a3a3f97fa3d68900f15f7ffb8e7"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range,Server-Timing,Vary,X-Cld-Error
cache-control
public, no-transform, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 20 Nov 2020 16:13:02 GMT
icgyrmknnbhmiohtad2w
images.spot.im/h_400,f_png,q_100,fl_png8/v1/production/ 		133 KB
133 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.spot.im/h_400,f_png,q_100,fl_png8/v1/production/icgyrmknnbhmiohtad2w
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.9 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
Cloudinary /
Resource Hash
b4287ee9cf9012ea24966f8fa5945aa1053bda91a91ba9b273b043967553eee6
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
status
200
date
Thu, 21 Nov 2019 16:13:02 GMT
server-timing
akam;dur=575;start=2019-11-21T16:08:15.053Z;total=575;desc=hit,rtt;dur=0,cloudinary;dur=1029;start=2019-11-21T16:08:14.576Z,cld-id;desc=8d652dce252f62a69bca82d963104a86
content-length
135785
x-request-id
8d652dce252f62a69bca82d963104a86
last-modified
Thu, 21 Nov 2019 16:08:16 GMT
server
Cloudinary
etag
"a7c1b9cc77b7fb3f6fa6d6dd7cf3ed91"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range,Server-Timing,Vary,X-Cld-Error
cache-control
public, no-transform, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 20 Nov 2020 16:13:02 GMT
grumi-ip.js
rumcdn.geoedge.be/ Frame BC6A 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/grumi-ip.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/popular-in-the-community/popular-in-the-community-bundle-1c394e7b45d3769f38a5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:1800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9b5bdc94dbed24c6244fd1e64df2231dc2e121df6ce5347e1c6c772bb6b66cb7

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

x-amz-version-id
y0dbiDlpEv5NRQV.gLoiMmBS.VWnZNqE
content-encoding
gzip
last-modified
Sun, 15 Sep 2019 11:15:37 GMT
server
AmazonS3
age
66028
date
Thu, 21 Nov 2019 14:27:12 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
public, max-age: 172800
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
ojaRi1lwFKXIOTCDFkEfE2w9jRlvdP9kmoq6GYz7M9biPz9J8wIsJA==
via
1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
wrapper_hb_270443_3428.js
player.spotim.market/prebid/ Frame BC6A 		75 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.spotim.market/prebid/wrapper_hb_270443_3428.js?cb=18221
Requested by
Host: shr.gs
URL: http://shr.gs/kWQbz0R
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
3b03c7119e991547a41b6aed2f482746c7c5d36a6840b7c470c291b9ccead342

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:13:02 GMT
content-encoding
gzip
last-modified
Thu, 21 Nov 2019 11:13:17 GMT
server
nginx
access-control-allow-origin
*
etag
W/"5dd6714d-12c83"
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=300
x-proxy-cache
HIT
expires
Thu, 21 Nov 2019 16:18:02 GMT
ad-choises.png
publisher-assets.spot.im/yad/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://publisher-assets.spot.im/yad/ad-choises.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.33 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-33.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f27b4cdbd821100765224a52c7c8d544fa9fdd6d0aba21015eb66c11735e0989

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:13:02 GMT
content-encoding
gzip
last-modified
Mon, 02 Jul 2018 15:08:43 GMT
server
AmazonS3
access-control-allow-origin
*
etag
"643378ef8a85df26380de21f9beb58ba"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=31622400
accept-ranges
bytes
content-length
4191
x-amz-cf-id
1mqybNJj7fdtM2ydpCzxMae06gly9sGFm5rBKblvDGyVkrLo4INw2w==
expires
Sat, 21 Nov 2020 16:13:02 GMT
pixel
pix.spot.im/api/v1/ 		0
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pix.spot.im/api/v1/pixel?m=eyJzb3VyY2UiOiJwaXRjIiwidHlwZSI6ImVuZ2luZV9zdGF0dXMiLCJkb21haW4iOiJ3d3cuZXhwcmVzcy5jby51ayIsInVybCI6Imh0dHBzOi8vd3d3LmV4cHJlc3MuY28udWsvbGlmZS1zdHlsZS9zY2llbmNlLXRlY2hub2xvZ3kvMTIwNzAwMC9XaW5kb3dzLTEwLVVwZGF0ZS1SYW5zb213YXJlLURvLU5vdC1Eb3dubG9hZCIsInJlZmVycmVyIjoiaHR0cDovL3Noci5ncy9rV1FiejBSIiwibGFuZyI6ImVuLVVTIiwidGltZV9kZWx0YSI6MjUwMDcsInVpZCI6ImE0ZGFmYWUyMmQ2MjhlYjk0YTcxZWZkYzk1OTg4YzE3IiwidmlzaXRfaWQiOiJjYWQwNTZhNTMzNGU0ZGJkYTVhNTRlMjg1NzAwODc1ZiIsImR1cmF0aW9uIjoxLCJpYl9icm93c2VyX2lkIjoiMzRjYjE0MmNiY2I5ODE4M2E4ZjdhOTc4MzQ1MmIxNGYiLCJwYWdlX3ZpZXdfaWQiOiI5MGE2OTFhNi0xMjQxLTRiMmMtODAyOC05YmZlYjE4OTFkOTQiLCJzcG90X2lkIjoic3BfOUxNSU5iSzkiLCJjb252ZXJzYXRpb25faWQiOiJzcF85TE1JTmJLOV8xMjA3MDAwIiwicm93IjoxLCJsYXlvdXQiOiJkaXNwbGF5IiwiZW5naW5lX3ZlbmRvcl9uYW1lIjoiZGZwIiwiaW5fdmlldyI6IjMwMHgyNTAgYm90dG9tLXNpZGUtYmFyIiwiZW5naW5lX3N0YXR1cyI6ImVuZ2luZS13aWxsLWluaXRpYWxpemUifQ%3D%3D&rnd=0.8227377883482843
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/popular-in-the-community/popular-in-the-community-bundle-1c394e7b45d3769f38a5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.16 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-16.deploy.static.akamaitechnologies.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
GET
Origin
https://www.express.co.uk
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Access-Control-Request-Headers
x-spotim-device-uuid,x-spotim-page-view-id

Response headers

pragma
no-cache
date
Thu, 21 Nov 2019 16:13:02 GMT
server
fasthttp
access-control-allow-origin
https://www.express.co.uk
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
status
200
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
access-control-allow-headers
content-type, x-spotim-device-uuid, x-spotim-page-view-id, x-spotim-source, x-xsrf-token
content-length
0
expires
Thu, 21 Nov 2019 16:13:02 GMT
hb_270443_3428.js
player.spotim.market/prebid/ Frame BC6A 		251 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.spotim.market/prebid/hb_270443_3428.js?cb=18222
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/grumi-ip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
c79ad870e163eb27f862854b17f419a9070d4ab32ac2cc17972153cfe53528b4

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:13:02 GMT
content-encoding
gzip
last-modified
Wed, 20 Nov 2019 16:41:08 GMT
server
nginx
access-control-allow-origin
*
etag
W/"5dd56ca4-3ec1b"
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=300
x-proxy-cache
HIT
expires
Thu, 21 Nov 2019 16:18:02 GMT
adthbjs
hb.spotim.market/ Frame BC6A 		0
195 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.spotim.market/adthbjs?cb=https%3A%2F%2Fwww.express.co.uk
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebid/wrapper_hb_270443_3428.js?cb=18221
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.227.137.155 Piscataway, United States, ASN55081 (24SHELLS - 24 SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk

Response headers

Access-Control-Allow-Origin
https://www.express.co.uk
Date
Thu, 21 Nov 2019 16:13:02 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Content-Length
0
tracking
hb.spotim.market/adunit/ Frame BC6A 		43 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.spotim.market/adunit/tracking?event=11&client_id=270443&site_id=3428&full_page_url=https%3A%2F%2Fwww.express.co.uk&adid=8wzxmb.bh
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebid/wrapper_hb_270443_3428.js?cb=18221
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.227.137.155 Piscataway, United States, ASN55081 (24SHELLS - 24 SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk

Response headers

Access-Control-Allow-Origin
https://www.express.co.uk
Date
Thu, 21 Nov 2019 16:13:02 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Content-Length
43
Content-Type
image/gif
gpt.js
www.googletagservices.com/tag/js/ Frame BC6A 		51 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
05d89a841cb88d2bb5e6de14d30b6c0e71a0f8951d0fd73904cd5cf767b300ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:13:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"343 / 808 of 1000 / last-modified: 1574348806"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15644
x-xss-protection
0
expires
Thu, 21 Nov 2019 16:13:02 GMT
pixel
pix.spot.im/api/v1/ 		16 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pix.spot.im/api/v1/pixel?m=eyJzb3VyY2UiOiJwaXRjIiwidHlwZSI6ImVuZ2luZV9zdGF0dXMiLCJkb21haW4iOiJ3d3cuZXhwcmVzcy5jby51ayIsInVybCI6Imh0dHBzOi8vd3d3LmV4cHJlc3MuY28udWsvbGlmZS1zdHlsZS9zY2llbmNlLXRlY2hub2xvZ3kvMTIwNzAwMC9XaW5kb3dzLTEwLVVwZGF0ZS1SYW5zb213YXJlLURvLU5vdC1Eb3dubG9hZCIsInJlZmVycmVyIjoiaHR0cDovL3Noci5ncy9rV1FiejBSIiwibGFuZyI6ImVuLVVTIiwidGltZV9kZWx0YSI6MjUwMDcsInVpZCI6ImE0ZGFmYWUyMmQ2MjhlYjk0YTcxZWZkYzk1OTg4YzE3IiwidmlzaXRfaWQiOiJjYWQwNTZhNTMzNGU0ZGJkYTVhNTRlMjg1NzAwODc1ZiIsImR1cmF0aW9uIjoxLCJpYl9icm93c2VyX2lkIjoiMzRjYjE0MmNiY2I5ODE4M2E4ZjdhOTc4MzQ1MmIxNGYiLCJwYWdlX3ZpZXdfaWQiOiI5MGE2OTFhNi0xMjQxLTRiMmMtODAyOC05YmZlYjE4OTFkOTQiLCJzcG90X2lkIjoic3BfOUxNSU5iSzkiLCJjb252ZXJzYXRpb25faWQiOiJzcF85TE1JTmJLOV8xMjA3MDAwIiwicm93IjoxLCJsYXlvdXQiOiJkaXNwbGF5IiwiZW5naW5lX3ZlbmRvcl9uYW1lIjoiZGZwIiwiaW5fdmlldyI6IjMwMHgyNTAgYm90dG9tLXNpZGUtYmFyIiwiZW5naW5lX3N0YXR1cyI6ImVuZ2luZS13aWxsLWluaXRpYWxpemUifQ%3D%3D&rnd=0.8227377883482843
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.9 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
fasthttp /
Resource Hash
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
x-spotim-device-uuid
undefined
x-spotim-page-view-id
90a691a6-1241-4b2c-8028-9bfeb1891d94
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Origin
https://www.express.co.uk

Response headers

pragma
no-cache
date
Thu, 21 Nov 2019 16:13:02 GMT
server
fasthttp
status
200
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.express.co.uk
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
access-control-allow-headers
content-type, x-spotim-device-uuid, x-spotim-page-view-id, x-spotim-source, x-xsrf-token
content-length
16
expires
Thu, 21 Nov 2019 16:13:02 GMT
integrator.js
adservice.google.de/adsid/ Frame BC6A 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.express.co.uk
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:13:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame BC6A 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.express.co.uk
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:13:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
pubads_impl_2019111401.js
securepubads.g.doubleclick.net/gpt/ Frame BC6A 		159 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019111401.js?21065176
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.34 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s16-in-f2.1e100.net
Software
sffe /
Resource Hash
7aee25147e91ea27917ac5cfd8ea30fdcae0e6b1072e51a1d644dafb76ab5c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:13:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 14 Nov 2019 14:12:07 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
59644
x-xss-protection
0
expires
Thu, 21 Nov 2019 16:13:02 GMT
avjp
outbrain-d.openx.net/v/1.0/ Frame 62FE 		92 B
275 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://outbrain-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.express.co.uk%2F&jr=http%3A%2F%2Fshr.gs%2FkWQbz0R&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=1600x1200&be=1&bc=hb_pb_2.1.9&dddid=98fa4751-1a41-44a1-b8bb-be2007473418&nocache=1574352782625&x_gdpr_f=1&schain=1.0%2C1!outbrain.com%2C0000000000000000000000000000000000%2C1%2C%2C%2C&auid=540792896&vwd=586&vht=329&vos=101&
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.2 /
Resource Hash
004e5faf0bf890f61697daeede9f21826affd1137fb2cb58eaf4719937a04a14

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Origin
https://www.express.co.uk
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Nov 2019 16:13:02 GMT
via
1.1 google
server
OXGW/16.167.2
status
200
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.express.co.uk
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
92
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
outbrain-d.openx.net/v/1.0/ Frame 8653 		92 B
275 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://outbrain-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.express.co.uk%2F&jr=http%3A%2F%2Fshr.gs%2FkWQbz0R&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=1600x1200&be=1&bc=hb_pb_2.1.9&dddid=0c679717-d071-40ad-a05d-2727d4f4cb04&nocache=1574352782631&x_gdpr_f=1&schain=1.0%2C1!outbrain.com%2C0000000000000000000000000000000000%2C1%2C%2C%2C&auid=540792896&vwd=586&vht=329&vos=101&
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.2 /
Resource Hash
004e5faf0bf890f61697daeede9f21826affd1137fb2cb58eaf4719937a04a14

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Origin
https://www.express.co.uk
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Nov 2019 16:13:02 GMT
via
1.1 google
server
OXGW/16.167.2
status
200
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.express.co.uk
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
92
expires
Mon, 26 Jul 1997 05:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ Frame ABB8 		141 B
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.133.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-58-133-90.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
80992822e1018adfecbd2514d78978daa06a0873768df43e5ce866a8804579a0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Origin
https://www.express.co.uk
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Nov 2019 16:13:03 GMT
content-encoding
gzip
status
200
content-type
application/json
access-control-allow-origin
https://www.express.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
148
expires
0
avjp
outbrain-d.openx.net/v/1.0/ Frame BF48 		92 B
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://outbrain-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.express.co.uk%2F&jr=http%3A%2F%2Fshr.gs%2FkWQbz0R&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=1600x1200&be=1&bc=hb_pb_2.1.9&dddid=b101d40a-1e20-45c3-b9f4-20b5e57a4556&nocache=1574352782652&x_gdpr_f=1&schain=1.0%2C1!outbrain.com%2C00a237eb80c88a206da40f6a4d1713f55a%2C1%2C%2C%2C&auid=540792896&vwd=330&vht=185&vos=101&
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.2 /
Resource Hash
004e5faf0bf890f61697daeede9f21826affd1137fb2cb58eaf4719937a04a14

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Origin
https://www.express.co.uk
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Nov 2019 16:13:02 GMT
via
1.1 google
server
OXGW/16.167.2
status
200
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.express.co.uk
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
92
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
outbrain-d.openx.net/v/1.0/ Frame 5089 		92 B
458 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://outbrain-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.express.co.uk%2F&jr=http%3A%2F%2Fshr.gs%2FkWQbz0R&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=1600x1200&be=1&bc=hb_pb_2.1.9&dddid=104416c2-b59f-43fa-af93-d9c7fda69f3f&nocache=1574352782656&x_gdpr_f=1&schain=1.0%2C1!outbrain.com%2C00a237eb80c88a206da40f6a4d1713f55a%2C1%2C%2C%2C&auid=540792896&vwd=330&vht=185&vos=101&
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.2 /
Resource Hash
004e5faf0bf890f61697daeede9f21826affd1137fb2cb58eaf4719937a04a14

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Origin
https://www.express.co.uk
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Nov 2019 16:13:02 GMT
via
1.1 google
server
OXGW/16.167.2
status
200
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.express.co.uk
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
92
expires
Mon, 26 Jul 1997 05:00:00 GMT
config.json
player.adtelligent.com/exchange_rates/279896/ Frame BC6A 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/279896/config.json?cb=https%3A%2F%2Fwww.express.co.uk
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebid/hb_270443_3428.js?cb=18222
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
41c0e89a0b78f268ae115f927ec0958050365600934514d3de59d1db37092759

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 21 Nov 2019 16:13:03 GMT
content-encoding
gzip
last-modified
Thu, 21 Nov 2019 12:00:43 GMT
server
nginx
etag
W/"5dd67c6b-865"
status
200
content-type
application/json
access-control-allow-origin
https://www.express.co.uk
expires
Thu, 21 Nov 2019 16:18:03 GMT
cache-control
max-age=300
x-proxy-cache
HIT
csyncs
hb.spotim.market/ Frame BC6A 		80 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.spotim.market/csyncs?aid1=350975&
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebid/wrapper_hb_270443_3428.js?cb=18221
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.227.137.155 Piscataway, United States, ASN55081 (24SHELLS - 24 SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
a18f4b400b42697ea11db9579a715ad690adc7d714717c26e41e564047c1d6f5

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk

Response headers

Access-Control-Allow-Origin
https://www.express.co.uk
Date
Thu, 21 Nov 2019 16:13:04 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Content-Length
80
Content-Type
application/json; charset=UTF-8
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 9E4D 		142 B
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.133.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-58-133-90.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
27a9c7ee83442d9b3416d89bd87e70017a6a6b9050be95d8c2e70a71bc7937b7

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Origin
https://www.express.co.uk
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Nov 2019 16:13:03 GMT
content-encoding
gzip
status
200
content-type
application/json
access-control-allow-origin
https://www.express.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
148
expires
0
translator
hbopenbid.pubmatic.com/ Frame BC6A 		0
0
bid
ap.lijit.com/rtb/ Frame BC6A 		47 B
641 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_2.39.0-pre
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebid/hb_270443_3428.js?cb=18222
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET - Internap Corporation, US),
Reverse DNS
Software
nginx /
Resource Hash
23e64ec440d9f52441fca56e2740ba5856d9068994263594764e70ab03cc4a82

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 21 Nov 2019 16:13:04 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.express.co.uk
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
prebid
ib.adnxs.com/ut/v3/ Frame BC6A 		143 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebid/hb_270443_3428.js?cb=18222
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.208 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
311.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
169599aac5aa11450ce476acea731c7688a69cf2fac67a218d511a947b97fd96
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:13:05 GMT
X-Proxy-Origin
89.38.96.190; 89.38.96.190; 311.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.143:80
AN-X-Request-Uuid
86ba00a4-1744-44ab-b60a-670a5f778eeb
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.express.co.uk
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
143
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
btlr.sharethrough.com/WYu2BXv1/ Frame BC6A 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame BC6A 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame BC6A 		0
0
cygnus
as-sec.casalemedia.com/ Frame BC6A 		0
0
sr.bladex.js
sdk.streamrail.com/blade/ Frame DB7D 		423 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.streamrail.com/blade/sr.bladex.js
Requested by
Host: sdk.streamrail.com
URL: https://sdk.streamrail.com/blade/sr.bladex.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:800:c:492d:cd80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d6496a87b4643aebb5ac8356ec6e9d2a28cafb578de76cc7b7ac2f1737380b97

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:10:37 GMT
content-encoding
gzip
last-modified
Mon, 11 Nov 2019 15:13:43 GMT
server
AmazonS3
age
146
etag
"10511f6aa98c1c495450f16e9b643f37"
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=1200, public
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
113674
via
1.1 71dbd5706c5b0c7b733248e1171f2d4f.cloudfront.net (CloudFront)
x-amz-cf-id
Gww_iLOcN99DZq2YNwX4knNFdUs7Fp3zOtBpGGqFbcKDsYhIUJVc_w==
pixel
pix.spot.im/api/v1/ 		0
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pix.spot.im/api/v1/pixel?m=eyJzb3VyY2UiOiJwaXRjIiwidHlwZSI6ImVuZ2luZV9zdGF0dXMiLCJkb21haW4iOiJ3d3cuZXhwcmVzcy5jby51ayIsInVybCI6Imh0dHBzOi8vd3d3LmV4cHJlc3MuY28udWsvbGlmZS1zdHlsZS9zY2llbmNlLXRlY2hub2xvZ3kvMTIwNzAwMC9XaW5kb3dzLTEwLVVwZGF0ZS1SYW5zb213YXJlLURvLU5vdC1Eb3dubG9hZCIsInJlZmVycmVyIjoiaHR0cDovL3Noci5ncy9rV1FiejBSIiwibGFuZyI6ImVuLVVTIiwidGltZV9kZWx0YSI6MjUzNTEsInVpZCI6ImQwNDhiYWJjMmIxOWFhMTliZjEyN2FiZmI1YjMzYTNlIiwidmlzaXRfaWQiOiJjYWQwNTZhNTMzNGU0ZGJkYTVhNTRlMjg1NzAwODc1ZiIsImR1cmF0aW9uIjoxLCJpYl9icm93c2VyX2lkIjoiMzRjYjE0MmNiY2I5ODE4M2E4ZjdhOTc4MzQ1MmIxNGYiLCJwYWdlX3ZpZXdfaWQiOiI5MGE2OTFhNi0xMjQxLTRiMmMtODAyOC05YmZlYjE4OTFkOTQiLCJzcG90X2lkIjoic3BfOUxNSU5iSzkiLCJjb252ZXJzYXRpb25faWQiOiJzcF85TE1JTmJLOV8xMjA3MDAwIiwicm93IjoxLCJsYXlvdXQiOiJ2aWRlbyIsImluX3ZpZXciOiJvdXRzdHJlYW0iLCJlbmdpbmVfdmVuZG9yX25hbWUiOiJzciIsImVuZ2luZV90YWdfaWQiOiJ0YWdfa0xqcFUwR3pEMEhnIiwiZW5naW5lX3N0YXR1cyI6ImVuZ2luZS13aWxsLWluaXRpYWxpemUifQ%3D%3D&rnd=0.3019221736014348
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/popular-in-the-community/popular-in-the-community-bundle-1c394e7b45d3769f38a5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.16 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-16.deploy.static.akamaitechnologies.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
GET
Origin
https://www.express.co.uk
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Access-Control-Request-Headers
x-spotim-device-uuid,x-spotim-page-view-id

Response headers

pragma
no-cache
date
Thu, 21 Nov 2019 16:13:02 GMT
server
fasthttp
access-control-allow-origin
https://www.express.co.uk
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
status
200
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
access-control-allow-headers
content-type, x-spotim-device-uuid, x-spotim-page-view-id, x-spotim-source, x-xsrf-token
content-length
0
expires
Thu, 21 Nov 2019 16:13:02 GMT
pd
u.openx.net/w/1.0/ Frame 2DDB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.2 /
Resource Hash

Request headers

:method
GET
:authority
u.openx.net
:scheme
https
:path
/w/1.0/pd
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
accept-encoding
gzip, deflate, br
cookie
i=f291b23d-1ce4-0a95-0a61-456473f51cf4|1574352782
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

status
200
vary
Accept
set-cookie
i=f291b23d-1ce4-0a95-0a61-456473f51cf4|1574352782; Version=1; Expires=Fri, 20-Nov-2020 16:13:02 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1574352782|mOgikimWiygu; Version=1; Expires=Fri, 06-Dec-2019 16:13:02 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server
OXGW/16.167.2
p3p
CP="CUR ADM OUR NOR STA NID"
date
Thu, 21 Nov 2019 16:13:02 GMT
content-type
text/html
content-length
592
via
1.1 google
alt-svc
clear
pd
u.openx.net/w/1.0/ Frame 6DD1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.2 /
Resource Hash

Request headers

:method
GET
:authority
u.openx.net
:scheme
https
:path
/w/1.0/pd
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
accept-encoding
gzip, deflate, br
cookie
i=25b4bfac-a637-0a0a-1711-20eed0c6dc3d|1574352782
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

status
200
vary
Accept
set-cookie
i=25b4bfac-a637-0a0a-1711-20eed0c6dc3d|1574352782; Version=1; Expires=Fri, 20-Nov-2020 16:13:02 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1574352782|mOgikimWiygu; Version=1; Expires=Fri, 06-Dec-2019 16:13:02 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server
OXGW/16.167.2
p3p
CP="CUR ADM OUR NOR STA NID"
date
Thu, 21 Nov 2019 16:13:02 GMT
content-type
text/html
content-length
592
via
1.1 google
alt-svc
clear
pd
u.openx.net/w/1.0/ Frame 2A8B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.2 /
Resource Hash

Request headers

:method
GET
:authority
u.openx.net
:scheme
https
:path
/w/1.0/pd
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
accept-encoding
gzip, deflate, br
cookie
i=25b4bfac-a637-0a0a-1711-20eed0c6dc3d|1574352782
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

status
200
vary
Accept
set-cookie
i=25b4bfac-a637-0a0a-1711-20eed0c6dc3d|1574352782; Version=1; Expires=Fri, 20-Nov-2020 16:13:02 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1574352782|mOgikimWiygu; Version=1; Expires=Fri, 06-Dec-2019 16:13:02 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server
OXGW/16.167.2
p3p
CP="CUR ADM OUR NOR STA NID"
date
Thu, 21 Nov 2019 16:13:02 GMT
content-type
text/html
content-length
592
via
1.1 google
alt-svc
clear
pd
u.openx.net/w/1.0/ Frame 36A5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.2 /
Resource Hash

Request headers

:method
GET
:authority
u.openx.net
:scheme
https
:path
/w/1.0/pd
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
accept-encoding
gzip, deflate, br
cookie
i=25b4bfac-a637-0a0a-1711-20eed0c6dc3d|1574352782
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

status
200
vary
Accept
set-cookie
i=25b4bfac-a637-0a0a-1711-20eed0c6dc3d|1574352782; Version=1; Expires=Fri, 20-Nov-2020 16:13:02 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1574352782|mOgikimWiygu; Version=1; Expires=Fri, 06-Dec-2019 16:13:02 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server
OXGW/16.167.2
p3p
CP="CUR ADM OUR NOR STA NID"
date
Thu, 21 Nov 2019 16:13:02 GMT
content-type
text/html
content-length
592
via
1.1 google
alt-svc
clear
5cb74dcb4b194a0001f77ed6
api.vidiom.net/player/587dfc37febaab0002000001/ Frame DB7D 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.vidiom.net/player/587dfc37febaab0002000001/5cb74dcb4b194a0001f77ed6?aw=400&ah=300&sr_format=js&page_url=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&sub_id=monetizationId%3DJrd1t2B3sW9QvjgH0fR2vw%3D%3D%26domain%3Dwww.express.co.uk%26os%3DDesktop%26utm%3D%26spotId%3Dsp_9LMINbK9%26source%3Dpitc&param1=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&param2=sp_9LMINbK9&subid=monetizationId%3DJrd1t2B3sW9QvjgH0fR2vw%3D%3D%26domain%3Dwww.express.co.uk%26os%3DDesktop%26utm%3D%26spotId%3Dsp_9LMINbK9%26source%3Dpitc&ddomain=express.co.uk&domain=express.co.uk&sid=cb3621c0-0c79-11ea-b58d-8f1c0bf10514&player_ver=bx_1252
Requested by
Host: sdk.streamrail.com
URL: https://sdk.streamrail.com/blade/sr.bladex.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.201.78.160 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
160.78.201.35.bc.googleusercontent.com
Software
/
Resource Hash
cf322c1504cfa804e6742405efc332bb2ce19d13e4c962710ebfd8da437f2d5b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk

Response headers

date
Thu, 21 Nov 2019 16:13:02 GMT
content-encoding
gzip
last-modified
Thu, 21 Nov 2019 16:13:02 GMT
status
200
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.express.co.uk
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
1890
via
1.1 google
expires
Tue, 03 Jul 2001 06:00:00 GMT
pixel
pix.spot.im/api/v1/ 		16 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pix.spot.im/api/v1/pixel?m=eyJzb3VyY2UiOiJwaXRjIiwidHlwZSI6ImVuZ2luZV9zdGF0dXMiLCJkb21haW4iOiJ3d3cuZXhwcmVzcy5jby51ayIsInVybCI6Imh0dHBzOi8vd3d3LmV4cHJlc3MuY28udWsvbGlmZS1zdHlsZS9zY2llbmNlLXRlY2hub2xvZ3kvMTIwNzAwMC9XaW5kb3dzLTEwLVVwZGF0ZS1SYW5zb213YXJlLURvLU5vdC1Eb3dubG9hZCIsInJlZmVycmVyIjoiaHR0cDovL3Noci5ncy9rV1FiejBSIiwibGFuZyI6ImVuLVVTIiwidGltZV9kZWx0YSI6MjUzNTEsInVpZCI6ImQwNDhiYWJjMmIxOWFhMTliZjEyN2FiZmI1YjMzYTNlIiwidmlzaXRfaWQiOiJjYWQwNTZhNTMzNGU0ZGJkYTVhNTRlMjg1NzAwODc1ZiIsImR1cmF0aW9uIjoxLCJpYl9icm93c2VyX2lkIjoiMzRjYjE0MmNiY2I5ODE4M2E4ZjdhOTc4MzQ1MmIxNGYiLCJwYWdlX3ZpZXdfaWQiOiI5MGE2OTFhNi0xMjQxLTRiMmMtODAyOC05YmZlYjE4OTFkOTQiLCJzcG90X2lkIjoic3BfOUxNSU5iSzkiLCJjb252ZXJzYXRpb25faWQiOiJzcF85TE1JTmJLOV8xMjA3MDAwIiwicm93IjoxLCJsYXlvdXQiOiJ2aWRlbyIsImluX3ZpZXciOiJvdXRzdHJlYW0iLCJlbmdpbmVfdmVuZG9yX25hbWUiOiJzciIsImVuZ2luZV90YWdfaWQiOiJ0YWdfa0xqcFUwR3pEMEhnIiwiZW5naW5lX3N0YXR1cyI6ImVuZ2luZS13aWxsLWluaXRpYWxpemUifQ%3D%3D&rnd=0.3019221736014348
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.9 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
fasthttp /
Resource Hash
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
x-spotim-device-uuid
undefined
x-spotim-page-view-id
90a691a6-1241-4b2c-8028-9bfeb1891d94
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Origin
https://www.express.co.uk

Response headers

pragma
no-cache
date
Thu, 21 Nov 2019 16:13:03 GMT
server
fasthttp
status
200
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.express.co.uk
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
access-control-allow-headers
content-type, x-spotim-device-uuid, x-spotim-page-view-id, x-spotim-source, x-xsrf-token
content-length
16
expires
Thu, 21 Nov 2019 16:13:03 GMT
cs.html
sdk.streamrail.com/mrail/200/ Frame F01A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sdk.streamrail.com/mrail/200/cs.html?tc=5cb74c624b194a0001f77d99&org=587dfc37febaab0002000001&sid=cb3621c0-0c79-11ea-b58d-8f1c0bf10514&ip=89.38.96.190&domain=express.co.uk&pv=1252&sv=
Requested by
Host: sdk.streamrail.com
URL: https://sdk.streamrail.com/blade/sr.bladex.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:800:c:492d:cd80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

:method
GET
:authority
sdk.streamrail.com
:scheme
https
:path
/mrail/200/cs.html?tc=5cb74c624b194a0001f77d99&org=587dfc37febaab0002000001&sid=cb3621c0-0c79-11ea-b58d-8f1c0bf10514&ip=89.38.96.190&domain=express.co.uk&pv=1252&sv=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download

Response headers

status
200
content-type
text/html
content-length
247
last-modified
Sun, 03 Mar 2019 10:24:33 GMT
accept-ranges
bytes
server
AmazonS3
date
Thu, 21 Nov 2019 16:13:04 GMT
etag
"e9af93f10ca3d78d6ca9e54a5e4174c2"
cache-control
no-cache
x-cache
Hit from cloudfront
via
1.1 71dbd5706c5b0c7b733248e1171f2d4f.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
69OL0dF3CvSFOUYH0d-4TbHF9fFrxXyZP_80oUt9xzjnBo_GNHMSbA==
AdServerServlet
vid.pubmatic.com/AdServer/ Frame DB7D 		0
0
266251
search.spotxchange.com/vast/2.00/ Frame DB7D 		0
0
266458
search.spotxchange.com/vast/2.00/ Frame DB7D 		0
0
265327
search.spotxchange.com/vast/2.00/ Frame DB7D 		0
0
WGGvk3CF30m9wNZ+BAZTJyFR1XHLby71wYHFMqmw7busg9ZNuNt1y8dObTULPw7OGis+zxkolgSg63SWosWzAw==
ads.adaptv.advertising.com/a/h/ Frame DB7D 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/WGGvk3CF30m9wNZ+BAZTJyFR1XHLby71wYHFMqmw7busg9ZNuNt1y8dObTULPw7OGis+zxkolgSg63SWosWzAw==?cb=1574352783634&gdpr=&gdpr_consent=[GDPR_CONSENT]&pet=preroll&pageUrl=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&eov=eov&scpid=1.0,1!spotim.market,266658,1,,,
Requested by
Host: sdk.streamrail.com
URL: https://sdk.streamrail.com/blade/sr.bladex.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.21.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-28-21-7.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
9e1ed8c81f33bfd68d9d14c27d4901943cb6187c33eaea85d038b205bb548c83

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk

Response headers

Pragma
no-cache
Content-Encoding
gzip
Server
adaptv/1.0
Content-Type
text/xml
Access-Control-Allow-Origin
https://www.express.co.uk
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1088
Expires
0
x
k.streamrail.com/ Frame DB7D 		0
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://k.streamrail.com/x?at=vpaid-js&s=cb3621c0-0c79-11ea-b58d-8f1c0bf10514&mv=ae3_c6c&hh=vpaid-1psf&or=587dfc37febaab0002000001&d=express.co.uk&pi=5cb74dcb4b194a0001f77ed6&w=400&h=300&ps=medium&sam_js_ver=1919&si=monetizationId%3DJrd1t2B3sW9QvjgH0fR2vw%3D%3D%26domain%3Dwww.express.co.uk%26os%3DDesktop%26utm%3D%26spotId%3Dsp_9LMINbK9%26source%3Dpitc&l=1&en=d&bl=2041&tc=5cb74c624b194a0001f77d99&v=1252&pl=bx_1252&cc=SxA&ns=0&os=mac%20os%20x&ov=10.14.6&b=chrome&bv=78&ip=89.38.96.190&uc=0&wi=MD%2BjVMbjHk5HOj9UllW9wC8MTbWjILKy&dw=400&dh=300&ds=medium&ac=5&blf=3047&r1=87893e906a57fa2cf5febdb56fd66a07&ts=sJ6%2FPQ&p1=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&p2=sp_9LMINbK9&a=am&ca=adserver&lt=2&co=adsmanager&p=3147932905&rand=8049860470&dd=express.co.uk
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.178.247.57 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
57.247.178.107.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

status
204
date
Thu, 21 Nov 2019 16:13:03 GMT
via
1.1 google
alt-svc
clear
tracking
hb.spotim.market/dfp/ Frame BC6A 		0
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.spotim.market/dfp/tracking
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebid/wrapper_hb_270443_3428.js?cb=18221
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.227.137.155 Piscataway, United States, ASN55081 (24SHELLS - 24 SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://www.express.co.uk
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

Date
Thu, 21 Nov 2019 16:13:05 GMT
Server
VertaMedia 1.0
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
OPTIONS,GET,POST
Access-Control-Allow-Origin
https://www.express.co.uk
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
*
Content-Length
0
usync.html
eus.rubiconproject.com/ Frame E180 		0
0
ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Requested by
Host: libs.outbrain.com
URL: https://libs.outbrain.com/vidget/vidget.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.215 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-225-215.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:13:03 GMT
Last-Modified
Thu, 21 Nov 2019 13:53:45 GMT
Server
Apache
ETag
"c52b07e749f7a09fa7b97b7e195e06ce:1574344639"
Access-Control-Allow-Methods
GET,POST
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
2326
aniview.js
player.aniview.com/script/6.1/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/aniview.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/70ada3f1dd19fad6fb00e261111f7902014589bb6b517a5e324719b35dc36e92
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:10c:397::2c79 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
UploadServer /
Resource Hash
7b9dbe28c785995567d541e2e84aa9c519008f08fafdaeb8490b9dd77b16f833

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:13:03 GMT
content-encoding
gzip
status
200
x-guploader-uploadid
AEnB2UqAi6gHhfsi60eunsFVkNCGxYE3XIsVVmumHauTi1N9jdOWmK3BDIYIQb7UF_BVROVWu7ruV_qLnY5DfzllPiMA9cqW8Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
7827
last-modified
Wed, 20 Nov 2019 15:14:17 GMT
server
UploadServer
etag
"a2cb1dc16ddc4f2cf604d9463528c12b"
vary
Accept-Encoding
x-goog-hash
crc32c=UjWb+w==, md5=ossdwW3cTyz2BNlGNSjBKw==
content-language
en
access-control-allow-origin
*
x-goog-generation
1574262857746475
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
7827
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 21 Nov 2019 16:18:03 GMT
track
track.aniview.com/ 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.aniview.com/track?pid=511&cid=5c8a4bd2073ef4526121e5ca&e=playerLoaded&cb=1574352783792
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.198.125 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-18-214-198-125.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

status
200
date
Thu, 21 Nov 2019 16:13:05 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
AVmanager.js
player.aniview.com/script/6.1/ Frame 42EE 		343 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/aniview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:10c:397::2c79 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
UploadServer /
Resource Hash
8aa66bcf8bf7e634d7351aad8ccb3df4d760a7e6df505e1936d6360e7dd5cc72

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:13:03 GMT
content-encoding
gzip
status
200
x-guploader-uploadid
AEnB2Ur4Md9e2msrZmAxtq8dKCPaZCDMqDwi94bsjOpuBb2edaq6I2jDokfaQidrduojaYdJgHQrbKLHorKGDS6GrWUvvIsABg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
101744
last-modified
Wed, 20 Nov 2019 15:14:14 GMT
server
UploadServer
etag
"cdb383ed1b80a0a0c2f1c54703190a4c"
vary
Accept-Encoding
x-goog-hash
crc32c=J5juKQ==, md5=zbOD7RuAoKDC8cVHAxkKTA==
content-language
en
access-control-allow-origin
*
x-goog-generation
1574262854771674
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
101744
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 21 Nov 2019 16:18:03 GMT
track
track1.aniview.com/ 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=58a5addb28a0612d3529bc5e&cid=5c8a4bd2073ef4526121e5ca&e=playerStarted&cb=1574352783843
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.13.75 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-224-13-75.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

status
200
date
Thu, 21 Nov 2019 16:13:04 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ Frame 42EE 		0
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=58a5addb28a0612d3529bc5e&cid=5c8a4bd2073ef4526121e5ca&r=www.express.co.uk&sn=511&cd1=CR_1&cd2=9549-0&cd3=5343407&cd4=footer&ic=0&tgt=0&app=&wi=586&he=329&test=&apppkg=&fv=3&e=inventory&vi=0&cb=1574352783897
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.13.75 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-224-13-75.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

status
200
date
Thu, 21 Nov 2019 16:13:04 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
observe.aniview.com/api/adserver/tag/ Frame 42EE 		10 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://observe.aniview.com/api/adserver/tag/?AV_SUBID=511&AV_CDIM1=CR_1&AV_UID=405838df7f57a24d70b0a18d00a685b7&AV_CDIM2=9549-0&AV_CDIM3=5343407&AV_CDIM4=footer&AV_SCHAIN=1.0%2C1!outbrain.com%2C0000000000000000000000000000000000%2C1%2C%2C%2C&AV_SECURED=true&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&AV_PUBLISHERID=58a5addb28a0612d3529bc5e&AV_CHANNELID=5c8a4bd2073ef4526121e5ca&AV_WIDTH=586&AV_HEIGHT=329&format=json&tgt=0&AV_ABT=&pce=1&npx=1&AV_DNT=0&AV_DETDOMAIN=www.express.co.uk&AV_DADPOS=3&v=6.1.1.243&cb=1574352783896&cb=1574352783909
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.59.224 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-215-59-224.compute-1.amazonaws.com
Software
/
Resource Hash
b98f2ab1448dd8d6212b621f20cf2d5fa3485aeb758c17bdff330130729d42e9

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk

Response headers

date
Thu, 21 Nov 2019 16:13:04 GMT
content-encoding
gzip
status
200
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.express.co.uk
cache-control
no-cache
access-control-allow-credentials
true
expires
Sun, 10 Nov 2019 02:26:24 GMT
track
track1.aniview.com/ Frame 42EE 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=58a5addb28a0612d3529bc5e&cid=5c8a4bd2073ef4526121e5ca&r=www.express.co.uk&sn=511&cd1=CR_1&cd2=9549-0&cd3=5343407&cd4=footer&ic=0&tgt=0&app=&wi=586&he=329&test=&apppkg=&fv=3&e=inventoryRequest&cb=1574352783909
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.13.75 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-224-13-75.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

status
200
date
Thu, 21 Nov 2019 16:13:04 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
truncated
/ 		581 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
27610c6febde0eab59f77460be3751d60ba33b1d7c4be656b8150a0320a6c818

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		480 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Content-Type
image/svg+xml
usync.html
eus.rubiconproject.com/ Frame C540 		0
0
AVmanager.js
player.aniview.com/script/6.1/ Frame DFCB 		343 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/aniview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:10c:397::2c79 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
UploadServer /
Resource Hash
8aa66bcf8bf7e634d7351aad8ccb3df4d760a7e6df505e1936d6360e7dd5cc72

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:13:04 GMT
content-encoding
gzip
status
200
x-guploader-uploadid
AEnB2Ur4Md9e2msrZmAxtq8dKCPaZCDMqDwi94bsjOpuBb2edaq6I2jDokfaQidrduojaYdJgHQrbKLHorKGDS6GrWUvvIsABg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
101744
last-modified
Wed, 20 Nov 2019 15:14:14 GMT
server
UploadServer
etag
"cdb383ed1b80a0a0c2f1c54703190a4c"
vary
Accept-Encoding
x-goog-hash
crc32c=J5juKQ==, md5=zbOD7RuAoKDC8cVHAxkKTA==
content-language
en
access-control-allow-origin
*
x-goog-generation
1574262854771674
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
101744
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 21 Nov 2019 16:18:04 GMT
track
track1.aniview.com/ 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=58a5addb28a0612d3529bc5e&cid=5c8a4bd2073ef4526121e5ca&e=playerStarted&cb=1574352783990
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.13.75 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-224-13-75.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

status
200
date
Thu, 21 Nov 2019 16:13:04 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ Frame DFCB 		0
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=58a5addb28a0612d3529bc5e&cid=5c8a4bd2073ef4526121e5ca&r=www.express.co.uk&sn=511&cd1=CR_4&cd2=no_abtest&cd3=5343407&cd4=footer&ic=0&tgt=0&app=&wi=330&he=185&test=3&apppkg=&fv=3&e=inventory&vi=0&cb=1574352784019
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.13.75 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-224-13-75.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

status
200
date
Thu, 21 Nov 2019 16:13:04 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
observe.aniview.com/api/adserver/tag/3/ Frame DFCB 		10 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://observe.aniview.com/api/adserver/tag/3/?AV_SUBID=511&AV_CDIM1=CR_4&AV_UID=5231f7503c1236b5e6dc98fc40a842c4&AV_CDIM2=no_abtest&AV_CDIM3=5343407&AV_CDIM4=footer&AV_SCHAIN=1.0%2C1!outbrain.com%2C00a237eb80c88a206da40f6a4d1713f55a%2C1%2C%2C%2C&AV_SECURED=true&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&AV_PUBLISHERID=58a5addb28a0612d3529bc5e&AV_CHANNELID=5c8a4bd2073ef4526121e5ca&AV_WIDTH=330&AV_HEIGHT=185&format=json&tgt=0&AV_ABT=3&pce=1&npx=1&AV_DNT=0&AV_DETDOMAIN=www.express.co.uk&AV_DADPOS=3&v=6.1.1.243&cb=1574352784019&cb=1574352784031
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.59.224 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-215-59-224.compute-1.amazonaws.com
Software
/
Resource Hash
a3d3e8720c364a816efa3e241edd3b537e83045bbe24c93019d9770319d22b1c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk

Response headers

date
Thu, 21 Nov 2019 16:13:04 GMT
content-encoding
gzip
status
200
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.express.co.uk
cache-control
no-cache
access-control-allow-credentials
true
expires
Sun, 10 Nov 2019 02:26:24 GMT
track
track1.aniview.com/ Frame DFCB 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=58a5addb28a0612d3529bc5e&cid=5c8a4bd2073ef4526121e5ca&r=www.express.co.uk&sn=511&cd1=CR_4&cd2=no_abtest&cd3=5343407&cd4=footer&ic=0&tgt=0&app=&wi=330&he=185&test=3&apppkg=&fv=3&e=inventoryRequest&cb=1574352784031
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.13.75 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-224-13-75.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

status
200
date
Thu, 21 Nov 2019 16:13:04 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
avjp
outbrain-d.openx.net/v/1.0/ Frame 42EE 		92 B
275 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://outbrain-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&jr=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=0x0&be=1&bc=hb_pb_2.1.9&dddid=1574352784582&nocache=1574352784585&schain=1.0%2C1!outbrain.com%2C0000000000000000000000000000000000%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%2C%22w%22%3A586%2C%22h%22%3A329%7D%7D%5D%2C%22w%22%3A586%2C%22v%22%3A329%7D&auid=540871914&vwd=586&vht=329&
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.2 /
Resource Hash
004e5faf0bf890f61697daeede9f21826affd1137fb2cb58eaf4719937a04a14

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk

Response headers

pragma
no-cache
date
Thu, 21 Nov 2019 16:13:04 GMT
via
1.1 google
server
OXGW/16.167.2
status
200
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.express.co.uk
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
92
expires
Mon, 26 Jul 1997 05:00:00 GMT
openrtb
ads.adaptv.advertising.com/rtb/ Frame 42EE 		0
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=OutbrainHB
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.21.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-28-21-7.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.express.co.uk
Access-Control-Allow-Credentials
true
Server
adaptv/1.0
Connection
keep-alive
Content-Length
0
Content-Type
application/json
openrtb
ads.adaptv.advertising.com/rtb/ Frame 42EE 		0
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=OutbrainHB
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.21.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-28-21-7.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.express.co.uk
Access-Control-Allow-Credentials
true
Server
adaptv/1.0
Connection
keep-alive
Content-Length
0
Content-Type
application/json
avjp
outbrain-d.openx.net/v/1.0/ Frame 42EE 		92 B
275 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://outbrain-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&jr=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=0x0&be=1&bc=hb_pb_2.1.9&dddid=1574352784592&nocache=1574352784592&schain=1.0%2C1!outbrain.com%2C0000000000000000000000000000000000%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%2C%22w%22%3A586%2C%22h%22%3A329%7D%7D%5D%2C%22w%22%3A586%2C%22v%22%3A329%7D&auid=540871914&vwd=586&vht=329&
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.2 /
Resource Hash
004e5faf0bf890f61697daeede9f21826affd1137fb2cb58eaf4719937a04a14

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk

Response headers

pragma
no-cache
date
Thu, 21 Nov 2019 16:13:04 GMT
via
1.1 google
server
OXGW/16.167.2
status
200
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.express.co.uk
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
92
expires
Mon, 26 Jul 1997 05:00:00 GMT
openrtb
ads.adaptv.advertising.com/rtb/ Frame 42EE 		0
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=OutbrainHB
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.21.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-28-21-7.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.express.co.uk
Access-Control-Allow-Credentials
true
Server
adaptv/1.0
Connection
keep-alive
Content-Length
0
Content-Type
application/json
video
fastlane-adv.rubiconproject.com/v1/auction/ Frame 42EE 		229 B
563 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane-adv.rubiconproject.com/v1/auction/video
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.99.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-195-99-26.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0910f4fb1486250f0894919e9d83df106185e0e63e70e4fc64f309378c3a2baa

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 21 Nov 2019 16:13:07 GMT
Vary
Accept-Encoding, Origin
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://www.express.co.uk
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
229
X-Application-Context
application:default,prod:8080
263778
search.spotxchange.com/openrtb/2.3/dados/ Frame 42EE 		0
0
track
track1.aniview.com/ Frame 42EE 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=NL&cos=OSX&r=www.express.co.uk&rs=www.express.co.uk&sid=84650&t=1574352784&cip=89.38.96.190&sn=511&tgt=0&osv=10.14.6&bv=78.0&brn=Chrome&wi=586&he=329&app=&AV_PUBLISHERID=58a5addb28a0612d3529bc5e&test=&aafaid=&uid=97adb0a7fdc82c8bb2a2d6cd5187212c&imid=d4d4820e8282f5a536432eab67f28580744216228641723159230&cb=71246798490&cd3=5343407&cd4=footer&cd1=CR_1&cd2=9549-0&nid=58a5addb28a0612d3529bc5e&ncid=5c8a4bd2073ef4526121e5ca&e=request&cb=1574352784597&asid=5d9ae9af28a06173e31e75e6%2C5d828f2828a0616fba1a132c%2C5d875f6628a0616a8c1f67eb%2C5da57f6928a0611a135b5906%2C5d529d7928a06149a912560d%2C5d09f63c28a06119b632a65b%2C5d41980e28a061697429ddd6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.13.75 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-224-13-75.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

status
200
date
Thu, 21 Nov 2019 16:13:04 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
avjp
outbrain-d.openx.net/v/1.0/ Frame DFCB 		92 B
275 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://outbrain-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&jr=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=0x0&be=1&bc=hb_pb_2.1.9&dddid=1574352784602&nocache=1574352784603&schain=1.0%2C1!outbrain.com%2C00a237eb80c88a206da40f6a4d1713f55a%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%2C%22w%22%3A330%2C%22h%22%3A185%7D%7D%5D%2C%22w%22%3A330%2C%22v%22%3A185%7D&auid=540871914&vwd=330&vht=185&
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.2 /
Resource Hash
004e5faf0bf890f61697daeede9f21826affd1137fb2cb58eaf4719937a04a14

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk

Response headers

pragma
no-cache
date
Thu, 21 Nov 2019 16:13:04 GMT
via
1.1 google
server
OXGW/16.167.2
status
200
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.express.co.uk
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
92
expires
Mon, 26 Jul 1997 05:00:00 GMT
openrtb
ads.adaptv.advertising.com/rtb/ Frame DFCB 		0
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=OutbrainHB
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.21.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-28-21-7.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.express.co.uk
Access-Control-Allow-Credentials
true
Server
adaptv/1.0
Connection
keep-alive
Content-Length
0
Content-Type
application/json
avjp
outbrain-d.openx.net/v/1.0/ Frame DFCB 		92 B
458 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://outbrain-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&jr=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=0x0&be=1&bc=hb_pb_2.1.9&dddid=1574352784605&nocache=1574352784605&schain=1.0%2C1!outbrain.com%2C00a237eb80c88a206da40f6a4d1713f55a%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%2C%22w%22%3A330%2C%22h%22%3A185%7D%7D%5D%2C%22w%22%3A330%2C%22v%22%3A185%7D&auid=540871914&vwd=330&vht=185&
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.2 /
Resource Hash
004e5faf0bf890f61697daeede9f21826affd1137fb2cb58eaf4719937a04a14

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk

Response headers

pragma
no-cache
date
Thu, 21 Nov 2019 16:13:04 GMT
via
1.1 google
server
OXGW/16.167.2
status
200
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.express.co.uk
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
92
expires
Mon, 26 Jul 1997 05:00:00 GMT
openrtb
ads.adaptv.advertising.com/rtb/ Frame DFCB 		0
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=OutbrainHB
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.21.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-28-21-7.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.express.co.uk
Access-Control-Allow-Credentials
true
Server
adaptv/1.0
Connection
keep-alive
Content-Length
0
Content-Type
application/json
video
fastlane-adv.rubiconproject.com/v1/auction/ Frame DFCB 		228 B
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane-adv.rubiconproject.com/v1/auction/video
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.99.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-195-99-26.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
123790a837f8a955e9a88d379091ac92e542d7b36a8ba240f0b55d95bc0e1ed9

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 21 Nov 2019 16:13:07 GMT
Vary
Accept-Encoding, Origin
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://www.express.co.uk
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
228
X-Application-Context
application:default,prod:8080
263778
search.spotxchange.com/openrtb/2.3/dados/ Frame DFCB 		0
0
track
track1.aniview.com/ Frame DFCB 		0
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=NL&cos=OSX&r=www.express.co.uk&rs=www.express.co.uk&sid=80675&t=1574352784&cip=89.38.96.190&sn=511&tgt=0&osv=10.14.6&bv=78.0&brn=Chrome&wi=330&he=185&app=&AV_PUBLISHERID=58a5addb28a0612d3529bc5e&test=3&aafaid=&uid=97adb0a7fdc82c8bb2a2d6cd5187212c&imid=b97d85b4b7995f19b98f1948d565f4fa92799125157172316372&cb=62338346599&cd3=5343407&cd4=footer&cd1=CR_4&cd2=no_abtest&nid=58a5addb28a0612d3529bc5e&ncid=5c8a4bd2073ef4526121e5ca&e=request&cb=1574352784608&asid=5d9ae9af28a06173e31e75e6%2C5d875f6628a0616a8c1f67eb%2C5da57f6928a0611a135b5906%2C5d529d7928a06149a912560d%2C5d09f63c28a06119b632a65b%2C5d41980e28a061697429ddd6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.13.75 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-224-13-75.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

status
200
date
Thu, 21 Nov 2019 16:13:04 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
pd
u.openx.net/w/1.0/ Frame F32A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.2 /
Resource Hash

Request headers

:method
GET
:authority
u.openx.net
:scheme
https
:path
/w/1.0/pd
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
accept-encoding
gzip, deflate, br
cookie
i=c56f809c-f09d-0a88-20d4-5bd9c21301a8|1574352784
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download

Response headers

status
200
vary
Accept
set-cookie
i=c56f809c-f09d-0a88-20d4-5bd9c21301a8|1574352784; Version=1; Expires=Fri, 20-Nov-2020 16:13:04 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1574352784|mOgikimWiygu; Version=1; Expires=Fri, 06-Dec-2019 16:13:04 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server
OXGW/16.167.2
p3p
CP="CUR ADM OUR NOR STA NID"
date
Thu, 21 Nov 2019 16:13:04 GMT
content-type
text/html
content-length
592
via
1.1 google
alt-svc
clear
pd
u.openx.net/w/1.0/ Frame F59C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.2 /
Resource Hash

Request headers

:method
GET
:authority
u.openx.net
:scheme
https
:path
/w/1.0/pd
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
accept-encoding
gzip, deflate, br
cookie
i=c56f809c-f09d-0a88-20d4-5bd9c21301a8|1574352784
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download

Response headers

status
200
vary
Accept
set-cookie
i=c56f809c-f09d-0a88-20d4-5bd9c21301a8|1574352784; Version=1; Expires=Fri, 20-Nov-2020 16:13:04 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1574352784|mOgikimWiygu; Version=1; Expires=Fri, 06-Dec-2019 16:13:04 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server
OXGW/16.167.2
p3p
CP="CUR ADM OUR NOR STA NID"
date
Thu, 21 Nov 2019 16:13:04 GMT
content-type
text/html
content-length
592
via
1.1 google
alt-svc
clear
multitracking
hb.spotim.market/adunit/ Frame BC6A 		0
244 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.spotim.market/adunit/multitracking
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebid/hb_270443_3428.js?cb=18222
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.227.137.155 Piscataway, United States, ASN55081 (24SHELLS - 24 SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.express.co.uk
Date
Thu, 21 Nov 2019 16:13:08 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
close
Content-Type
text/plain; charset=utf-8
ads
securepubads.g.doubleclick.net/gampad/ Frame BC6A 		15 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1466308998435056&correlator=442254092264479&output=ldjh&impl=fifs&adsid=NT&eid=21065176%2C21062415%2C21063203%2C21064169%2C21065098%2C21065178%2C370204053&vrg=2019111401&npa=1&guci=1.2.0.0.2.1.0.0&plat=1%3A536903688%2C2%3A553680904%2C8%3A32776&sc=1&sfv=1-0-36&ecs=20191121&iu_parts=39694909%2CDBV%2CDBV-Express&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&prev_scp=pitcSpotId%3Dsp_9LMINbK9%26excl_cat%3DPREPOST&eri=5&cookie_enabled=1&cdm=www.express.co.uk&bc=31&abxe=1&lmt=1574352784&dt=1574352784722&dlt=1574352782461&idt=199&ea=0&frm=23&biw=1585&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=425770342&ucis=yau9o7me6epu&ifi=1&ifk=2510357041&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=www.express.co.uk&loc=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&top=www.express.co.uk&dssz=11&icsg=2720&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x-1&ga_vid=626842312.1574352785&ga_sid=1574352785&ga_hid=353206310&fws=260&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019111401.js?21065176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.34 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s16-in-f2.1e100.net
Software
cafe /
Resource Hash
05a33d6180cd3ff26639d3ccea18eda00ba4000fabe15e2b256034713231eca2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk

Response headers

date
Thu, 21 Nov 2019 16:13:04 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
4347
x-xss-protection
0
google-lineitem-id
4716717963
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138291075738
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.express.co.uk
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_2019111401.js
securepubads.g.doubleclick.net/gpt/ Frame BC6A 		64 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019111401.js?21065176
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019111401.js?21065176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.34 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s16-in-f2.1e100.net
Software
sffe /
Resource Hash
19293620368e303e572701f2f16c940806c142dd00dcccb877b16dfcd6f59c6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:13:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 14 Nov 2019 14:12:07 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
25152
x-xss-protection
0
expires
Thu, 21 Nov 2019 16:13:04 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-36/html/ Frame BC6A 		0
0
x
k.streamrail.com/ Frame DB7D 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://k.streamrail.com/x?at=vpaid-js&s=cb3621c0-0c79-11ea-b58d-8f1c0bf10514&mv=ae3_c6c&hh=vpaid-1psf&or=587dfc37febaab0002000001&d=express.co.uk&pi=5cb74dcb4b194a0001f77ed6&w=400&h=300&ps=medium&sam_js_ver=1919&si=monetizationId%3DJrd1t2B3sW9QvjgH0fR2vw%3D%3D%26domain%3Dwww.express.co.uk%26os%3DDesktop%26utm%3D%26spotId%3Dsp_9LMINbK9%26source%3Dpitc&l=1&en=d&bl=2041&tc=5cb74c624b194a0001f77d99&v=1252&pl=bx_1252&cc=SxA&ns=0&os=mac%20os%20x&ov=10.14.6&b=chrome&bv=78&ip=89.38.96.190&uc=0&wi=MD%2BjVMbjHk5HOj9UllW9wC8MTbWjILKy&dw=400&dh=300&ds=medium&ac=5&blf=3047&r1=87893e906a57fa2cf5febdb56fd66a07&ts=sJ6%2FPQ&p1=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&p2=sp_9LMINbK9&a=bid&t=1&tl=5&ai=5d7f474bd177f3000108ea7a&fb=true&bs=NXLxU8O3Fko&bqi=1017&r=5&as=vpaid%20js&ca=adserver&lt=1756&co=adsmanager&p=2205568585&rand=1813548607&dd=express.co.uk
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.178.247.57 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
57.247.178.107.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

status
204
date
Thu, 21 Nov 2019 16:13:04 GMT
via
1.1 google
alt-svc
clear
sync
ups.analytics.yahoo.com/ups/57304/ Frame 42EE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm=&google_sc=&google_tc=
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEDBiSE-eq8KEP_zw6gRKqHA&google_cver=1
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEDBiSE-eq8KEP_zw6gRKqHA&google_cver=1&verify=true
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEDBiSE-eq8KEP_zw6gRKqHA&google_cver=1&apid=UPcd30b9fa-0c79-11ea-b3b4-024295d6aa7e
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEDBiSE-eq8KEP_zw6gRKqHA&google_cver=1&apid=UPcd30b9fa-0c79-11ea-b3b4-024295d6aa7e&verify=true
0
503 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEDBiSE-eq8KEP_zw6gRKqHA&google_cver=1&apid=UPcd30b9fa-0c79-11ea-b3b4-024295d6aa7e&verify=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.41.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-58-41-129.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

status
204
date
Thu, 21 Nov 2019 16:13:06 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status
302
date
Thu, 21 Nov 2019 16:13:06 GMT
strict-transport-security
max-age=31536000
content-length
0
location
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEDBiSE-eq8KEP_zw6gRKqHA&google_cver=1&apid=UPcd30b9fa-0c79-11ea-b3b4-024295d6aa7e&verify=true
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
%7Bcombo_uid%7D
pr-bh.ybp.yahoo.com/sync/adaptv_ortb/ Frame 42EE 		43 B
381 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/adaptv_ortb/%7Bcombo_uid%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:13:04 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
status
200
x-content-type-options
nosniff
content-length
43
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
m7y5t93k
sync-tm.everesttech.net/ct/upi/pid/ Frame 42EE
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/m7y5t93k?redir=https%3A%2F%2Fsync.adap.tv%2Fsync%3Ftype%3Dgif%26key%3Dtubemogul%26uid%3D%24%7BUSER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?redir=https%3A%2F%2Fsync.adap.tv%2Fsync%3Ftype%3Dgif%26key%3Dtubemogul%26uid%3D%24%7BUSER_ID%7D&_test=Xda3kgAAAKY4QTvh
85 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?redir=https%3A%2F%2Fsync.adap.tv%2Fsync%3Ftype%3Dgif%26key%3Dtubemogul%26uid%3D%24%7BUSER_ID%7D&_test=Xda3kgAAAKY4QTvh
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Jetty(9.3.8.v20160314) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Nov 2019 16:13:07 GMT
via
1.1 varnish
server
Jetty(9.3.8.v20160314)
age
1784
x-cache
HIT
content-type
image/png
status
200
cache-control
no-cache
x-cache-hits
11637
accept-ranges
bytes
x-timer
S1574352787.006634,VS0,VE0
content-length
85
x-served-by
cache-hhn4035-HHN

Redirect headers

pragma
no-cache
date
Thu, 21 Nov 2019 16:13:06 GMT
via
1.1 varnish
server
Jetty(9.3.8.v20160314)
x-timer
S1574352787.794269,VS0,VE190
location
https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?redir=https%3A%2F%2Fsync.adap.tv%2Fsync%3Ftype%3Dgif%26key%3Dtubemogul%26uid%3D%24%7BUSER_ID%7D&_test=Xda3kgAAAKY4QTvh
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
status
302
cache-control
no-cache
x-cache-hits
0
accept-ranges
bytes
access-control-allow-origin
*
x-served-by
cache-hhn4035-HHN
sync
pixel.advertising.com/ups/55953/ Frame 42EE
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1
  • https://pixel.advertising.com/ups/55953/sync?uid=b1cd176c-31a8-4d95-a9a4-c058dc23cbde&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=b1cd176c-31a8-4d95-a9a4-c058dc23cbde
0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.advertising.com/ups/55953/sync?uid=b1cd176c-31a8-4d95-a9a4-c058dc23cbde&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=b1cd176c-31a8-4d95-a9a4-c058dc23cbde
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.60.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-158-60-52.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

status
204
date
Thu, 21 Nov 2019 16:13:05 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Thu, 21 Nov 2019 16:13:05 GMT
x-aspnet-version
4.0.30319
location
https://pixel.advertising.com/ups/55953/sync?uid=b1cd176c-31a8-4d95-a9a4-c058dc23cbde&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=b1cd176c-31a8-4d95-a9a4-c058dc23cbde
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status
302
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
369
sync
ups.analytics.yahoo.com/ups/57304/ Frame DFCB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm=&google_sc=&google_tc=
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEPDv1MhgDrNw6zUs0Hp2Q6w&google_cver=1
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEPDv1MhgDrNw6zUs0Hp2Q6w&google_cver=1&verify=true
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEPDv1MhgDrNw6zUs0Hp2Q6w&google_cver=1&apid=UPcd324091-0c79-11ea-8b1d-061a16b2633a
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEPDv1MhgDrNw6zUs0Hp2Q6w&google_cver=1&apid=UPcd324091-0c79-11ea-8b1d-061a16b2633a&verify=true
0
503 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEPDv1MhgDrNw6zUs0Hp2Q6w&google_cver=1&apid=UPcd324091-0c79-11ea-8b1d-061a16b2633a&verify=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.41.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-58-41-129.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

status
204
date
Thu, 21 Nov 2019 16:13:06 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status
302
date
Thu, 21 Nov 2019 16:13:06 GMT
strict-transport-security
max-age=31536000
content-length
0
location
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEPDv1MhgDrNw6zUs0Hp2Q6w&google_cver=1&apid=UPcd324091-0c79-11ea-8b1d-061a16b2633a&verify=true
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
%7Bcombo_uid%7D
pr-bh.ybp.yahoo.com/sync/adaptv_ortb/ Frame DFCB 		43 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/adaptv_ortb/%7Bcombo_uid%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:13:04 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
status
200
x-content-type-options
nosniff
content-length
43
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
sync.adaptv.advertising.com/ Frame DFCB
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/m7y5t93k?redir=https%3A%2F%2Fsync.adap.tv%2Fsync%3Ftype%3Dgif%26key%3Dtubemogul%26uid%3D%24%7BUSER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?redir=https%3A%2F%2Fsync.adap.tv%2Fsync%3Ftype%3Dgif%26key%3Dtubemogul%26uid%3D%24%7BUSER_ID%7D&_test=Xda3kgAAAHicnn6l
  • https://sync.adap.tv/sync?type=gif&key=tubemogul&uid=Xda3kgAAAHicnn6l&_test=Xda3kgAAAHicnn6l
  • https://sync.adaptv.advertising.com/sync?type=gif&key=tubemogul&uid=Xda3kgAAAHicnn6l&_test=Xda3kgAAAHicnn6l
0
0
sync
pixel.advertising.com/ups/55953/ Frame DFCB
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1
  • https://pixel.advertising.com/ups/55953/sync?uid=b1cd176c-31a8-4d95-a9a4-c058dc23cbde&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=b1cd176c-31a8-4d95-a9a4-c058dc23cbde
0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.advertising.com/ups/55953/sync?uid=b1cd176c-31a8-4d95-a9a4-c058dc23cbde&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=b1cd176c-31a8-4d95-a9a4-c058dc23cbde
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.60.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-158-60-52.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

status
204
date
Thu, 21 Nov 2019 16:13:05 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Thu, 21 Nov 2019 16:13:05 GMT
x-aspnet-version
4.0.30319
location
https://pixel.advertising.com/ups/55953/sync?uid=b1cd176c-31a8-4d95-a9a4-c058dc23cbde&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=b1cd176c-31a8-4d95-a9a4-c058dc23cbde
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status
302
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
369
amp4ads-host-v0.js
cdn.ampproject.org/rtv/011911070201440/ Frame BC6A 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011911070201440/amp4ads-host-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019111401.js?21065176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
866a1264b956a58da8e640a6191453d62f20d8676f63f193d2786318f83f6422
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
3190
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7132
x-xss-protection
0
server
sffe
date
Thu, 21 Nov 2019 15:19:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"796f98bb73f13f89"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 20 Nov 2020 15:19:54 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/011911070201440/ Frame D9BB 		200 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019111401.js?21065176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
7a52d4e3f541e459f9069f6f596242684704eeaca5a95f05285d16e2e609927d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
3190
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
55611
x-xss-protection
0
server
sffe
date
Thu, 21 Nov 2019 15:19:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d3c4309c2c9fce1d"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 20 Nov 2020 15:19:54 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/011911070201440/v0/ Frame D9BB 		151 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011911070201440/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019111401.js?21065176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
e4ad56bd91f08203b208a3db86c463c7952fad443a239de6454c73b7ce669657
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
3190
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
41358
x-xss-protection
0
server
sffe
date
Thu, 21 Nov 2019 15:19:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ed96f4a845755c74"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 20 Nov 2020 15:19:54 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BC6A 		0
667 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=1466308998435056&r=300x250&w=300&h=250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Nov 2019 16:13:04 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
17502092347414212004
tpc.googlesyndication.com/simgad/ Frame D9BB 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17502092347414212004
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
028cca5c318919e76ead4ae8bf559c2c37dcd87a2b61152c52a1359b4ab2b792
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Wed, 20 Nov 2019 04:54:25 GMT
x-content-type-options
nosniff
age
127119
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
10547
x-xss-protection
0
last-modified
Thu, 17 Oct 2019 09:24:10 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Nov 2020 04:54:25 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame D9BB 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstGGDOGdjNgeThxYkFKtfDoM6j_P9EAgjFq8I_moI_iyGnL8JmGwGnfS6j3bn4kWkjEqKAisxufrUChVIJlnBgf04UbHVz4_o6NCTLS06zcSyoAmUNQsxozMWt8E3X74JV5Ci2Juq6diZkdhmLQQ4sicu0ehYftt0pPAQR5dT7ZI0opPIVFlki3MgYHcIoh46Tdoygnf64r0EflJ6Lzm69QOMJ-Sq6eA_xcLj6xzgE_ykryqh-GRfHUQoPaheTdT5aTyp57pgbW&sai=AMfl-YTzW1T4I1qwFDs_tM3o-ATiGVupKDgA4m-ISZ2FfD5n8zWPJG9s4MIcZWAP7GM1pw8DHK2CwpjCF3F7XIU3PjxB9eGe7AiRmtJsatVnrA&sig=Cg0ArKJSzCqJmQ2gQCLxEAE&adurl=
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.34 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s16-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:13:04 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
private
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 21 Nov 2019 16:13:04 GMT
truncated
/ Frame D9BB 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1ed9927d598ead8ab38037b59724ba218a64fcd36e68c14a3bd85f9fc46d5e71

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-host-v0.js
cdn.ampproject.org/rtv/011911070201440/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011911070201440/amp4ads-host-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019111401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
866a1264b956a58da8e640a6191453d62f20d8676f63f193d2786318f83f6422
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
3191
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7132
x-xss-protection
0
server
sffe
date
Thu, 21 Nov 2019 15:19:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"796f98bb73f13f89"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 20 Nov 2020 15:19:54 GMT
x
k.streamrail.com/ Frame DB7D 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://k.streamrail.com/x?at=vpaid-js&s=cb3621c0-0c79-11ea-b58d-8f1c0bf10514&mv=ae3_c6c&hh=vpaid-1psf&or=587dfc37febaab0002000001&d=express.co.uk&pi=5cb74dcb4b194a0001f77ed6&w=400&h=300&ps=medium&sam_js_ver=1919&si=monetizationId%3DJrd1t2B3sW9QvjgH0fR2vw%3D%3D%26domain%3Dwww.express.co.uk%26os%3DDesktop%26utm%3D%26spotId%3Dsp_9LMINbK9%26source%3Dpitc&l=1&en=d&bl=2041&tc=5cb74c624b194a0001f77d99&v=1252&pl=bx_1252&cc=SxA&ns=0&os=mac%20os%20x&ov=10.14.6&b=chrome&bv=78&ip=89.38.96.190&uc=0&wi=MD%2BjVMbjHk5HOj9UllW9wC8MTbWjILKy&dw=400&dh=300&ds=medium&ac=5&blf=3047&r1=87893e906a57fa2cf5febdb56fd66a07&ts=sJ6%2FPQ&p1=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&p2=sp_9LMINbK9&a=win&t=1&tl=5&ai=5d7f474bd177f3000108ea7a&fb=true&bs=NXLxU8O3Fko&bqi=1017&r=5&as=vpaid%20js&ca=adserver&lt=2091&co=adsmanager&p=87034281&rand=4136852467&dd=express.co.uk
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.178.247.57 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
57.247.178.107.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

status
204
date
Thu, 21 Nov 2019 16:13:05 GMT
via
1.1 google
alt-svc
clear
17502092347414212004
tpc.googlesyndication.com/simgad/ Frame D9BB 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17502092347414212004
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
028cca5c318919e76ead4ae8bf559c2c37dcd87a2b61152c52a1359b4ab2b792
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Wed, 20 Nov 2019 04:54:25 GMT
x-content-type-options
nosniff
age
127120
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
10547
x-xss-protection
0
last-modified
Thu, 17 Oct 2019 09:24:10 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Nov 2020 04:54:25 GMT
o2shim
acds.prod.vidible.tv/ Frame 709F 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1250361&orgId=21364&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&vrid=58d8697c-b540-4558-8b7f-53624712ceac&pblob=
Requested by
Host: sdk.streamrail.com
URL: https://sdk.streamrail.com/blade/sr.bladex.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.72.48 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-210-72-48.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
66a7e608b6eca95be5ad0174751753d0bf31730b41a024f65c5076ce05a6e499

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:13:05 GMT
Content-Encoding
gzip
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
POST, GET, HEAD, PUT, PATCH, DELETE
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Content-Length
6615
tracking
hb.spotim.market/dfp/ Frame BC6A 		0
184 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.spotim.market/dfp/tracking
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.227.137.155 Piscataway, United States, ASN55081 (24SHELLS - 24 SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
content-type
application/json

Response headers

Access-Control-Allow-Origin
https://www.express.co.uk
Date
Thu, 21 Nov 2019 16:13:05 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
0.js
cdn-ssl.vidible.tv/prod/ad-client/js/10.1.21/ Frame 709F 		334 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ssl.vidible.tv/prod/ad-client/js/10.1.21/0.js
Requested by
Host: acds.prod.vidible.tv
URL: https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1250361&orgId=21364&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&vrid=58d8697c-b540-4558-8b7f-53624712ceac&pblob=
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1 - Oath Holdings Inc., US),
Reverse DNS
Software
ATS /
Resource Hash
8249feb820a2d806c3692f7685f34da717b381903c78b4f98a8e70407da77eaf
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

ats-carp-promotion
1
date
Wed, 20 Nov 2019 07:37:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
117362
x-amz-server-side-encryption
AES256
status
200
strict-transport-security
max-age=15552000
content-length
109523
x-amz-id-2
0tebF03L6FjtQWRtAQTJftzgLg6nf4qQhuotyTEsTcPiGPOHShtXRA1SWf2Awai5pQYNDZeZ8ls=
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 23 Oct 2019 12:31:07 GMT
server
ATS
etag
"419ebdf1ac96e356e9c79652cfdd1e0f-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-request-id
CE762DA8A853AD09
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=1209600
x-amz-version-id
null
accept-ranges
bytes
content-type
application/javascript
impression.gif
trk.vidible.tv/trk/ Frame 709F 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk.vidible.tv/trk/impression.gif?pid=59947c0544a64b1a49e52a48&bcid=5909e7c27cdce053ec937ebe&s=true&pv=10.1.21&ifr=true&cb=0.8988198982150728&pt=o2unit&sid=4194a2f6-ecc4-4303-b57d-f47602dc3674&r=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.135.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-197-135-109.eu-central-1.compute.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:13:05 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.10.3 (Ubuntu)
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
Thu, 21 Nov 2019 16:13:05 GMT
411f1e96-3bde-4d85-b17e-63749e5f0695.js
dtm.advertising.com/ Frame 709F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dtm.advertising.com/411f1e96-3bde-4d85-b17e-63749e5f0695.js
Requested by
Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.1.21/0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.177 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (lha/8DA2) /
Resource Hash
1586e2588cce8f05ba9f9819634bc63725efbd798a1fcd995b9ae5fdff09e568

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:13:05 GMT
content-encoding
gzip
last-modified
Wed, 16 Oct 2019 17:58:05 GMT
server
ECAcc (lha/8DA2)
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=utf-8
status
200
cache-control
public, max-age=1800, s-maxage=1800, must-revalidate, proxy-revalidate=1800
content-length
1122
expires
Thu, 21 Nov 2019 16:43:05 GMT
moatapi.js
z.moatads.com/aolvidibleapi29384728347/ Frame 709F 		133 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/aolvidibleapi29384728347/moatapi.js
Requested by
Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.1.21/0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
72.247.226.64 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-226-64.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
ae8dd8617d923f0098d9278754faf1693030212d957544608a5ccf7f51c88079

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:13:05 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Nov 2017 15:04:46 GMT
Server
AmazonS3
x-amz-request-id
E1F2041D41AFF9D3
ETag
"b464a76f8a9370e63ef6d538d84c7ef7"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=34335
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
44278
x-amz-id-2
eH0+SVxltUxojjvhhuHfTJbcj/Q01Wr5cv5XitULV8BgZoppzeWC4tRFp1RMQ6RgP/Q5avVTZhY=
local-storage.html
cdn.vidible.tv/prod/player/ad-time/ Frame 8E6A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.vidible.tv/prod/player/ad-time/local-storage.html
Requested by
Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.1.21/0.js
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1 - Oath Holdings Inc., US),
Reverse DNS
Software
ATS /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
cdn.vidible.tv
:scheme
https
:path
/prod/player/ad-time/local-storage.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download

Response headers

status
200
x-amz-id-2
Vpdv4ikU+mGBzWj97+R9O6qZxhoFbDhvigCfaF39Uw9me+2TSr5K1yNAvr83MKtj3QKP6jVDYkY=
x-amz-request-id
B8EFF3A1D655C6DB
date
Tue, 19 Nov 2019 08:47:00 GMT
last-modified
Thu, 07 Nov 2019 17:11:25 GMT
etag
"3ba0167f9f40b17c70af8074ec7b3c55-df"
x-amz-server-side-encryption
AES256
x-amz-version-id
null
accept-ranges
bytes
content-type
text/html
server
ATS
referrer-policy
no-referrer-when-downgrade
cache-control
max-age=1209600
age
199566
ats-carp-promotion
1
access-control-allow-methods
GET
access-control-allow-origin
*
content-encoding
gzip
vary
Accept-Encoding
content-length
557
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block
x-content-type-options
nosniff
WGGvk3CF30m9wNZ+BAZTJyFR1XHLby71wYHFMqmw7busg9ZNuNt1y8dObTULPw7OGis+zxkolgSg63SWosWzAw==
ads.adaptv.advertising.com/a/h/ Frame 709F 		249 B
828 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/WGGvk3CF30m9wNZ+BAZTJyFR1XHLby71wYHFMqmw7busg9ZNuNt1y8dObTULPw7OGis+zxkolgSg63SWosWzAw==?cb=1574352783634&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&eov=eov&scpid=1.0,1!spotim.market,266658,1,,,&a.cluster=0&a.pvt=0&a.d.pageUrl=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&a.hasAppInfo=2&a.sdk=o2unit&a.sdkType=js&depth=0&height=0&moatViewableOpportunity=0&p.vw.active=1&p.vw.psize=-1&p.vw.viewable=0&p.vw.viewableOpportunity=0&referrerUrl=http%3A%2F%2Fshr.gs%2FkWQbz0R&width=0
Requested by
Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.1.21/0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.21.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-28-21-7.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Accept
text/javascript, application/json, text/html, application/xml, text/xml, */*
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Content-Encoding
gzip
Server
adaptv/1.0
Content-Type
text/xml
Access-Control-Allow-Origin
https://www.express.co.uk
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
192
Expires
0
display.gif
trk.vidible.tv/trk/ Frame 709F 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk.vidible.tv/trk/display.gif?bcid=5909e7c27cdce053ec937ebe&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.1.21&r=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&s=true&sid=4194a2f6-ecc4-4303-b57d-f47602dc3674&vvuid=4a8ca9cf-dcf8-47b9-8ea5-8ba394e655be&orgId=21364&plcid=1250361&vrid=58d8697c-b540-4558-8b7f-53624712ceac&ab=0&dt=128&h=0&spaceid=793604934&w=0&cb=0.8001902143113491
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.135.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-197-135-109.eu-central-1.compute.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:13:05 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.10.3 (Ubuntu)
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
Thu, 21 Nov 2019 16:13:05 GMT
ad-request.gif
trk.vidible.tv/trk/ Frame 709F 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk.vidible.tv/trk/ad-request.gif?bcid=5909e7c27cdce053ec937ebe&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.1.21&r=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&s=true&sid=4194a2f6-ecc4-4303-b57d-f47602dc3674&vvuid=4a8ca9cf-dcf8-47b9-8ea5-8ba394e655be&orgId=21364&plcid=1250361&vrid=58d8697c-b540-4558-8b7f-53624712ceac&at=preroll&ps=html5-vpaid&spaceid=793604934&p.vw.active=1&p.vw.sound=0&vwa=0&vwm=-1&cb=0.3335300367304037
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.135.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-197-135-109.eu-central-1.compute.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:13:05 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.10.3 (Ubuntu)
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
Thu, 21 Nov 2019 16:13:05 GMT
ad-engine-request.gif
trk.vidible.tv/trk/ Frame 709F 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk.vidible.tv/trk/ad-engine-request.gif?bcid=5909e7c27cdce053ec937ebe&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.1.21&r=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&s=true&sid=4194a2f6-ecc4-4303-b57d-f47602dc3674&vvuid=4a8ca9cf-dcf8-47b9-8ea5-8ba394e655be&orgId=21364&plcid=1250361&vrid=58d8697c-b540-4558-8b7f-53624712ceac&at=preroll&adIdx=-1&pbl=true&ps=html5-vpaid&seq=-1&spaceid=793604934&v=593fb311c214e33ec50202f0&w=0&p.vw.active=1&p.vw.sound=0&vwa=0&vwm=-1&h=0&cb=0.7531623064788782
Requested by
Host: www.express.co.uk
URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.135.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-197-135-109.eu-central-1.compute.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 16:13:05 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.10.3 (Ubuntu)
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
Thu, 21 Nov 2019 16:13:05 GMT
411f1e96-3bde-4d85-b17e-63749e5f0695
dtm.advertising.com/ids/ Frame 3F79 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://dtm.advertising.com/ids/411f1e96-3bde-4d85-b17e-63749e5f0695?secure=true
Requested by
Host: dtm.advertising.com
URL: https://dtm.advertising.com/411f1e96-3bde-4d85-b17e-63749e5f0695.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.177 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (lha/8D3E) /
Resource Hash

Request headers

:method
GET
:authority
dtm.advertising.com
:scheme
https
:path
/ids/411f1e96-3bde-4d85-b17e-63749e5f0695?secure=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download

Response headers

status
200
content-encoding
gzip
cache-control
public, max-age=1800, s-maxage=1800, must-revalidate, proxy-revalidate=1800
content-type
text/html; charset=utf-8
date
Thu, 21 Nov 2019 16:13:05 GMT
expires
Thu, 21 Nov 2019 16:43:05 GMT
last-modified
Mon, 28 Oct 2019 05:11:02 GMT
server
ECAcc (lha/8D3E)
vary
Accept-Encoding
x-cache
HIT
content-length
3393
pixel.gif
px.moatads.com/ 		43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&ac=1&bq=7&i=AOL_VIDIBLE_API1&t=1574352785722&de=840372942017&d=199%3A-%3A-%3A-&bo=express.co.uk&bd=express.co.uk&f=0&cs=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
72.247.226.64 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-226-64.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Nov 2019 16:13:05 GMT
Last-Modified
Fri, 20 May 2016 15:16:00 GMT
Server
AkamaiNetStorage
ETag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Thu, 21 Nov 2019 16:13:05 GMT
ad-engine-response.gif
trk.vidible.tv/trk/ Frame 709F 		0
0
tracking
hb.spotim.market/dfp/ Frame BC6A 		0
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.spotim.market/dfp/tracking
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebid/wrapper_hb_270443_3428.js?cb=18221
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.227.137.155 Piscataway, United States, ASN55081 (24SHELLS - 24 SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://www.express.co.uk
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

Date
Thu, 21 Nov 2019 16:13:05 GMT
Server
VertaMedia 1.0
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
OPTIONS,GET,POST
Access-Control-Allow-Origin
https://www.express.co.uk
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
*
Content-Length
0
tracking
hb.spotim.market/dfp/ Frame BC6A 		0
184 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.spotim.market/dfp/tracking
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.227.137.155 Piscataway, United States, ASN55081 (24SHELLS - 24 SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
content-type
application/json

Response headers

Access-Control-Allow-Origin
https://www.express.co.uk
Date
Thu, 21 Nov 2019 16:13:06 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
avjp
outbrain-d.openx.net/v/1.0/ Frame 15CD 		92 B
276 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://outbrain-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.express.co.uk%2F&jr=http%3A%2F%2Fshr.gs%2FkWQbz0R&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=1600x1200&be=1&bc=hb_pb_2.1.9&dddid=ca71d5a5-aef9-420c-a1ab-daaa1e3edba1&nocache=1574352786258&x_gdpr_f=1&schain=1.0%2C1!outbrain.com%2C00a237eb80c88a206da40f6a4d1713f55a%2C1%2C%2C%2C&auid=540792896&vwd=586&vht=329&vos=101&
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.2 /
Resource Hash
004e5faf0bf890f61697daeede9f21826affd1137fb2cb58eaf4719937a04a14

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Origin
https://www.express.co.uk
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Nov 2019 16:13:06 GMT
via
1.1 google
server
OXGW/16.167.2
status
200
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.express.co.uk
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
92
expires
Mon, 26 Jul 1997 05:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 4161 		141 B
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.133.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-58-133-90.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
5212f9687cf572b210468c14133092db1185579b44752948650acc2dd4e26e3b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Origin
https://www.express.co.uk
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Nov 2019 16:13:06 GMT
content-encoding
gzip
status
200
content-type
application/json
access-control-allow-origin
https://www.express.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
149
expires
0
avjp
outbrain-d.openx.net/v/1.0/ Frame EFAD 		92 B
276 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://outbrain-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.express.co.uk%2F&jr=http%3A%2F%2Fshr.gs%2FkWQbz0R&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=1600x1200&be=1&bc=hb_pb_2.1.9&dddid=ed7bc9a4-b559-4694-976e-00fa165ef0c6&nocache=1574352786270&x_gdpr_f=1&schain=1.0%2C1!outbrain.com%2C00a237eb80c88a206da40f6a4d1713f55a%2C1%2C%2C%2C&auid=540792896&vwd=586&vht=329&vos=101&
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.2 /
Resource Hash
004e5faf0bf890f61697daeede9f21826affd1137fb2cb58eaf4719937a04a14

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Origin
https://www.express.co.uk
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Nov 2019 16:13:06 GMT
via
1.1 google
server
OXGW/16.167.2
status
200
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.express.co.uk
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
92
expires
Mon, 26 Jul 1997 05:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame BAA8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified
Thu, 14 Nov 2019 18:59:50 GMT
Content-Encoding
gzip
Content-Length
7459
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=64985
Expires
Fri, 22 Nov 2019 10:16:11 GMT
Date
Thu, 21 Nov 2019 16:13:06 GMT
Connection
keep-alive
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame F625 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.2 /
Resource Hash

Request headers

:method
GET
:authority
u.openx.net
:scheme
https
:path
/w/1.0/pd
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
accept-encoding
gzip, deflate, br
cookie
i=24b57d09-e54d-4647-b468-33317f8c7f06|1574352786
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

status
200
vary
Accept
set-cookie
i=24b57d09-e54d-4647-b468-33317f8c7f06|1574352786; Version=1; Expires=Fri, 20-Nov-2020 16:13:06 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1574352786|mOgikimWiygu; Version=1; Expires=Fri, 06-Dec-2019 16:13:06 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server
OXGW/16.167.2
p3p
CP="CUR ADM OUR NOR STA NID"
date
Thu, 21 Nov 2019 16:13:06 GMT
content-type
text/html
content-length
592
via
1.1 google
alt-svc
clear
pd
u.openx.net/w/1.0/ Frame 1C90 		0
0
AVmanager.js
player.aniview.com/script/6.1/ Frame 6B80 		343 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/aniview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:10c:397::2c79 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
UploadServer /
Resource Hash
8aa66bcf8bf7e634d7351aad8ccb3df4d760a7e6df505e1936d6360e7dd5cc72

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:13:06 GMT
content-encoding
gzip
status
200
x-guploader-uploadid
AEnB2Ur4Md9e2msrZmAxtq8dKCPaZCDMqDwi94bsjOpuBb2edaq6I2jDokfaQidrduojaYdJgHQrbKLHorKGDS6GrWUvvIsABg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
101744
last-modified
Wed, 20 Nov 2019 15:14:14 GMT
server
UploadServer
etag
"cdb383ed1b80a0a0c2f1c54703190a4c"
vary
Accept-Encoding
x-goog-hash
crc32c=J5juKQ==, md5=zbOD7RuAoKDC8cVHAxkKTA==
content-language
en
access-control-allow-origin
*
x-goog-generation
1574262854771674
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
101744
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 21 Nov 2019 16:18:06 GMT
track
track1.aniview.com/ 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=58a5addb28a0612d3529bc5e&cid=5c8a4bd2073ef4526121e5ca&e=playerStarted&cb=1574352786461
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.13.75 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-224-13-75.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

status
200
date
Thu, 21 Nov 2019 16:13:06 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ Frame 6B80 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=58a5addb28a0612d3529bc5e&cid=5c8a4bd2073ef4526121e5ca&r=www.express.co.uk&sn=511&cd1=CR_1%23SFD_STP_9&cd2=9549-0-0&cd3=5343407&cd4=footer&ic=0&tgt=0&app=&wi=586&he=329&test=&apppkg=&fv=3&e=inventory&vi=0&cb=1574352786501
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.13.75 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-224-13-75.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

status
200
date
Thu, 21 Nov 2019 16:13:06 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
observe.aniview.com/api/adserver/tag/ Frame 6B80 		10 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://observe.aniview.com/api/adserver/tag/?AV_SUBID=511&AV_CDIM1=CR_1%23SFD_STP_9&AV_UID=0abd0d83306e39f1f2a01f4dedfaf0d8&AV_CDIM2=9549-0-0&AV_CDIM3=5343407&AV_CDIM4=footer&AV_SCHAIN=1.0%2C1!outbrain.com%2C00a237eb80c88a206da40f6a4d1713f55a%2C1%2C%2C%2C&AV_SECURED=true&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&AV_PUBLISHERID=58a5addb28a0612d3529bc5e&AV_CHANNELID=5c8a4bd2073ef4526121e5ca&AV_WIDTH=586&AV_HEIGHT=329&format=json&tgt=0&AV_ABT=&pce=1&npx=1&AV_DNT=0&AV_DETDOMAIN=www.express.co.uk&AV_DADPOS=3&v=6.1.1.243&cb=1574352786500&cb=1574352786513
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.59.224 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-215-59-224.compute-1.amazonaws.com
Software
/
Resource Hash
384297a37e490452c11385acae5fdc088c097d171c9dea15cd8dfb14886bcbc5

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk

Response headers

date
Thu, 21 Nov 2019 16:13:06 GMT
content-encoding
gzip
status
200
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.express.co.uk
cache-control
no-cache
access-control-allow-credentials
true
expires
Sun, 10 Nov 2019 02:26:26 GMT
track
track1.aniview.com/ Frame 6B80 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=58a5addb28a0612d3529bc5e&cid=5c8a4bd2073ef4526121e5ca&r=www.express.co.uk&sn=511&cd1=CR_1%23SFD_STP_9&cd2=9549-0-0&cd3=5343407&cd4=footer&ic=0&tgt=0&app=&wi=586&he=329&test=&apppkg=&fv=3&e=inventoryRequest&cb=1574352786513
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.13.75 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-224-13-75.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

status
200
date
Thu, 21 Nov 2019 16:13:06 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
avjp
outbrain-d.openx.net/v/1.0/ Frame 6B80 		92 B
276 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://outbrain-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&jr=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=0x0&be=1&bc=hb_pb_2.1.9&dddid=1574352786643&nocache=1574352786644&schain=1.0%2C1!outbrain.com%2C00a237eb80c88a206da40f6a4d1713f55a%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%2C%22w%22%3A586%2C%22h%22%3A329%7D%7D%5D%2C%22w%22%3A586%2C%22v%22%3A329%7D&auid=540871914&vwd=586&vht=329&
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.2 /
Resource Hash
004e5faf0bf890f61697daeede9f21826affd1137fb2cb58eaf4719937a04a14

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk

Response headers

pragma
no-cache
date
Thu, 21 Nov 2019 16:13:06 GMT
via
1.1 google
server
OXGW/16.167.2
status
200
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.express.co.uk
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
92
expires
Mon, 26 Jul 1997 05:00:00 GMT
openrtb
ads.adaptv.advertising.com/rtb/ Frame 6B80 		0
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=OutbrainHB
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.21.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-28-21-7.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.express.co.uk
Access-Control-Allow-Credentials
true
Server
adaptv/1.0
Connection
keep-alive
Content-Length
0
Content-Type
application/json
avjp
outbrain-d.openx.net/v/1.0/ Frame 6B80 		92 B
276 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://outbrain-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&jr=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=0x0&be=1&bc=hb_pb_2.1.9&dddid=1574352786646&nocache=1574352786646&schain=1.0%2C1!outbrain.com%2C00a237eb80c88a206da40f6a4d1713f55a%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%2C%22w%22%3A586%2C%22h%22%3A329%7D%7D%5D%2C%22w%22%3A586%2C%22v%22%3A329%7D&auid=540871914&vwd=586&vht=329&
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.2 /
Resource Hash
004e5faf0bf890f61697daeede9f21826affd1137fb2cb58eaf4719937a04a14

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk

Response headers

pragma
no-cache
date
Thu, 21 Nov 2019 16:13:06 GMT
via
1.1 google
server
OXGW/16.167.2
status
200
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.express.co.uk
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
92
expires
Mon, 26 Jul 1997 05:00:00 GMT
openrtb
ads.adaptv.advertising.com/rtb/ Frame 6B80 		0
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=OutbrainHB
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.21.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-28-21-7.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.express.co.uk
Access-Control-Allow-Credentials
true
Server
adaptv/1.0
Connection
keep-alive
Content-Length
0
Content-Type
application/json
video
fastlane-adv.rubiconproject.com/v1/auction/ Frame 6B80 		228 B
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane-adv.rubiconproject.com/v1/auction/video
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.99.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-195-99-26.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
828e6e42052453e106e9dad83d4f5c5c0346df0de711cc52879f697c9e6bc5e1

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 21 Nov 2019 16:13:07 GMT
Vary
Accept-Encoding, Origin
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://www.express.co.uk
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
228
X-Application-Context
application:default,prod:8080
263778
search.spotxchange.com/openrtb/2.3/dados/ Frame 6B80 		0
0
track
track1.aniview.com/ Frame 6B80 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=NL&cos=OSX&r=www.express.co.uk&rs=www.express.co.uk&sid=73198&t=1574352786&cip=89.38.96.190&sn=511&tgt=0&osv=10.14.6&bv=78.0&brn=Chrome&wi=586&he=329&app=&AV_PUBLISHERID=58a5addb28a0612d3529bc5e&test=&aafaid=&uid=97adb0a7fdc82c8bb2a2d6cd5187212c&imid=55896507d6eed1989e53aefc9d818ccb666220449751723163188&cb=12714620261&cd3=5343407&cd4=footer&cd1=CR_1%23SFD_STP_9&cd2=9549-0-0&nid=58a5addb28a0612d3529bc5e&ncid=5c8a4bd2073ef4526121e5ca&e=request&cb=1574352786650&asid=5d9ae9af28a06173e31e75e6%2C5d875f6628a0616a8c1f67eb%2C5da57f6928a0611a135b5906%2C5d529d7928a06149a912560d%2C5d09f63c28a06119b632a65b%2C5d41980e28a061697429ddd6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.13.75 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-224-13-75.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

status
200
date
Thu, 21 Nov 2019 16:13:06 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
pd
u.openx.net/w/1.0/ Frame F36C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.2 /
Resource Hash

Request headers

:method
GET
:authority
u.openx.net
:scheme
https
:path
/w/1.0/pd
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
accept-encoding
gzip, deflate, br
cookie
i=24b57d09-e54d-4647-b468-33317f8c7f06|1574352786; pd=v2|1574352786|mOgikimWiygu
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download

Response headers

status
200
vary
Accept
set-cookie
i=24b57d09-e54d-4647-b468-33317f8c7f06|1574352786; Version=1; Expires=Fri, 20-Nov-2020 16:13:06 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1574352786|kimWfcgqiysLgemOgun0oagi; Version=1; Expires=Fri, 06-Dec-2019 16:13:06 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server
OXGW/16.167.2
p3p
CP="CUR ADM OUR NOR STA NID"
date
Thu, 21 Nov 2019 16:13:06 GMT
content-type
text/html
content-length
468
via
1.1 google
alt-svc
clear
%7Bcombo_uid%7D
pr-bh.ybp.yahoo.com/sync/adaptv_ortb/ Frame 6B80 		43 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/adaptv_ortb/%7Bcombo_uid%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:13:06 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
status
200
x-content-type-options
nosniff
content-length
43
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
m7y5t93k
sync-tm.everesttech.net/ct/upi/pid/ Frame 6B80
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/m7y5t93k?redir=https%3A%2F%2Fsync.adap.tv%2Fsync%3Ftype%3Dgif%26key%3Dtubemogul%26uid%3D%24%7BUSER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?redir=https%3A%2F%2Fsync.adap.tv%2Fsync%3Ftype%3Dgif%26key%3Dtubemogul%26uid%3D%24%7BUSER_ID%7D&_test=Xda3kgAAAEhpzgxi
85 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?redir=https%3A%2F%2Fsync.adap.tv%2Fsync%3Ftype%3Dgif%26key%3Dtubemogul%26uid%3D%24%7BUSER_ID%7D&_test=Xda3kgAAAEhpzgxi
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Jetty(9.3.8.v20160314) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Nov 2019 16:13:07 GMT
via
1.1 varnish
server
Jetty(9.3.8.v20160314)
age
1784
x-cache
HIT
content-type
image/png
status
200
cache-control
no-cache
x-cache-hits
11636
accept-ranges
bytes
x-timer
S1574352787.006617,VS0,VE0
content-length
85
x-served-by
cache-hhn4035-HHN

Redirect headers

pragma
no-cache
date
Thu, 21 Nov 2019 16:13:06 GMT
via
1.1 varnish
server
Jetty(9.3.8.v20160314)
x-timer
S1574352787.794264,VS0,VE190
location
https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?redir=https%3A%2F%2Fsync.adap.tv%2Fsync%3Ftype%3Dgif%26key%3Dtubemogul%26uid%3D%24%7BUSER_ID%7D&_test=Xda3kgAAAEhpzgxi
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
status
302
cache-control
no-cache
x-cache-hits
0
accept-ranges
bytes
access-control-allow-origin
*
x-served-by
cache-hhn4035-HHN
sync
ups.analytics.yahoo.com/ups/57304/ Frame 6B80
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_sc
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEMtaU_y-4GSNvY0KvlMVR6g&google_cver=1
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEMtaU_y-4GSNvY0KvlMVR6g&google_cver=1&apid=UPcd30b9fa-0c79-11ea-b3b4-024295d6aa7e
0
503 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEMtaU_y-4GSNvY0KvlMVR6g&google_cver=1&apid=UPcd30b9fa-0c79-11ea-b3b4-024295d6aa7e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.41.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-58-41-129.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

status
204
date
Thu, 21 Nov 2019 16:13:06 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status
302
date
Thu, 21 Nov 2019 16:13:06 GMT
strict-transport-security
max-age=31536000
content-length
0
location
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEMtaU_y-4GSNvY0KvlMVR6g&google_cver=1&apid=UPcd30b9fa-0c79-11ea-b3b4-024295d6aa7e
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ups.analytics.yahoo.com/ups/55953/ Frame 6B80
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1
  • https://pixel.advertising.com/ups/55953/sync?uid=7f345b1c-7ac1-44eb-8b3a-985e4a0bb2af&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=7f345b1c-7ac1-44eb-8b3a-985e4a0bb2af
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=7f345b1c-7ac1-44eb-8b3a-985e4a0bb2af&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=7f345b1c-7ac1-44eb-8b3a-985e4a0bb2af&apid=UPcd30b9fa-0c79-11ea...
0
513 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55953/sync?uid=7f345b1c-7ac1-44eb-8b3a-985e4a0bb2af&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=7f345b1c-7ac1-44eb-8b3a-985e4a0bb2af&apid=UPcd30b9fa-0c79-11ea-b3b4-024295d6aa7e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.41.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-58-41-129.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

status
204
date
Thu, 21 Nov 2019 16:13:07 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status
302
date
Thu, 21 Nov 2019 16:13:06 GMT
strict-transport-security
max-age=31536000
content-length
0
location
https://ups.analytics.yahoo.com/ups/55953/sync?uid=7f345b1c-7ac1-44eb-8b3a-985e4a0bb2af&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=7f345b1c-7ac1-44eb-8b3a-985e4a0bb2af&apid=UPcd30b9fa-0c79-11ea-b3b4-024295d6aa7e
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
270443_3428.json
player.spotim.market/prebid/ Frame BC6A 		39 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.spotim.market/prebid/270443_3428.json?cb=1574352787585.2068
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebid/wrapper_hb_270443_3428.js?cb=18221
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
720bd5ef127029de95693dbecc491866c1b1ff33ee014d4e2907c2a2b1f399c7

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk

Response headers

date
Thu, 21 Nov 2019 16:13:07 GMT
content-encoding
gzip
last-modified
Thu, 21 Nov 2019 11:13:16 GMT
server
nginx
etag
W/"5dd6714c-9de8"
status
200
content-type
application/json
access-control-allow-origin
https://www.express.co.uk
expires
Thu, 21 Nov 2019 16:18:07 GMT
cache-control
max-age=300
x-proxy-cache
HIT
usync.html
eus.rubiconproject.com/ Frame 7128 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebid/hb_270443_3428.js?cb=18222
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download

Response headers

Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified
Thu, 14 Nov 2019 18:59:50 GMT
Content-Encoding
gzip
Content-Length
7459
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=64984
Expires
Fri, 22 Nov 2019 10:16:11 GMT
Date
Thu, 21 Nov 2019 16:13:07 GMT
Connection
keep-alive
Vary
Accept-Encoding
Cookie set beacon
ap.lijit.com/ Frame 3271
Redirect Chain
  • https://ap.lijit.com/beacon?informer=13399841&gdpr_consent=
  • https://ap.lijit.com/beacon?informer=13399841&gdpr_consent=&dnr=1
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13399841&gdpr_consent=&dnr=1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebid/hb_270443_3428.js?cb=18222
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET - Internap Corporation, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Host
ap.lijit.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Accept-Encoding
gzip, deflate, br
Cookie
ljt_reader=66e67dba15faac682f5b8090
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download

Response headers

Server
nginx
Date
Thu, 21 Nov 2019 16:13:07 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Application-Context
application:prod:9080
Set-Cookie
tpro_inst=9052F7A55F11D4A565D7425F1D0520E7;Path=/;Domain=.lijit.com;Expires=Fri, 20-Nov-2020 16:13:07 GMT;Max-Age=31536000 tpro=eJxlUNtqxCAU%2FBefQzhGze03um%2BliBiTCEYXsymUJf%2Fe48m2FOrTuYxzZubJ0mN1mY1PFh5%2Bc2zkqpNCNV3fVWxLk7bpiA8cY%2Fcf8Ony7lNkI2tqYGfFsptdzj4ub85ku95c3nY2vn9U7J7T7IMrl3y0aaOKA%2Bh7OBACdYN8AnQLP00LGvfU9RUDLajmPZ6xKQS3EMVvCbUY8KmKLdlMercrwRUAIFlMkTBSIqZQLC5Ol%2FHZbSZcy0LQotNXX%2F6CLLaMvY6Zw5YF6nnlBjVgNGbO2mzU4crs3kRqUMzq9zvVbdG9%2BjBlFwtXTHSiB%2BCo78tRCJKjOoFIc7njvRaSIiiyB0xI84boitauwQnHUUejor54FUrLgQIp%2Bjs0pP7EjKa4kud5fgOPCond;Path=/;Domain=.lijit.com;Expires=Fri, 20-Nov-2020 16:13:07 GMT;Max-Age=31536000 ljtrtb_refresh=false;Path=/;Domain=.lijit.com;Expires=Mon, 25-Nov-2019 16:13:07 GMT;Max-Age=345600 ljtrtbexp=eJxdkDkOgDAMBP%2BSmgI7Pvka4u%2BRoCFTjtaetXwPGZd4uofOymPojhE7TyDihE3OnQ16gy%2FhE8x3d2ECG8XGRg5j4YIy%2FAO5o08%2FNpstb477NP%2F8LGBOSNk%3D;Path=/;Domain=.lijit.com;Expires=Fri, 20-Nov-2020 16:13:07 GMT;Max-Age=31536000
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
Content-Encoding
gzip
X-Sovrn-Pod
ad_ap5ams1

Redirect headers

Server
nginx
Date
Thu, 21 Nov 2019 16:13:07 GMT
Content-Length
0
X-Application-Context
application:prod:9080
Set-Cookie
ljt_reader=66e67dba15faac682f5b8090;Path=/;Domain=.lijit.com;Expires=Fri, 20-Nov-2020 16:13:07 GMT;Max-Age=31536000
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ap.lijit.com/beacon?informer=13399841&gdpr_consent=&dnr=1
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap5ams1
showad.js
ads.pubmatic.com/AdServer/js/ Frame 87B2 		0
0
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 1C9A 		0
0
usync.html
eus.rubiconproject.com/ Frame 53F1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download

Response headers

Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified
Thu, 14 Nov 2019 18:59:50 GMT
Content-Encoding
gzip
Content-Length
7459
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=64984
Expires
Fri, 22 Nov 2019 10:16:11 GMT
Date
Thu, 21 Nov 2019 16:13:07 GMT
Connection
keep-alive
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 0D2A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download

Response headers

Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified
Thu, 14 Nov 2019 18:59:50 GMT
Content-Encoding
gzip
Content-Length
7459
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=64984
Expires
Fri, 22 Nov 2019 10:16:11 GMT
Date
Thu, 21 Nov 2019 16:13:07 GMT
Connection
keep-alive
Vary
Accept-Encoding
avjp
outbrain-d.openx.net/v/1.0/ Frame D50F 		92 B
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://outbrain-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.express.co.uk%2F&jr=http%3A%2F%2Fshr.gs%2FkWQbz0R&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=1600x1200&be=1&bc=hb_pb_2.1.9&dddid=0bd3662b-aa89-4eb7-bb6d-7e2980e7d93b&nocache=1574352787877&x_gdpr_f=1&schain=1.0%2C1!outbrain.com%2C0000000000000000000000000000000000%2C1%2C%2C%2C&auid=540792896&vwd=586&vht=329&vos=101&
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.2 /
Resource Hash
004e5faf0bf890f61697daeede9f21826affd1137fb2cb58eaf4719937a04a14

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Origin
https://www.express.co.uk
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Nov 2019 16:13:07 GMT
via
1.1 google
server
OXGW/16.167.2
status
200
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.express.co.uk
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
92
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
outbrain-d.openx.net/v/1.0/ Frame DFC1 		92 B
275 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://outbrain-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.express.co.uk%2F&jr=http%3A%2F%2Fshr.gs%2FkWQbz0R&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=1600x1200&be=1&bc=hb_pb_2.1.9&dddid=479b3a2c-8494-45d8-91fd-554825640d3a&nocache=1574352787885&x_gdpr_f=1&schain=1.0%2C1!outbrain.com%2C0000000000000000000000000000000000%2C1%2C%2C%2C&auid=540792896&vwd=586&vht=329&vos=101&
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.2 /
Resource Hash
004e5faf0bf890f61697daeede9f21826affd1137fb2cb58eaf4719937a04a14

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Origin
https://www.express.co.uk
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Nov 2019 16:13:07 GMT
via
1.1 google
server
OXGW/16.167.2
status
200
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.express.co.uk
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
92
expires
Mon, 26 Jul 1997 05:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 04E1 		141 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.133.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-58-133-90.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
be0592804b4e0e9a92b6576f6749afb29d972d39e113a789186ee51bc55d1971

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Origin
https://www.express.co.uk
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Nov 2019 16:13:07 GMT
content-encoding
gzip
status
200
content-type
application/json
access-control-allow-origin
https://www.express.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
147
expires
0
usync.html
eus.rubiconproject.com/ Frame 4CA8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified
Thu, 14 Nov 2019 18:59:50 GMT
Content-Encoding
gzip
Content-Length
7459
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=64984
Expires
Fri, 22 Nov 2019 10:16:11 GMT
Date
Thu, 21 Nov 2019 16:13:07 GMT
Connection
keep-alive
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 7795 		0
0
pd
u.openx.net/w/1.0/ Frame CF72 		0
0
AVmanager.js
player.aniview.com/script/6.1/ Frame 7152 		343 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/aniview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:10c:397::2c79 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
UploadServer /
Resource Hash
8aa66bcf8bf7e634d7351aad8ccb3df4d760a7e6df505e1936d6360e7dd5cc72

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:13:08 GMT
content-encoding
gzip
status
200
x-guploader-uploadid
AEnB2Ur4Md9e2msrZmAxtq8dKCPaZCDMqDwi94bsjOpuBb2edaq6I2jDokfaQidrduojaYdJgHQrbKLHorKGDS6GrWUvvIsABg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
101744
last-modified
Wed, 20 Nov 2019 15:14:14 GMT
server
UploadServer
etag
"cdb383ed1b80a0a0c2f1c54703190a4c"
vary
Accept-Encoding
x-goog-hash
crc32c=J5juKQ==, md5=zbOD7RuAoKDC8cVHAxkKTA==
content-language
en
access-control-allow-origin
*
x-goog-generation
1574262854771674
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
101744
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 21 Nov 2019 16:18:08 GMT
track
track1.aniview.com/ 		0
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=58a5addb28a0612d3529bc5e&cid=5c8a4bd2073ef4526121e5ca&e=playerStarted&cb=1574352787994
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.13.75 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-224-13-75.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

status
200
date
Thu, 21 Nov 2019 16:13:08 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
usync.html
eus.rubiconproject.com/ Frame 7CB7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download

Response headers

Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified
Thu, 14 Nov 2019 18:59:50 GMT
Content-Encoding
gzip
Content-Length
7459
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=64983
Expires
Fri, 22 Nov 2019 10:16:11 GMT
Date
Thu, 21 Nov 2019 16:13:08 GMT
Connection
keep-alive
Vary
Accept-Encoding
track
track1.aniview.com/ Frame 7152 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=58a5addb28a0612d3529bc5e&cid=5c8a4bd2073ef4526121e5ca&r=www.express.co.uk&sn=511&cd1=CR_1%23SFD_STP_11&cd2=9549-0-0&cd3=5343407&cd4=footer&ic=0&tgt=0&app=&wi=586&he=329&test=&apppkg=&fv=3&e=inventory&vi=0&cb=1574352788082
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.13.75 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-224-13-75.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

status
200
date
Thu, 21 Nov 2019 16:13:08 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
observe.aniview.com/api/adserver/tag/ Frame 7152 		10 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://observe.aniview.com/api/adserver/tag/?AV_SUBID=511&AV_CDIM1=CR_1%23SFD_STP_11&AV_UID=2edba73094774c4f29bf8e908c5a8ea7&AV_CDIM2=9549-0-0&AV_CDIM3=5343407&AV_CDIM4=footer&AV_SCHAIN=1.0%2C1!outbrain.com%2C0000000000000000000000000000000000%2C1%2C%2C%2C&AV_SECURED=true&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&AV_PUBLISHERID=58a5addb28a0612d3529bc5e&AV_CHANNELID=5c8a4bd2073ef4526121e5ca&AV_WIDTH=586&AV_HEIGHT=329&format=json&tgt=0&AV_ABT=&pce=1&npx=1&AV_DNT=0&AV_DETDOMAIN=www.express.co.uk&AV_DADPOS=3&v=6.1.1.243&cb=1574352788081&cb=1574352788095
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.59.224 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-215-59-224.compute-1.amazonaws.com
Software
/
Resource Hash
6ba50745b0bff04b35830084f9e5d1e4afc2b303d5619767d64424daabb936bf

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk

Response headers

date
Thu, 21 Nov 2019 16:13:08 GMT
content-encoding
gzip
status
200
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.express.co.uk
cache-control
no-cache
access-control-allow-credentials
true
expires
Sun, 10 Nov 2019 02:26:28 GMT
track
track1.aniview.com/ Frame 7152 		0
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=58a5addb28a0612d3529bc5e&cid=5c8a4bd2073ef4526121e5ca&r=www.express.co.uk&sn=511&cd1=CR_1%23SFD_STP_11&cd2=9549-0-0&cd3=5343407&cd4=footer&ic=0&tgt=0&app=&wi=586&he=329&test=&apppkg=&fv=3&e=inventoryRequest&cb=1574352788095
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.13.75 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-224-13-75.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

status
200
date
Thu, 21 Nov 2019 16:13:08 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
tt.onthe.io/ 		0
0
avjp
outbrain-d.openx.net/v/1.0/ Frame 7152 		92 B
275 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://outbrain-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&jr=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=0x0&be=1&bc=hb_pb_2.1.9&dddid=1574352788231&nocache=1574352788232&schain=1.0%2C1!outbrain.com%2C0000000000000000000000000000000000%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%2C%22w%22%3A586%2C%22h%22%3A329%7D%7D%5D%2C%22w%22%3A586%2C%22v%22%3A329%7D&auid=540871914&vwd=586&vht=329&
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.2 /
Resource Hash
004e5faf0bf890f61697daeede9f21826affd1137fb2cb58eaf4719937a04a14

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk

Response headers

pragma
no-cache
date
Thu, 21 Nov 2019 16:13:08 GMT
via
1.1 google
server
OXGW/16.167.2
status
200
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.express.co.uk
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
92
expires
Mon, 26 Jul 1997 05:00:00 GMT
openrtb
ads.adaptv.advertising.com/rtb/ Frame 7152 		0
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=OutbrainHB
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.21.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-28-21-7.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.express.co.uk
Access-Control-Allow-Credentials
true
Server
adaptv/1.0
Connection
keep-alive
Content-Length
0
Content-Type
application/json
avjp
outbrain-d.openx.net/v/1.0/ Frame 7152 		92 B
275 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://outbrain-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&jr=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=0x0&be=1&bc=hb_pb_2.1.9&dddid=1574352788235&nocache=1574352788235&schain=1.0%2C1!outbrain.com%2C0000000000000000000000000000000000%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%2C%22w%22%3A586%2C%22h%22%3A329%7D%7D%5D%2C%22w%22%3A586%2C%22v%22%3A329%7D&auid=540871914&vwd=586&vht=329&
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.2 /
Resource Hash
004e5faf0bf890f61697daeede9f21826affd1137fb2cb58eaf4719937a04a14

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk

Response headers

pragma
no-cache
date
Thu, 21 Nov 2019 16:13:08 GMT
via
1.1 google
server
OXGW/16.167.2
status
200
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.express.co.uk
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
92
expires
Mon, 26 Jul 1997 05:00:00 GMT
openrtb
ads.adaptv.advertising.com/rtb/ Frame 7152 		0
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=OutbrainHB
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.21.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-28-21-7.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.express.co.uk
Access-Control-Allow-Credentials
true
Server
adaptv/1.0
Connection
keep-alive
Content-Length
0
Content-Type
application/json
video
fastlane-adv.rubiconproject.com/v1/auction/ Frame 7152 		229 B
563 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane-adv.rubiconproject.com/v1/auction/video
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.99.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-195-99-26.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0ad8a81c3b4715fb7a01f8b25cc4a259ce78bcd701e8ddcd2cfccfb2f83e023c

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Origin
https://www.express.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 21 Nov 2019 16:13:08 GMT
Vary
Accept-Encoding, Origin
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://www.express.co.uk
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
229
X-Application-Context
application:default,prod:8080
263778
search.spotxchange.com/openrtb/2.3/dados/ Frame 7152 		0
0
track
track1.aniview.com/ Frame 7152 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=NL&cos=OSX&r=www.express.co.uk&rs=www.express.co.uk&sid=48466&t=1574352788&cip=89.38.96.190&sn=511&tgt=0&osv=10.14.6&bv=78.0&brn=Chrome&wi=586&he=329&app=&AV_PUBLISHERID=58a5addb28a0612d3529bc5e&test=&aafaid=&uid=97adb0a7fdc82c8bb2a2d6cd5187212c&imid=efede00fe7a54daa523bad96943ae921938743632901723159230&cb=81554065807&cd3=5343407&cd4=footer&cd1=CR_1%23SFD_STP_11&cd2=9549-0-0&nid=58a5addb28a0612d3529bc5e&ncid=5c8a4bd2073ef4526121e5ca&e=request&cb=1574352788238&asid=5d9ae9af28a06173e31e75e6%2C5d875f6628a0616a8c1f67eb%2C5da57f6928a0611a135b5906%2C5d529d7928a06149a912560d%2C5d09f63c28a06119b632a65b%2C5d41980e28a061697429ddd6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.13.75 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-224-13-75.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

status
200
date
Thu, 21 Nov 2019 16:13:08 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
%7Bcombo_uid%7D
pr-bh.ybp.yahoo.com/sync/adaptv_ortb/ Frame 7152 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/adaptv_ortb/%7Bcombo_uid%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 16:13:08 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
status
200
x-content-type-options
nosniff
content-length
43
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
m7y5t93k
sync-tm.everesttech.net/upi/pid/ Frame 7152 		0
0
sync
pixel.advertising.com/ups/57304/ Frame 7152
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_sc
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESECYznXnNGeCq_Nc0IM0QLtE&google_cver=1
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESECYznXnNGeCq_Nc0IM0QLtE&google_cver=1&verify=true
0
0
sync
pixel.advertising.com/ups/55953/ Frame 7152
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1
  • https://pixel.advertising.com/ups/55953/sync?uid=6cc449b9-7d77-4303-8d22-74289895e2cf&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=6cc449b9-7d77-4303-8d22-74289895e2cf
0
0
usync.html
eus.rubiconproject.com/ Frame 2198 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download

Response headers

Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified
Thu, 14 Nov 2019 18:59:50 GMT
Content-Encoding
gzip
Content-Length
7459
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=64983
Expires
Fri, 22 Nov 2019 10:16:11 GMT
Date
Thu, 21 Nov 2019 16:13:08 GMT
Connection
keep-alive
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 5F63 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.2 /
Resource Hash

Request headers

:method
GET
:authority
u.openx.net
:scheme
https
:path
/w/1.0/pd
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download
accept-encoding
gzip, deflate, br
cookie
i=ff0b5783-82d2-047a-1118-aa8c67af9eea|1574352787; pd=v2|1574352788|mOgikimWiygu
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download

Response headers

status
200
vary
Accept
set-cookie
i=ff0b5783-82d2-047a-1118-aa8c67af9eea|1574352787; Version=1; Expires=Fri, 20-Nov-2020 16:13:08 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1574352788|kimWfcgqiysLgemOgun0oagi; Version=1; Expires=Fri, 06-Dec-2019 16:13:08 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server
OXGW/16.167.2
p3p
CP="CUR ADM OUR NOR STA NID"
date
Thu, 21 Nov 2019 16:13:08 GMT
content-type
text/html
content-length
468
via
1.1 google
alt-svc
clear

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/safeframe/1-0-36/html/container.html
Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=vgS1m8RM4P9hcsD6XGGtZHZi&bidId=97edd9cf9b1098&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.39.0-pre&strVersion=3.1.0&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22express.co.uk%22%2C%22sid%22%3A%22266658%22%2C%22hp%22%3A1%7D%5D%7D&
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=1434862&size_id=15&rf=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&tk_flint=pbjs_lite_v2.39.0-pre&x_source.tid=3418b373-9e60-419b-8e3c-796e9cc502c2&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.4670660373622566
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=785062&size_id=15&rf=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&tk_flint=pbjs_lite_v2.39.0-pre&x_source.tid=3418b373-9e60-419b-8e3c-796e9cc502c2&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.9391941327685414
Domain
as-sec.casalemedia.com
URL
https://as-sec.casalemedia.com/cygnus?s=410390&v=7.2&r=%7B%22id%22%3A%221367dd1f7b8a083%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2214eee11d94456d3%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22410390%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22id%22%3A%22157fc185edfb874%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%2C%22ext%22%3A%7B%22siteID%22%3A356568%2C%22sid%22%3A%22300x250%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Domain
vid.pubmatic.com
URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=631526&adId=2449018&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+7&sec=1&gdpr=&gdpr_consent=&schain=1.0,1!spotim.market,266658,1,,,&kadpageurl=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download
Domain
search.spotxchange.com
URL
https://search.spotxchange.com/vast/2.00/266251?VPAID=JS&content_page_url=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&cb=1574352783937&player_width=400&player_height=300&ip_addr=89.38.96.190&device[ua]=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_6%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F78.0.3904.97%20Safari%2F537.36&schain=1.0,1!spotim.market,266658,1,,,
Domain
search.spotxchange.com
URL
https://search.spotxchange.com/vast/2.00/266458?VPAID=JS&content_page_url=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&cb=1574352783138&player_width=400&player_height=300&ip_addr=89.38.96.190&device[ua]=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_6%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F78.0.3904.97%20Safari%2F537.36&schain=1.0,1!spotim.market,266658,1,,,
Domain
search.spotxchange.com
URL
https://search.spotxchange.com/vast/2.00/265327?VPAID=JS&content_page_url=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&cb=1574352783005&player_width=400&player_height=300&ip_addr=89.38.96.190&device[ua]=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_6%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F78.0.3904.97%20Safari%2F537.36&schain=1.0,1!spotim.market,266658,1,,,
Domain
eus.rubiconproject.com
URL
https://eus.rubiconproject.com/usync.html
Domain
eus.rubiconproject.com
URL
https://eus.rubiconproject.com/usync.html
Domain
search.spotxchange.com
URL
https://search.spotxchange.com/openrtb/2.3/dados/263778
Domain
search.spotxchange.com
URL
https://search.spotxchange.com/openrtb/2.3/dados/263778
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/safeframe/1-0-36/html/container.html?n=1
Domain
sync.adaptv.advertising.com
URL
https://sync.adaptv.advertising.com/sync?type=gif&key=tubemogul&uid=Xda3kgAAAHicnn6l&_test=Xda3kgAAAHicnn6l
Domain
trk.vidible.tv
URL
https://trk.vidible.tv/trk/ad-engine-response.gif?bcid=5909e7c27cdce053ec937ebe&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.1.21&r=https%3A%2F%2Fwww.express.co.uk%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download&s=true&sid=4194a2f6-ecc4-4303-b57d-f47602dc3674&vvuid=4a8ca9cf-dcf8-47b9-8ea5-8ba394e655be&orgId=21364&plcid=1250361&vrid=58d8697c-b540-4558-8b7f-53624712ceac&at=preroll&adIdx=-1&pbl=true&ps=html5-vpaid&seq=-1&spaceid=793604934&v=593fb311c214e33ec50202f0&w=0&aert=147&ar=no&fo=0&ft=0&h=0&cb=0.9349751310440184
Domain
u.openx.net
URL
https://u.openx.net/w/1.0/pd
Domain
search.spotxchange.com
URL
https://search.spotxchange.com/openrtb/2.3/dados/263778
Domain
ads.pubmatic.com
URL
https://ads.pubmatic.com/AdServer/js/showad.js
Domain
acdn.adnxs.com
URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Domain
u.openx.net
URL
https://u.openx.net/w/1.0/pd
Domain
u.openx.net
URL
https://u.openx.net/w/1.0/pd
Domain
tt.onthe.io
URL
https://tt.onthe.io/?k[]=41764:time[url:%2Flife-style%2Fscience-technology%2F1207000%2FWindows-10-Update-Ransomware-Do-Not-Download,cdn_version:97]&s=632ae8d6a623792c016809f53c694b47&1574352788163
Domain
search.spotxchange.com
URL
https://search.spotxchange.com/openrtb/2.3/dados/263778
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/m7y5t93k?redir=https%3A%2F%2Fsync.adap.tv%2Fsync%3Ftype%3Dgif%26key%3Dtubemogul%26uid%3D%24%7BUSER_ID%7D
Domain
pixel.advertising.com
URL
https://pixel.advertising.com/ups/57304/sync?uid=CAESECYznXnNGeCq_Nc0IM0QLtE&google_cver=1&verify=true
Domain
pixel.advertising.com
URL
https://pixel.advertising.com/ups/55953/sync?uid=6cc449b9-7d77-4303-8d22-74289895e2cf&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=6cc449b9-7d77-4303-8d22-74289895e2cf

Verdicts & Comments Add Verdict or Comment

374 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| event object| onformdata object| onpointerrawupdate function| dynViewport object| googletag string| CMPUI_URL object| dataLayer function| $ function| jQuery string| __cmpEnv function| __cmp object| ExpressApp function| tmpl object| lz object| utag_data string| gs_channels function| grapeshotInit object| _sf_async_config function| getIsIrisSupported object| lotamePid function| extractPid function| noop object| d object| e object| indexExchangeV2 string| IndexHTversion function| getWidth function| isMobile function| isNotDesktop object| slotsArray object| wtHBSettings boolean| toggle_for_google_surveys function| setUpAgknTag string| ChannelName boolean| showPageSkinFallback object| _comscore object| gigya object| expressoOptions string| expressoScriptSrc number| gvl string| GoogleAnalyticsObject function| ga function| webpackJsonp_spotim_702388420 function| setImmediate function| clearImmediate object| SPOTIMInternals object| __core-js_shared__ object| $$SPOTIM_DEBUG$$ function| _spotim_fn number| SECTION_ID string| WEBROOT string| GA_PREPEND string| SECURE_LOGIN_URL boolean| showAdverts function| check_for_pii function| redirect_if_pii string| asyncGpt object| gptadslots function| ISMScreenRes string| currentUrl object| gptadtags object| amznApsPromise function| UUIDv1 function| clamp object| STR undefined| UUID object| Audit object| _io_config function| getCookie string| REFERRER string| cookielaw boolean| returning_visitor object| __io boolean| VIDEOJS_NO_DYNAMIC_STYLE function| videojs object| videojsLoscore function| videojsFlash object| videojsFlashlsSourceHandler object| videojsHttpStreaming function| videojsProxyTracks function| videojsPerSourceBehaviors function| videojsSeekEvents function| videojsContextmenu function| videojsContextmenuUi function| videojsPlayerInfo function| videojsBcAnalytics function| videojsErrors function| videojsBcCatalog object| videojsDock function| videojsPlaylist function| videojsSocial object| videojsIma3 function| nsIma3Plugin object| CustomPlayer function| wtAdTracer object| ns_ object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| pSUPERFLY_video object| _cbv_strategies object| _cbv function| WebVTT boolean| irisLibraryLoaded boolean| irisLibraryPending object| pendingRequests function| loadPendingRequests function| bc string| brightcoveBrandsafety object| OBR string| OB_releaseVer function| OBR$ object| outbrain object| outbrain_rater object| wtStream object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| _cb_shared object| ggeac object| closure_memoize_cache_ object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleToken object| google_tag_manager object| __SPOTIM__ string| __SPOTIM_PAGE_VIEW_ID__ boolean| utag_condload object| utag function| udm_ object| ns_p object| COMSCORE function| pbjsChunk object| pbjs object| core function| cygnus_index_parse_res function| index_render function| headertag_render object| cygnus_index_args object| wtHBAnalyticsEvents function| wtHBRegisterPlayer object| _IndexRequestData function| cygnus_index_ready_state function| webpackJsonp_spotim_283688472 boolean| SpotImMessagesCountScriptRun string| _io_uniques_holing_params object| vttjs object| act object| globalsharebuttons object| showShareBarUI_params object| google_conversion_id object| google_conversion_label object| google_custom_params object| google_remarketing_only function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_evaluemrc object| google_conversion_currency object| google_conversion_domain object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_disable_merchant_reported_conversions object| google_additional_conversion_params object| _x_19 function| _extends function| _typeof function| LazyLoad object| ll object| jQuery1113018577232085557238 function| withinviewport function| addToHomescreen boolean| DEBUGMODE function| relatedVideosModal function| amazonProducts string| headerbgcolor object| InskinControls function| storeGigyaComment object| twttr object| socketCluster object| ObservedSections object| breakingNews function| utag_add_event boolean| relatedRailGlobal boolean| sideRailGlobal function| initializeIrisPlugin object| _cbm string| state object| __onetag object| __connect object| irisInstances object| iris number| google_srt object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| ima object| google object| closure_lm_459643 undefined| google_measure_js_timing boolean| google_noFetch number| __google_ad_urls_id number| google_unique_id object| google_reactive_ads_global_state object| resolver string| btnImg object| commentIco object| base function| bindCustomEvent object| expressoLoadingTimeout function| initExpresso function| isReady function| loadAssets function| loadExpresso function| makeUrl function| onPreferencesPage object| to3 object| Expresso boolean| isSafari object| closure_lm_22507 boolean| CLOSURE_NO_DEPS object| SpotX number| triesCount function| adjustLayout number| adjustInterval object| SPOTIM object| headertag object| Criteo object| rubicontag function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| agknTagBuilder object| _agknTag string| _agknTagName object| _agknEchoTag number| _isAgknTagSet undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| pxSrc undefined| px object| Moat#G23 object| MoatSuperV23 boolean| _lastFocusState string| a object| Moat#PML#23#1.2 object| params string| queryString boolean| Moat#EVA object| MoatContent object| DigiTrust object| gig_pc_facebook_1574352759002_7274930915779079 object| gig_pc_linkedin_1574352759002_14330921381759998 string| sovrn_beacon_tid function| resetCarousel function| mobileCarousel function| setUpShowMore function| setUpAccordians object| Hogan object| base1 object| base10 object| base11 object| base2 object| base3 object| base4 object| base5 object| base6 object| base7 object| base8 object| base9 function| extend function| hasProp function| bind function| indexOf object| templates function| dispatchFakeEvent function| _ object| Backbone object| Mustache object| jquery_easyXDM function| Spinner object| toastr object| expressoUser object| widgetView object| scCGSHMRCache object| regeneratorRuntime object| __google_ad_urls object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired number| bannerContainerWidth object| msgData object| criteo_pubtag function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb number| __unrulyPageLoadId object| $iframe string| $$SPOTIM_VID$$ string| $$SPOTIM_BID$$ function| __SPOTIM_DISABLE_ADS__ object| OB_PROXY string| VIDGET_VERSION function| OB_VidgetServiceCallBack number| vidgetServiceInstance function| OB_VidgetServiceCallBack0 object| OB_VIDGET number| unruly:native-ad:nativeAdLoadedTimes function| OB_VidgetAuditCallback object| teadsscript object| teads object| unruly object| vdz function| doAddFallback function| webpackJsonpbkcqv4w1pj2 object| platform object| vidazoo object| Vidiazoo object| SR_NS object| streamlytics object| PLAYER_SIZE function| SR function| sr_player_cb_cb2fe030-0c79-11ea-9032-b907516bd5c9 function| avPlayer object| storageAni object| __AMP_LOG object| __AMP_ERRORS boolean| ampInaboxInitialized object| __AMP_MODE function| __AMP_REPORT_ERROR object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| AMP undefined| moatApiInit1574352785593 object| Moat#G26 object| MoatSuperV26

7 Cookies

Domain/Path Name / Value
.express.co.uk/ Name: _gat
Value: 1
www.express.co.uk/ Name: GED_PLAYLIST_ACTIVITY
Value: W3sidSI6IklVL0QiLCJ0c2wiOjE1NzQzNTI3ODAsIm52IjowLCJ1cHQiOjE1NzQzNTI3NTcsImx0IjoxNTc0MzUyNzU3fV0.
www.express.co.uk/ Name: __io_first_source
Value: shr.gs
www.express.co.uk/ Name: __io
Value: 00c651812.c50326d4c_1574352778196
.express.co.uk/ Name: __io_session_id
Value: 03afa58cd.fac79278d_1574352778197
www.express.co.uk/ Name: __io_lv
Value: 1574352778195
www.express.co.uk/ Name: __io_r
Value: shr.gs

95 Console Messages

Source Level URL
Text
console-api info URL: https://cdn.images.express.co.uk/theme/Responsive/js/dist/app-init20191121.min.js(Line 14)
Message:
[GDPR] Checking vendor ( 1024 ) consented: false
console-api info URL: https://cdn.images.express.co.uk/theme/Responsive/js/dist/app-init20191121.min.js(Line 14)
Message:
[GDPR] Checking vendor ( 95 ) consented: false
console-api info URL: https://cdn.images.express.co.uk/theme/Responsive/js/dist/app-init20191121.min.js(Line 14)
Message:
[GDPR] Checking vendor ( 95 ) consented: false
console-api info URL: https://cdn.images.express.co.uk/theme/Responsive/js/dist/app-init20191121.min.js(Line 14)
Message:
[GDPR] Checking vendor ( 1008 ) consented: false
console-api log URL: https://www.spot.im/embed/modules/launcher/bundle.js?module=messages-count(Line 6)
Message:
Spot.IM Launcher version 4.0.125-fed.conversation-ScbAAJca.0 deployed at Fri Jun 15 2018 16:24:49 GMT+0000 (UTC)
console-api info URL: https://cdn.images.express.co.uk/theme/Responsive/js/dist/app-init20191121.min.js(Line 14)
Message:
[GDPR] Checking vendor ( 95 ) consented: false
console-api info URL: https://cdn.images.express.co.uk/theme/Responsive/js/dist/app-init20191121.min.js(Line 14)
Message:
[GDPR] Checking vendor ( 1023 ) consented: false
console-api info URL: https://cdn.images.express.co.uk/theme/Responsive/js/dist/app-init20191121.min.js(Line 14)
Message:
[GDPR] Checking vendor ( 1023 ) consented: false
console-api info URL: https://cdn.images.express.co.uk/theme/Responsive/js/dist/app-init20191121.min.js(Line 14)
Message:
[GDPR] Checking vendor ( 1023 ) consented: false
console-api info URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download(Line 14)
Message:
[GDPR] Init
console-api log URL: https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js(Line 1)
Message:
VIDEOJS: Play middleware has been registered with videojs
console-api warning URL: https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js(Line 1)
Message:
VIDEOJS: WARN: videojs.plugin() is deprecated; use videojs.registerPlugin() instead
console-api warning URL: https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js(Line 1)
Message:
VIDEOJS: WARN: videojs.plugin() is deprecated; use videojs.registerPlugin() instead
console-api warning URL: https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js(Line 1)
Message:
VIDEOJS: WARN: videojs.plugin() is deprecated; use videojs.registerPlugin() instead
console-api warning URL: https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js(Line 1)
Message:
VIDEOJS: WARN: videojs.plugin() is deprecated; use videojs.registerPlugin() instead
console-api warning URL: https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js(Line 1)
Message:
VIDEOJS: WARN: videojs.plugin() is deprecated; use videojs.registerPlugin() instead
console-api warning URL: https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js(Line 1)
Message:
VIDEOJS: WARN: videojs.plugin() is deprecated; use videojs.registerPlugin() instead
console-api warning URL: https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js(Line 1)
Message:
VIDEOJS: WARN: TypeError: Cannot read property 'getItem' of null
console-api log URL: https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js(Line 1)
Message:
Plugin Version: [Adaptive: v1.13.4]
console-api log URL: https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js(Line 1)
Message:
%c[NS Brightcove Player] background: #a314e5; color: #fff; registering to player's loadstart event @ https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js:1:774279)
console-api log URL: https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js(Line 1)
Message:
%c[NS Brightcove Player] background: #a314e5; color: #fff; listening for the adplaying event @ https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js:1:774279)
console-api log URL: https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js(Line 1)
Message:
%c[NS Brightcove Player] background: #a314e5; color: #fff; registered to fix hidden ads @ https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js:1:774279)
console-api log URL: https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js(Line 1)
Message:
%c[NS Brightcove Player] background: #a314e5; color: #fff; hiding vjs-dock-shelf @ https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js:1:775820)
console-api log URL: https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js(Line 1)
Message:
%c[NS Brightcove Player] background: #a314e5; color: #fff; detach click event for delegateClick @ https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js:1:775930)
console-api log URL: https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js(Line 1)
Message:
%c[NS Brightcove Player] background: #a314e5; color: #fff; re-define delegateClick @ https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js:1:776017)
console-api log URL: https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js(Line 1)
Message:
%c[NS Brightcove Player] background: #a314e5; color: #fff; re-attach delegateClick @ https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js:1:776586)
console-api log URL: https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js(Line 1)
Message:
%c[NS Brightcove Player] background: #a314e5; color: #fff; Player started, consent given? No @ https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js:1:756938)
console-api log URL: https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js(Line 1)
Message:
%c[NS Brightcove Player] background: #a314e5; color: #fff; setting ima3 plugin options [object Object] @ https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js:1:756938)
console-api log URL: https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js(Line 1)
Message:
VIDEOJS: Setting up IMA middleware
console-api log URL: https://launcher.spot.im/spot/sp_9LMINbK9(Line 1)
Message:
[ConfigProvider] production
console-api log URL: https://launcher.spot.im/spot/sp_9LMINbK9(Line 1)
Message:
[ConfigProvider] production
console-api log URL: https://launcher.spot.im/spot/sp_9LMINbK9(Line 1)
Message:
[ConfigProvider] production
console-api log URL: https://app-cdn.spot.im/modules/messages-count/3.3.435/bundle.js(Line 1)
Message:
Spot.IM Messges Count Module version 3.3.435 deployed at Mon Mar 12 2018 16:26:56 GMT+0000 (UTC)
console-api info URL: https://cdn.images.express.co.uk/theme/Responsive/js/dist/app-init20191121.min.js(Line 14)
Message:
[GDPR] Checking vendor ( 1023 ) consented: false
console-api log URL: https://ovp.iris.tv/libs/adaptive/v2/iris.adaptive.js(Line 1)
Message:
[IRIS.TV][Info]: *** Iris Adaptive Plugin version 2.0.14 ***
console-api info URL: https://cdn.images.express.co.uk/theme/Responsive/js/dist/app-init20191121.min.js(Line 14)
Message:
[GDPR] Checking vendor ( 1023 ) consented: false
console-api info URL: https://cdn.images.express.co.uk/theme/Responsive/js/dist/app-init20191121.min.js(Line 14)
Message:
[GDPR] Checking vendor ( 1001 ) consented: false
console-api info URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download(Line 12)
Message:
[GDPR] set non personalized ads
console-api log URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download(Line 64)
Message:
add spot comment counter
console-api debug URL: https://launcher.spot.im/spot/sp_9LMINbK9(Line 1)
Message:
Track [object Object]
console-api log URL: https://launcher.spot.im/spot/sp_9LMINbK9(Line 1)
Message:
options: [object Object]
console-api log URL: https://launcher.spot.im/spot/sp_9LMINbK9(Line 1)
Message:
events collector data we log: [object Object]
console-api log URL: https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js(Line 1)
Message:
%c[NS Brightcove Player] background: #a314e5; color: #fff; player loadstart triggered @ https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js:1:774279)
console-api log URL: https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js(Line 1)
Message:
%c[NS Brightcove Player] background: #a314e5; color: #fff; player's container: [object HTMLDivElement] @ https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js:1:774279)
console-api log URL: https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js(Line 1)
Message:
%c[NS Brightcove Player] background: #a314e5; color: #fff; Wrapping video container @ https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js:1:774279)
console-api log URL: https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js(Line 1)
Message:
%c[NS Brightcove Player] background: #a314e5; color: #fff; Checking for default embed and fixing containers @ https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js:1:774279)
console-api log URL: https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js(Line 1)
Message:
%c[NS Brightcove Player] background: #a314e5; color: #fff; Adding classes to existing containers @ https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js:1:774279)
console-api log URL: https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js(Line 1)
Message:
%c[NS Brightcove Player] background: #a314e5; color: #fff; [object HTMLDivElement] @ https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js:1:774279)
console-api log URL: https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js(Line 1)
Message:
%c[NS Brightcove Player] background: #a314e5; color: #fff; Adding headline @ https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js:1:774279)
console-api log URL: https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js(Line 1)
Message:
%c[NS Brightcove Player] background: #a314e5; color: #fff; Adding headline to [object HTMLDivElement] @ https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js:1:774279)
console-api log URL: https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js(Line 1)
Message:
%c[NS Brightcove Player] background: #a314e5; color: #fff; Putting mediainfo data into headline @ https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js:1:774279)
console-api log URL: https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js(Line 1)
Message:
%c[NS Brightcove Player] background: #a314e5; color: #fff; loadstart finished, player customized @ https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js:1:774279)
console-api log URL: https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js(Line 1)
Message:
%c[NS Brightcove Player] background: #a314e5; color: #fff; playerTags computers,microsoft,technology,upgrade,windows 10 @ https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js:1:756938)
console-api log URL: https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js(Line 1)
Message:
%c[NS Brightcove Player] background: #a314e5; color: #fff; playerBrandsafety 3 @ https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js:1:756938)
console-api log URL: https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js(Line 1)
Message:
%c[NS Brightcove Player] background: #a314e5; color: #fff; gs_channels bespoke_home_headlines,pos_danone_brandsafety_family,pos_danone_brandsafety_fitness,pos_danone_brandsafety_health,pos_danone_brandsafety_misc,pos_danone_brandsafety_society,pos_omg_blacklist,pos_sky_blacklist,pos_test_death,gs_tech_computing,gv_crime,shadow9hu7_pos_tuibrandsafe,blacklist_nestle,pr_blackfriday_cybermonday,negative_asda_medical,core_media_brand_safety_misc,hurricane_irma @ https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js:1:756938)
console-api log URL: https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js(Line 1)
Message:
%c[NS Brightcove Player] background: #a314e5; color: #fff; skipAds false @ https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js:1:756938)
console-api log URL: https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js(Line 1)
Message:
%c[NS Brightcove Player] background: #a314e5; color: #fff; custParams [object Object] @ https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js:1:756938)
console-api log URL: https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js(Line 1)
Message:
%c[NS Brightcove Player] background: #a314e5; color: #fff; irisId: ucsH @ https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js:1:756938)
console-api log URL: https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js(Line 1)
Message:
%c[NS Brightcove Player] background: #a314e5; color: #fff; iris params [object Object] @ https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js:1:756938)
console-api log URL: https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js(Line 1)
Message:
%c[NS Brightcove Player] background: #a314e5; color: #fff; dfp https://pubads.g.doubleclick.net/gampad/ads?sz=640x360&url=[referrer_url]&description_url=[wt_page_url]&correlator=[timestamp]&duration={mediainfo.duration}&cust_params=tags%3Dctp_video%2CWindows%2010%20Update%2CWindows%2010%20Upgrade%2CWindows%2010%20New%20Features%2CWindows%2010%20Ransomware%2Ccomputers%2Cmicrosoft%2Ctechnology%2Cupgrade%2Cwindows%2010%26articleid%3D1207000%26vidIndex%3D1%26gs_cat%3Dbespoke_home_headlines%2Cpos_danone_brandsafety_family%2Cpos_danone_brandsafety_fitness%2Cpos_danone_brandsafety_health%2Cpos_danone_brandsafety_misc%2Cpos_danone_brandsafety_society%2Cpos_omg_blacklist%2Cpos_sky_blacklist%2Cpos_test_death%2Cgs_tech_computing%2Cgv_crime%2Cshadow9hu7_pos_tuibrandsafe%2Cblacklist_nestle%2Cpr_blackfriday_cybermonday%2Cnegative_asda_medical%2Ccore_media_brand_safety_misc%2Churricane_irma%26plId%3DBrightcove%7CWeb%7CCTP%26gdpr%3D1%26safetymeta%3D3%26section%3DLife%20%26%20Style%26subSection%3DTech&impl=s&gdfp_req=1&env=vp&output=vast&unviewed_position_start=1&hl=en&npa=1&iu=/34722903/Express/Express_ClickToPlay @ https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js:1:756938)
console-api log URL: https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js(Line 1)
Message:
%c[NS Brightcove Player] background: #a314e5; color: #fff; resolve dfpUrl deferred in loadstart @ https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js:1:756938)
console-api log URL: https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js(Line 1)
Message:
%c[NS Brightcove Player] background: #a314e5; color: #fff; calls wtatPlayer.sendData @ https://players.brightcove.net/2540076170001/VLKU4hbDPX_default/index.min.js:1:756938)
console-api error URL: https://cdn.images.express.co.uk/cmp-19.4.4/dx/cmpui.js(Line 1)
Message:
CMP Error: pubvendors.json references vendor id 293 which does not exist in the Global Vendor List
console-api error URL: https://cdn.images.express.co.uk/cmp-19.4.4/dx/cmpui.js(Line 1)
Message:
CMP Error: pubvendors.json references vendor id 309 which does not exist in the Global Vendor List
console-api log URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download(Line 103)
Message:
delayscroll
console-api log URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download(Line 104)
Message:
superbanner
console-api log URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download(Line 107)
Message:
resize
console-api log URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download(Line 104)
Message:
superbanner
console-api log URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download(Line 105)
Message:
dothesticky
console-api log URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download(Line 105)
Message:
doing sticky at 0
console-api log URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download(Line 105)
Message:
1
console-api debug URL: https://static-cdn.spot.im/production/pitc-ab-tester/pitc-ab-tester-bundle-e57da06ea75d4c9b6fe8.js(Line 8)
Message:
Track [object Object]
console-api log URL: https://static-cdn.spot.im/production/popular-in-the-community/popular-in-the-community-bundle-1c394e7b45d3769f38a5.js(Line 36)
Message:
[ConfigProvider] production
console-api log URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download(Line 107)
Message:
StartTheClock
console-api log URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download(Line 107)
Message:
timeSinceWindowLoad is 0
console-api debug URL: https://static.adsafeprotected.com/sca.17.4.95.js(Line 32)
Message:
a: 0.0029296875ms
console-api warning URL: https://static.vidazoo.com/basev/prebid/prebid.js(Line 3)
Message:
fun-hooks: referenced 'registerAdserver' but it was never created
console-api warning URL: https://static.vidazoo.com/basev/prebid/prebid.js(Line 3)
Message:
fun-hooks: referenced 'registerAdserver' but it was never created
console-api warning URL: https://static.vidazoo.com/basev/prebid/prebid.js(Line 3)
Message:
fun-hooks: referenced 'registerAdserver' but it was never created
console-api warning URL: https://static.vidazoo.com/basev/prebid/prebid.js(Line 3)
Message:
fun-hooks: referenced 'registerAdserver' but it was never created
console-api warning URL: https://static.vidazoo.com/basev/prebid/prebid.js(Line 3)
Message:
fun-hooks: referenced 'registerAdserver' but it was never created
console-api warning URL: https://static.vidazoo.com/basev/prebid/prebid.js(Line 3)
Message:
fun-hooks: referenced 'registerAdserver' but it was never created
console-api warning URL: https://static.vidazoo.com/basev/prebid/prebid.js(Line 3)
Message:
fun-hooks: referenced 'registerAdserver' but it was never created
console-api warning URL: https://static.vidazoo.com/basev/prebid/prebid.js(Line 3)
Message:
fun-hooks: referenced 'registerAdserver' but it was never created
console-api warning URL: https://static.vidazoo.com/basev/prebid/prebid.js(Line 3)
Message:
fun-hooks: referenced 'registerAdserver' but it was never created
console-api warning URL: https://static.vidazoo.com/basev/prebid/prebid.js(Line 3)
Message:
fun-hooks: referenced 'registerAdserver' but it was never created
console-api warning URL: https://static.vidazoo.com/basev/prebid/prebid.js(Line 3)
Message:
fun-hooks: referenced 'registerAdserver' but it was never created
console-api warning URL: https://static.vidazoo.com/basev/prebid/prebid.js(Line 3)
Message:
fun-hooks: referenced 'registerAdserver' but it was never created
console-api log URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download(Line 107)
Message:
StartTheClock
console-api log URL: https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download(Line 107)
Message:
timeSinceWindowLoad is 0
console-api log URL: https://rumcdn.geoedge.be/grumi-ip.js(Line 1)
Message:
Q29tZSB3b3JrIHdpdGggdXMhIFkzWXVjMlZqZFhKcGRIa3VkR1ZoYlVCblpXOWxaR2RsTG1OdmJR
console-api error URL: https://player.spotim.market/prebid/wrapper_hb_270443_3428.js?cb=18221(Line 1)
Message:
localStorage unavailable
console-api warning URL: https://player.spotim.market/prebid/hb_270443_3428.js?cb=18222(Line 1)
Message:
fun-hooks: referenced 'registerAdserver' but it was never created
console-api log URL: https://player.spotim.market/prebid/hb_270443_3428.js?cb=18222(Line 1)
Message:
Winner adid undefined
console-api info URL: https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js(Line 411)
Message:
Powered by AMP ⚡ HTML – Version 1911070201440 https://www.express.co.uk/life-style/science-technology/1207000/Windows-10-Update-Ransomware-Do-Not-Download

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
acdn.adnxs.com
acds.prod.vidible.tv
ads.adaptv.advertising.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
aka.spotxcdn.com
analytics.twitter.com
ap.lijit.com
api-2-0.spot.im
api-gw.spot.im
api.iris.tv
api.vidiom.net
app-cdn.spot.im
as-sec.casalemedia.com
bcp.crwdcntrl.net
beacon.s-onetag.com
bis.vidazoo.com
brightcove.northernandshell.co.uk
btlr.sharethrough.com
c2.u5c93.com
cdn-ssl.vidible.tv
cdn.ampproject.org
cdn.digitru.st
cdn.images.express.co.uk
cdn.my.northernandshell.co.uk
cdn.onthe.io
cdn.vidible.tv
cdn.watchingthat.net
cdns.eu1.gigya.com
cdns.gigya.com
cdns2.gigya.com
cdns3.gigya.com
cf-images.eu-west-1.prod.boltdns.net
cm.g.doubleclick.net
cmp.teads.mgr.consensu.org
consent.cmp.oath.com
d.agkn.com
d2q1qtsl33ql2r.cloudfront.net
dfp-gateway.s-onetag.com
dt.adsafeprotected.com
dtm.advertising.com
dynamic-cdn.spot.im
edge.api.brightcove.com
eus.rubiconproject.com
events-collector.spot.im
f1.media.brightcove.com
fastlane-adv.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
get.s-onetag.com
google.com
googleads.g.doubleclick.net
graph.facebook.com
hb.spotim.market
hbopenbid.pubmatic.com
httpsak-a.akamaihd.net
ib.adnxs.com
images.outbrainimg.com
images.spot.im
imasdk.googleapis.com
inventory.vidazoo.com
js-sec.indexww.com
js.agkn.com
js.spotx.tv
k.streamrail.com
launcher.spot.im
libs.outbrain.com
log.outbrainimg.com
mab.chartbeat.com
match.adsrvr.org
mcdp-chidc2.outbrain.com
metrics-collector.s-onetag.com
metrics.brightcove.com
mv.outbrain.com
native.sharethrough.com
observe.aniview.com
odb.outbrain.com
onetag-geo-grouping.s-onetag.com
onetag-geo.s-onetag.com
outbrain-d.openx.net
ovp.iris.tv
p.cpx.to
pagead2.googlesyndication.com
ping.chartbeat.net
pix.spot.im
pixel.adsafeprotected.com
pixel.advertising.com
platform.twitter.com
player.adtelligent.com
player.aniview.com
player.spotim.market
players.brightcove.net
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
publisher-assets.spot.im
px.moatads.com
recirculation.spot.im
rumcdn.geoedge.be
s0.2mdn.net
s3.amazonaws.com
sb.scorecardresearch.com
scripts.webcontentassessor.com
sdk.streamrail.com
search.spotxchange.com
secure.brightcove.com
securepubads.g.doubleclick.net
server.vidazoo.com
service.cmp.oath.com
shr.gs
spotops.spot.im
ssum.casalemedia.com
static-cdn.spot.im
static.ads-twitter.com
static.adsafeprotected.com
static.chartbeat.com
static.criteo.net
static.vidazoo.com
stats.g.doubleclick.net
stats3.unrulymedia.com
sync-tm.everesttech.net
sync.adaptv.advertising.com
sync.search.spotxchange.com
sync.spotim.market
sync.teads.tv
t.co
t.teads.tv
tags.tiqcdn.com
targeting.unrulymedia.com
tcheck.outbrainimg.com
tpc.googlesyndication.com
track.aniview.com
track1.aniview.com
trinitymirror.grapeshot.co.uk
trk.vidible.tv
tt.onthe.io
u.openx.net
ups.analytics.yahoo.com
vap5ams1.lijit.com
vid.pubmatic.com
video.unrulymedia.com
videoclientsservicescalls.outbrain.com
vjs.zencdn.net
widgets.outbrain.com
www.express.co.uk
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
www.spot.im
z.moatads.com
acdn.adnxs.com
ads.pubmatic.com
as-sec.casalemedia.com
btlr.sharethrough.com
eus.rubiconproject.com
fastlane.rubiconproject.com
hbopenbid.pubmatic.com
pixel.advertising.com
search.spotxchange.com
sync-tm.everesttech.net
sync.adaptv.advertising.com
tpc.googlesyndication.com
trk.vidible.tv
tt.onthe.io
u.openx.net
vid.pubmatic.com
104.111.230.142
104.124.133.20
104.244.37.20
104.244.42.195
104.244.42.5
107.178.247.57
13.224.192.221
13.224.196.124
13.224.196.146
13.224.196.40
13.225.78.9
13.248.136.134
142.93.164.216
143.204.101.6
143.204.101.62
143.204.97.127
143.204.98.117
148.64.56.194
151.101.112.157
151.101.114.2
151.101.114.49
151.101.14.2
151.101.14.27
151.139.128.10
152.199.23.177
152.199.23.241
159.180.84.2
172.217.16.130
172.217.22.34
178.250.0.130
18.195.99.26
18.197.135.109
18.214.198.125
185.33.223.208
185.94.180.123
185.94.180.125
185.94.180.128
199.166.0.26
199.166.0.32
2.16.186.16
2.16.186.17
2.16.186.19
2.16.186.27
2.16.186.32
2.16.186.33
2.16.186.35
2.16.186.9
2.18.232.7
209.197.3.63
213.174.135.1
216.52.2.48
216.58.207.34
23.227.137.155
2600:9000:2043:c400:5:9a4c:9b00:93a1
2600:9000:20eb:fa00:15:d134:4e40:93a1
2600:9000:2156:3200:19:fc2c:a140:93a1
2600:9000:2156:a000:5:ae3a:ba00:93a1
2600:9000:2156:d800:15:efbc:e300:93a1
2600:9000:21f3:1200:e:515c:9940:93a1
2600:9000:21f3:1800:4:b37b:9440:93a1
2600:9000:21f3:2400:a:52eb:a100:93a1
2600:9000:21f3:800:c:492d:cd80:93a1
2600:9000:21f3:9800:18:1fcd:349:ca21
2600:9000:21f3:ac00:7:8699:e840:93a1
2600:9000:21f3:f400:1f:287:d20a:ce1
2600:9000:21f3:fe00:1d:b722:f80:93a1
2606:2800:135:155a:23ba:b2a:25ff:122d
2606:2800:234:59:254c:406:2366:268c
2a00:1288:110:c305::8000
2a00:1288:f03d:1fa::4000
2a00:1450:4001:800::2003
2a00:1450:4001:800::2004
2a00:1450:4001:800::200e
2a00:1450:4001:806::200a
2a00:1450:4001:808::2001
2a00:1450:4001:808::200e
2a00:1450:4001:815::2001
2a00:1450:4001:816::2002
2a00:1450:4001:816::200a
2a00:1450:4001:818::2004
2a00:1450:4001:81d::2002
2a00:1450:4001:81f::2002
2a00:1450:4001:81f::2003
2a00:1450:4001:820::2002
2a00:1450:4001:821::2008
2a00:1450:4001:824::2006
2a00:1450:4001:825::200a
2a00:1450:400c:c08::9d
2a02:26f0:10c:397::2c79
2a02:26f0:10c:39b::2c92
2a03:2880:f01c:800e:face:b00c:0:2
2a04:4e42:1b::729
2a04:4e42:3::714
2a05:f500:10:101::b93f:9101
3.215.59.224
3.218.200.53
3.224.13.75
34.224.137.133
34.236.27.247
34.243.121.135
34.250.25.159
34.95.120.147
35.158.60.52
35.201.78.160
35.244.232.184
50.31.142.63
52.210.72.48
52.217.39.110
52.28.21.7
52.49.16.186
52.58.133.90
52.58.41.129
54.165.42.51
54.246.172.91
54.72.189.67
54.86.129.194
62.149.0.72
63.32.23.112
64.202.112.127
64.202.112.31
64.74.101.79
69.16.175.10
69.16.175.42
72.247.224.133
72.247.225.110
72.247.225.159
72.247.225.182
72.247.225.215
72.247.225.32
72.247.225.98
72.247.226.107
72.247.226.64
88.99.5.37
000c9b5f6b151793eb9cdea83f3e6b1b98529f87917a7018ca880b4126fe55e5
004e5faf0bf890f61697daeede9f21826affd1137fb2cb58eaf4719937a04a14
010a899a1d6dfa6e43aa93da9771bbadc7d3e03c57fab8632927dce80ff052a2
01c2e9085db5c5a741a6264764dc3c0e0689b9c5a5b955ba09a07ab6358b8f93
028cca5c318919e76ead4ae8bf559c2c37dcd87a2b61152c52a1359b4ab2b792
029774867da65181bbb235527790df5d67d29f732db0cdb4cc6393335606d3d4
02c851ded2dc8888229b1dd5ecb987d3596f6749985280095bbb598c2bc722ae
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
04a74928965ed27c791351d7e70bc0bb40194158a56fd949b19c66f28d4835c1
05a33d6180cd3ff26639d3ccea18eda00ba4000fabe15e2b256034713231eca2
05d89a841cb88d2bb5e6de14d30b6c0e71a0f8951d0fd73904cd5cf767b300ab
06c14672684f33cc86da5a83b017a0339f4e1f25bc33e370bb9d355dfc0f80f4
072013f8289424eaea2a286a164cceeeb1c15038901cfd2c43eaeedbd4439f38
073899583d7d08709cacbbe3308293db7ebbfc59fc5d9d2a79620cad9ca24d59
0783ae719787f5c2ddfa6a6da4bf6118bb5eca847da66e9f99a61c31cdf68482
0910f4fb1486250f0894919e9d83df106185e0e63e70e4fc64f309378c3a2baa
0ad8a81c3b4715fb7a01f8b25cc4a259ce78bcd701e8ddcd2cfccfb2f83e023c
0e7327f64b2520e722a288671cc8e975c73e62ccfabdd04a40e301036397b66f
0e946b0ee0337cf23c845f67a238e1fefd5f1e014fdbd8ea27870172fcedd40f
0fc2159485ac7d7159330dd52c143f4569ac349507e8ada36e298d09c47a8f16
0fe5d2c22cdc8c40ff73d008cf62e37b3562ce56c31045590c29236f5cb5090c
1056b2e0c8ec8a1c0cb2607ccdcf36e65d3bf2a79743e6e757076f7ed04fca5f
109542980c848150011121fa6d77adfcc90c968282db39f9d7846a43153f96a7
11c2a935a5453887aaf8d73e4b82bce853345bca3e240d670ca018693a6319d6
123790a837f8a955e9a88d379091ac92e542d7b36a8ba240f0b55d95bc0e1ed9
12943be72bc8364363630060423b7717d7fe4a0c1de5fcaaa67ed1a624417be4
12f44c13b4c354151a29c98ced217e546657f4fbe668c4d51e2eabc6653fc064
149c8d10677f2f6979fa28c078cf832f575ee53c397d791b739e7c4c687fe7bc
14a28375aee482e8aac8079689e6c143a10a34a52a6ecb60d8b2fffb492fda3d
15457c88927f058b379d16b3a3d1200cfb4bdbc61cea108c76ac66aef0334e39
1586e2588cce8f05ba9f9819634bc63725efbd798a1fcd995b9ae5fdff09e568
15b54d408557488fd7cc7fc3c6240046813d492b9d2b936a0bee8b8fe1597853
166d02f7ebbcb4180ed07fdbd62bf7591409acd77882eba24b18026f2a3404ba
166f9390df29e23f9c9c45c50026de3b8ea04605424c6edc8557a3d3e71af7b8
169599aac5aa11450ce476acea731c7688a69cf2fac67a218d511a947b97fd96
1736daaeadfccedf08c180425fc810c77ff528696691940d49a27545cc0ea6e9
1748a106aac15f3bf5c54191ca758c644ce07d25ff682209e7aa167e98541b4a
185a31bd91984517ce195abcaebf07c9872aff7e2b881218b35ba277669b1402
18d224bb28692ee8b1f6415513ff417143e9a5ddc5d7a52e0c233304bf246308
190d9f8c18f5fc92ad2f29f95bd5e0fb0ea273718a5ee61fd418537180e0dfbb
19293620368e303e572701f2f16c940806c142dd00dcccb877b16dfcd6f59c6c
195356f66f29ff1d50d006f6c859de0c3d24bf5c3b8e62f6acd78f6ef84cc820
19f6cd03771ec6205cf92aca5fdab1ca31d6aed2815a89ed9356f5d5d3e8b8cb
1b03be18e07e94ff40f413fd0a41d6f374b0d3df44e951baa53295099e2c3642
1c925d301ad8ab1c335bd096b9c622a8b76df99212f6fdee2b1f0591fc84458a
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997
1e794399af60ec6300017e12e37a6b7a8253a9ff05ef41ca5e42b76dced02ef4
1ed9927d598ead8ab38037b59724ba218a64fcd36e68c14a3bd85f9fc46d5e71
1ee6e5bd0cb84577bbcc4b8db73073b1a43a68e4881355e70cdfcb8268f151c9
225e2a41aded3958785bad8a90877272246e1e78f672019cfa2f1ffd95e514f2
23092a418e9b2fc4800f0018543c42cb9bb7392662ebd10ab4980125ecf2f4d4
23e64ec440d9f52441fca56e2740ba5856d9068994263594764e70ab03cc4a82
246d861f062b7371dbe74ca8f82a70cda272128b37c1c681a72a980aae18e49a
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
2539ef22c97f8a2e1f7f0bcd07bbeb7043e7adaa8e14f41fd3443abc6c30ea48
26ca840c9d02b5b4c1013bf1e2371ff3e04dea1fb2dc7b60cc7d21345359938d
2758c030ad0e7492643f4ca4a7f7f6b4c633e1010707b3afe4742ebf72a7020d
27610c6febde0eab59f77460be3751d60ba33b1d7c4be656b8150a0320a6c818
27a9c7ee83442d9b3416d89bd87e70017a6a6b9050be95d8c2e70a71bc7937b7
2839f324b6f42b0d816cef3cc1614dffd394c4aa7ab250a32c00e2d050184157
284b4de0e96bd0ca2dc776d8380a81598b650e85d035c0c3b066db657279e1e4
2934e2624848a8ac02958e538f34197f66bdd9800244a94d2945bba7caadafde
2a3eb37c92ba5a7c2683e9e188859326a45c87e4cbf73ca3361fa43bdb12c32a
2bbb26e002b9ab7fa2fae8c9769fdc86dcdd53817db4a0ac552a5f3489f865b7
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2c8d118499ff0b745a9e661ba50e4383ba10ef4ea71ac38ac89376ae060d5589
2db1636a03ded06c126389ec4c994bc6f2c675ddab40d4b5c6fd9467dd65b5bc
2dd90b626433f5bc2964f77a8466002ada9cfb46a5fca0e394e2b386df7dcdd3
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f37e0581124ddb9831784e56dd61bf654f59c92f42868492147346eba3f3809
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f627430a4a3a8695b47660a7fd041948349b8b74410f369479f069f437dfbf1
2f85bbe02e047ef3fa0e949e0adca742668a7130b0a456f8f842bf2cf422d814
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
327f01ac5f92e7ccabcb54fa03ee98eab899e454ec1fd2fc1cb806878eed437e
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34133edb2eaa0672c9ce1ec0d4ce25876d6764fe5851ccb25b0c2d825c326e9b
35a645b45441c92532ede683748cf99a90b6624b074e9a6813fdc82576797776
37b82ea78d7eb3d814ea0efcaa541be57c0a5334035b24296b70fcd589ce8da1
384297a37e490452c11385acae5fdc088c097d171c9dea15cd8dfb14886bcbc5
393f296ee2b386d941e99eefe70a3ad421772bd8e16b01157405ae3d059b8cc4
39453acf38633fef6a20f92762ff85bb57eadd4c95ec44b3aa032748f88f1275
399e323389749e64d11e95c7c6838826479430ea88acfe28ce6ee7b9947143a8
39a2c2c07937d3b55bb855ed20afe3d6c577a7e69ad3b7c4f61058b8fed7eed6
3a00dc84cfaab933a300dbbc8efb0e56cba895a16295fb26c96951face5b86e7
3a819ebf9c72c6bc403110067ad8b8cac0deb61d84c0bd4b48aeba78b7410791
3b0279812eb54bc321b3b11fcfdd21360f264236c7259bbdee7d124d8bd78674
3b03c7119e991547a41b6aed2f482746c7c5d36a6840b7c470c291b9ccead342
3ce5b1565a4bf0fae35d657a4ef0d9050269fdcec32cefb33361f075772ce490
3d8ae5f39bb06a36e9e68c73275fa25087417f05128f3db72782c6122e5c930f
3daa5bb872615c3ba820d165f18734b915db9bc86e826019a9bc0bdf809376db
3deda9c4104de2f32ed217f4ed0f2a7543c5f2b963fda7f9d20090eedb2432b1
3ee0806e69f2ae70a2267a58ac5fc5d52b5aa7aca6f3c0c08adad605fd8fbc16
40483fac4e86b90f4d46c4b9ab5b5a25662849de0c9789e571abc23ef1217a6e
41c0e89a0b78f268ae115f927ec0958050365600934514d3de59d1db37092759
4224e10bdeb1f864418374e6ad5ad4a94a7f1b3d656d19067c76df09e6ff227c
425b4571e6867d9dafc15a9dd1e45eef3fe89229a9628f2d128fa92efceeaa97
43bef92a11c181c58a749bb89b09d5635c9290a2652cc3ea8e34f5c588582535
442f3bc52c51fe692a4842a07ec5492839ade1b64a5c3435c07741886087f0fc
45f08f27c7337d189e8c31e635b5d0a0781b273131135cd77ee8b6f12366e7a2
46446e08c694ab843d14b281d43845ae2c21a2a3a312363a5dd7575fd2f77853
46f6f250c349f2c386754d2dcfcc2e7bd41766f6aec587d2a0e21f823584ec01
48522e7229ed1d7a2a00beaa225a86edcbd5c67e3e09ac3600417579fc932451
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4e568073a900787fc46710900fe2556d4a6c7c7469ca1da96def7e8585e032b2
4eb38fb30f4223025a1a2129eeb6900e4083ab14b34deef2c3679b8e5c4d6577
4ebfe84c95f49e5111baa764f6ce4f5b78a77af101a28f477bf2544905549e5d
5066f06db75f2b7aee03cc901283f143e4bb1bc9e82c3c80a93e6be77d08a556
50c9da7657e618d11781a8e9d692626776623bcc6aa816cb4f4f70796e16b99f
50d7cea7f74df30e660306c5e40a9e390c5c471488ade8940a20efc43794d553
51ecd90ee6904a0a5af8404484d755d173e758766b5c84f55e298f7e551a010b
5212f9687cf572b210468c14133092db1185579b44752948650acc2dd4e26e3b
525d9a774c9ad29cc72d901904dd05cab5ea6c7ca8c06f46b91195ef5127e864
53ab1520402c2ade95cfbd4232430e936485c3f0deb70fda33c64d760d98a9a9
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
556b0bf80a8bef680124ff8e63b24f0fb920e52b03cbc88780d525bebf716b02
55a85852f4569ca6186fc753e723c4f5dd10bff8530b7a0c8ddff306564d6832
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56960f4c104c694f4d3bccba0e66565e962f2c6c069a1d0e016d5b740cc3414b
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5a9e5188b6ca8f49f6e0a216522281b4e2cdb1830a7112be895f6c3705a7a3dc
5aefa925c6e7bae2a0adea40573ca5f7c47244a30451566e79cbe650e55d213f
5af10812b4e416cbf0067a044a1e342dcecf5e0a3170b0d432578b4906757383
5bfb8ad6d8d501fd1e8f6bf2fd61e315735bf56cc94ab79911ea0a0019916aa9
5cdd7c1fdbd3d989a5b456b75ab464e994b635babea2181997ab3eafe9aab4b2
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
5ed732b5d2f28ce82c767635e4363476e232174dfacfe80c91775e36cd80ace3
5ef1553e8a4417202af95d6d9336d6112ccf87f466eebff01313369cd20ca72d
5ef68f00ee373a2138326e1eda9e2ea1a6c8d301965699d67c82ccdb753ae7e5
5fa6833aaa4245a425c0bf047e200f7be29f46246239529a6e4ac8085736671d
5fb3612eff43b581b97b4ca8d65be1e7897ff0b214b74c74398c20a757c85ab7
6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0
61711b6297f30992d3228bef8fc4b698cbb74b75c7d01b6ded0ffbc24b057779
6206969259a92a3949d51603f3b68ffe1430534309ee658d0598edc9461ebd8a
620be3054be218c20226bbfc27c42976258d51e31f5f33a12cb7a7f0a91071f5
62db28a1bb060affb755dec16a9fc7a50eb484f4f087fd3682d37c87b597a095
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
63271dcce1a2518271ecc2b0bdcc5afc9c5f0968a8635e0f97a4c9747309eb82
635eb7149aea502ca1ef78530e72e2baa05e2cdcda7270e0b08f8bfd48eed6f4
6396254f84fb3d13839ea5a1f8f2037c8a2c1357274bad33d122b05aa488340e
66a7e608b6eca95be5ad0174751753d0bf31730b41a024f65c5076ce05a6e499
672b80a698beb28b65cb676989e2a93d9a722b3aa3a421ef5c532861b3681e1d
67c13e041a1b1a64655fbfc6a845bfeea399c4f3dddaacfe8a592101abdb69a0
6893bc326beb26f9d6152d1a7479f457f5af57f66d99936938026368ca2e5710
6a081ef7a0f9d9ad92b6044730ec86ac2e3c9bfe9853fa7bc2c36e0f85bcc942
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b24e003006d3d34590fc878133e800757de97630081cf4366a22cad498d0505
6ba50745b0bff04b35830084f9e5d1e4afc2b303d5619767d64424daabb936bf
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
6d5ffb7a6865f92384727ce1ebf6f65e928617a718ed26e1cba400001a7ff952
6f55a5dc4a864122259790ca861842fa67dd29f310bc180ec6c20b0919896c1d
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c
70a054db0f1fa8a0b2398f9583f737b84a62f7b5704a1a94722d6e08f745bf3a
71a1e2ed870b560f3557ed3006ee1b4e8e1e05f3798d56e142bb615f3188212b
71d204579737c43e617e798ef5b5e92bbdd9efae13956cfd1717878a8773dc28
720bd5ef127029de95693dbecc491866c1b1ff33ee014d4e2907c2a2b1f399c7
7286b781e94d84e8da08d2ca157255ad70cda39f0158d91859e575891db24255
73af65c1e5b508c2579327df5a38c69b31c04297ee49cd98c9ea2820a5674352
743144e63b0f5786769c9cbf9d8b0afc06a5a872cb58af6bf59d56cf3a21f7f3
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
7909c48029292a928e993e588fb9f466ebd8aefe25a0f6aa13d9f3fe92c385c2
791ce2df32893b6a98e7f88420bfd401968e28222ff2277e4224356204f636d3
7a52d4e3f541e459f9069f6f596242684704eeaca5a95f05285d16e2e609927d
7a9a44a6ded7317780cda764f8ed8dbe43041e0cfaaa1f4f2edc0e16dcde8543
7aee25147e91ea27917ac5cfd8ea30fdcae0e6b1072e51a1d644dafb76ab5c4f
7b9dbe28c785995567d541e2e84aa9c519008f08fafdaeb8490b9dd77b16f833
7bf768d3116e08098b795ad649f3b120d9ec79c48bae971ecee2855e28390277
7cbbcb3bd888776b93da7e45c406322c6b133ada80f53b8143bc785171c14485
7f4f04aece4a6edee5810ddc886f74fd58acf9bb807db384784e199e221f68ac
8050f05c230d74be333b63cef230e786094e9100f55fa19c6c0831e95870768d
80992822e1018adfecbd2514d78978daa06a0873768df43e5ce866a8804579a0
817c5232700935d6da93c0b25abdd1ee327a1d4fc6e9457c7b34648373ca2b55
821983e4d7f83a1290af82e00f554f9e27efa6689a5102f751b7105befb75aaf
8249feb820a2d806c3692f7685f34da717b381903c78b4f98a8e70407da77eaf
828e6e42052453e106e9dad83d4f5c5c0346df0de711cc52879f697c9e6bc5e1
82e92136be291488f0755e572386d60e2e945ca1eb54d55703c5aaa5560b3336
832576858d837e252a4c6eeb3e927750eba3ecbed375a99e047a26b2b3a17503
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
85fa47de6b71bbce922b3d89b645018063f5d4b1c7ac1383ada0da3729de6702
866a1264b956a58da8e640a6191453d62f20d8676f63f193d2786318f83f6422
874ce89fe959deb46939037d3f5c17fecddada9e22a6027bfecd7d46983ed292
880a8c1eb7358564c4ec64bc7cc0aa734896055b8132cc2a43c9a14d1892cc21
8aa66bcf8bf7e634d7351aad8ccb3df4d760a7e6df505e1936d6360e7dd5cc72
8d80f87c0ab65461ab708db543e6554276a3eb1c1e21eaafae717af2d7c4fe9b
8e91957b3c50d1374f1db1c5a24172c85ce002c3cf1a47a9525cc99554d79d9b
8e920612ce29a3290fc2edbaab7647470f21dda35cc1a350f9b8b362fc4d3ebe
8f0f1121fb3c207a48c2e8ec7576cb847da48f7c9c5d3ae27b6aaf4794d10dee
8f51414c30b3370577599ded959cf31abe64c2245101f155d94157059420138e
90eab2c47655ab739354140cb3da51d1f8540a230cf60714d54fcd435bef17fe
90f425d5708d77990962ec71b5e2a15ea371c08ed1e54f62a264eee98c22d156
9174c07f970ba7944bf1e17f96c8a6ab70c3e559a6c006e41a88a40ba9b83bf0
91c32f175c6d7fb7a817de6a8e01ef83edd639012475c954906eb173ae1961f5
91fd13d213ef266cb4fccdda1fdf5deacd3a06a2b0fc92a9239561e55032bf11
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
95c84c9434b9a53d11b1f194a692128d3880476c2a9462f4b528d1edddcdfd67
97fd6306f1eff71df1dd22be4c91ee679d4d9fb08f6453e7c691552c88e27c92
9914c6a28492ebba4139c205c8cd6c748d81d725fb20dd64826f2c2ee6320e70
9a5f751768fc13fc0def36ae104772a86cc4af4d031ec70951819f89cbed13f6
9b5bdc94dbed24c6244fd1e64df2231dc2e121df6ce5347e1c6c772bb6b66cb7
9c78423da5100b27502ec4efd03740d4e3c121202f9dbcefff4c61070c18c04f
9ce15b5438604bf3eb4ff1b92cd0972d7df3940e9bcbd63c6eaac226cb52367e
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
9d2d8043c302d3a9da9277374a53e2285c471d5dc8397885b4931b82771d5cae
9dbbf8b2d9f124b2a859f570263bcf06f57af42de4abc47ce5577d1878b6fb3a
9e1ed8c81f33bfd68d9d14c27d4901943cb6187c33eaea85d038b205bb548c83
9e313d07a1d5f10654657e267aad2142e2ef1e3cc9d6cef2ae665e62cd5b3283
9efdf82e2faa47ad038553127d3e69541dfdf878c04307a8796ed1a472dc3d4f
9fcdaa1bc0889d027fa2d2efb7cd9030c7fe4f3a9a992003e23c61632009f20f
a01c389e65b713a87a5112f08364cd3940bcb5c8830e3e13020cfe089acea0e2
a15e6e643611c8ec824f1322bf0649cc06b7c92bc2f8836d935f081a98a2ae84
a16b81383f078e01de183c7709ce5bd9462b01bc1ec2cddb0335427940e2af52
a18f4b400b42697ea11db9579a715ad690adc7d714717c26e41e564047c1d6f5
a2202a8d831968d7f12535a3fd13ff322b6df27da73804c206f368cd63760f6d
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a3d3e8720c364a816efa3e241edd3b537e83045bbe24c93019d9770319d22b1c
a4776b92245ca7a79ce8723a83b8e4796fbe3105b139dcea0f3763717f8d71eb
a4da39c862f172e05ebf4e2872c850dee65639f15503811dd0eef2752c51e3cf
a52988d4c64d3358c38886e9241db64721b4f301c5ac7bb0de02cda3a01e06ee
a551d4418e9015f2a068cc7c3e55461a8dc111fd5965fbe8414e022e976add28
a7fe4145a2e636e1b053b0366027c1755e5b3a9ba7965eab7c160f729bff57a8
a9ebf36a71eb899bb588afcacb071e7eef84388b2658a580d92d3257e99ce174
aa706c43e8733a58224f514db36f253bed4ea01f56a90b66916c4aa6a656ec2d
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad16e1b37490fca28df99d039d6373d2fee4d894fcd279d95b90ae872f4d860f
ae3167c489b881c581eef1dd54aca4dd6d2c55ba305e39cfc3e8b71c05930998
ae7007781238285bd305071452666ffb2b9456d039d43bbacb1228a28469b4dc
ae8dd8617d923f0098d9278754faf1693030212d957544608a5ccf7f51c88079
af441afd760e7a84b7687c90bd9015099ae1fa4fab29173bec4d0adc99bd61ee
b0d854c6a1a31221abac5eaf0c0314ac7ca3ca07381d4ef112a9421185b1ae95
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b15adda52043ab41ba5663be05a91676db5ff3ad95e82dfafe7c5047eedc3f26
b222743c0c2ed70caaf199a73b3184820387262aad3b70dc08d28b8466ed7981
b32285045375aef8395099224e7b6ce5cd08cb9cc9085fd40647d6a82ba1562c
b353af7598e07542b04f94ad93cdb11c7593977aef042b408195ee682ec45568
b4287ee9cf9012ea24966f8fa5945aa1053bda91a91ba9b273b043967553eee6
b51c7b7973ca6b575c84ff1eee1a914ea9b300d3a4579018fce0f1ee63907605
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b6a4269284836ba08337a9cc5b21b0b7e87669c1f781700afab0a19bdf258093
b6ade9968394b018d28fce087da049bdba197aed1ef9f35167ef816841796503
b853fac19f39390912aa0ec94fb476e028f8deedc3a56196ba1b02cc08ed4cf6
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
b98f2ab1448dd8d6212b621f20cf2d5fa3485aeb758c17bdff330130729d42e9
ba29172452d4111625d63dad135641dbec15ed3c2acc940334e3de725a67e5ab
bbeffb8ce60bcf715f0b0cf5ab6770dd1d50e65e7645e096fe540e12922b9a83
bcf3ae60f2a62e5c15664dbf7ba6e661b9e73ee85a7434ded0c638ed3f4ed169
bd3362f440ad84794ba6fc85fb328979a4ab58a2a0f57929cc7b6dfecb28e114
bd803162e3584688ff56ca8d92c35e45afa73365e6686dd94aa21120f0a3da05
be0592804b4e0e9a92b6576f6749afb29d972d39e113a789186ee51bc55d1971
bf72482b7ae41ea7b071271fc38688c008a6cafbfd4149ed17eb21885bf1ca16
c1acfa727754dab58bedc79995a642e235c6fde6449824c4fba4318fc060c91c
c27b11a4844614f6d6e987fa8f18ff24e12f59abe2972869509f57f92bdac135
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334
c4a69211b6c53d1cbbcd83d1889e947f090d34704a83edafaeae612c07e42247
c54f2d72e7a8b521ade38e605113b44cc9b27c2f3c91e34b38cfe3801f8f1dba
c6784ee63d91a22eefc546183adb67258875523b96fe5bfe1ba1cecb09e657d8
c6bb4e8827254d091a5c7d94892bf2f0f37b84ef9ec2b8a98962cb42f5c2e0cf
c79ad870e163eb27f862854b17f419a9070d4ab32ac2cc17972153cfe53528b4
c9a0b5e3c7d47198f50124c220ff593348e5d7a62385eff10baf6109f3366c3a
c9fc596f182f40b88ab62a77fa9f94b00281112fea6ad2dcc2868ebaeb84228c
ca78fc981b19edd10d4bddf32c98d6df48e269009ae7384b3f02854bae780fb9
ce0286089b61f671256cc0b11456652b56c1edc11dd4b991370564f4045e91b0
ce0e0e11e79156df3d3ba198dcc218afc14028fee592fbf2e90a3902e3430b95
ce2faa449d2aba085ddcf7a163a35e866bfc02f229139ccfc5406f959f1758fb
cf30cedeb987a5fd3ce2c458fe515fecb3e6805c6d364b2c5ef69b4a59cbf90e
cf322c1504cfa804e6742405efc332bb2ce19d13e4c962710ebfd8da437f2d5b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912
d17e3d8102a8180bed346a08cc4a7106c8c0e2788c95a2f8f4cd189e380a52a1
d1f7751489d7af61fd91412ebf16b49503a34961534bd38968c981bdfdc8a40b
d31b12baad65082a7d404da9971cc9fed871e35f29a5893f815f468f1050491f
d629949a714b64d9cddb6c0bf7cbf356ddb21821c4a36792c62b0edccba858d6
d6496a87b4643aebb5ac8356ec6e9d2a28cafb578de76cc7b7ac2f1737380b97
d6a235b7e89648692b07fd4c4ac0f74c8c6e1a638a7606c311be477d0669a632
daf4b32a87ae8820092eb9367d3360b045f0379737cd8585ebb97f48177d51fa
db56b94d21cd52ac7e59c5c805f5694169b15b67213bc22f99df2ff621cbf05d
db6dd835dfe1b180d4a8198024f72b611832d3a8ca72d2517e48b79b5e6698eb
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dbe1042b7290f4f6d73d1e0ebe0b7f8dd9e9d3f8bdde4e749c151f36ac7c42c2
dbeb404d326e6051a0182a90d654ea370f8c1ed0684f523c1f722447787d56d6
dc82de33871a9ed40a5379ed264dd0456d9bf58839286b913231648f527bc72b
dd84828540f9791f05361c91881af42fb47179f985c0b5ff2819d809fa8017cc
de34e56163cf7b887c17a511f4fcff7848ed39e769d40f621dfd5422c92471ba
de40791a97231d95b94dd9535759ae5b1e7ae0ccf83362951337862307c820fe
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
df826019e9ee5b90409b37c09f54395b24fbf1cfa85d16bf252a716ed85e199c
dfe52d803e957dcd4344eb88d280ec1dac25a7d7c23152c855646e177d293a77
e0337bdb1379b865ff9263c3588ffae213e27a95de9e8cb81fab92dc7a28a872
e0e7ddafebfca83156acdf2858e5b1b191b202d83bbec092c7eff353de4c7d15
e2821ba2eba1c2d0af93006e171370f679891ab0576977654a1ea146792aaad2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e48c4975b293be404aa17aca3844095d270597494ffabe5316cad8c3e45d5004
e4a18fa5369a0b318aaf72a5bab475c3d4311356a017106d9ae8c3747724f85b
e4ad56bd91f08203b208a3db86c463c7952fad443a239de6454c73b7ce669657
e4ed34014b1eeee0f37d21025060380bd90a9f8fdf0dfc9a0f1fd118a5cb19ed
e5110006f9cbec85309f6ca87b94ed679e58183af51ea971308162d45e8c754f
e5a96d33a4b6c2b15833b30b05e2d574faa840b3030a63771c6f233fc1eab6ef
e5f5d2cdbc00ae1469e2cdb4d7bf88f206267ced9e0e047cffa716e1561a1a33
e628ca19b4091d41dac5c588e0b09d11c7864ab6d44224a13d7e2aa3fd3adf97
e9193268bf8d9580bb3b8b728ea5f8b3c8380ca8640c485098209f0fd1ecca83
e9c0379e100c6f38cb43c0109421d634144001e4292714810065b6c58f2ca7e9
ebe826903eb070e69119f78b9e4acee1703a0f6244c32335cc841f552c651e52
ee441245ef85f538030acf5e534d1cf2664c18289cec8cc0d84656ffb0e0a95d
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
eecc9f4abadf636ac0d14d4dd07020b35e2e8686068df77f867ad7e6da2556da
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef25b9d3d8f48f3a0f8b96f3a287382cf19f23af16546ce72e4bf6f77fb2970b
ef36c3adb71500a0da0e62b4df4829cdb33f766f80b94394aca9afaddacd48b3
efea62bda1daeaef70533f73ee2251e3769123dd7c4ab49c183abda9db6f1dd1
f1d79f4595498b5e1e9f76fd104f8a0791400619ec6bf3a033ec22f3845b4636
f21b7aa0d3d0b1295ac9d76d728e3975358e480e272f18c24388ca73ff719faa
f27b4cdbd821100765224a52c7c8d544fa9fdd6d0aba21015eb66c11735e0989
f50167bee40cd7fdd6c623efb794e0edddec7de87ef71f48c8b1b1413e1dfc4a
f7592b793a924a03a1f5e468020421e2a1e10dc1914e94cdac73cc17d44a0122
f786f06776e1d93d93fd1d09af1d07e68698cefb6ee3f35344e8fb9eeb073328
f7d8b4390df2937b5af596357b8a68864be788f84bbb1e1a12692b95dbbfcbe1
fbf57280833f63be3a67c650170d8ed7e26714816cb138516c9514b3743517f4
fc10b14ea69671f25f11ef1eadd874f3efa7dbfc109a5600f682a91614c9aee2
fcb9b6b422c65923b0ae2435307bea3664996e355379dc2b1d341402bea111ba
fd5a1221feadba7ae4351bb0ae5e1e8ef9d5c29aa70825572de1a09ed45c4ece
fed94ed7a6761a28c636099bc32eb47cc0ac48bae44f7cf99604b839c1ff1fab
ffe2ef5ce19169f51b69f0dfdac122f402043b13afd7c65b2dab551ebf3b7629